clang-tidy-sarif
| Crates.io | clang-tidy-sarif |
| lib.rs | clang-tidy-sarif |
| version | 0.6.6 |
| source | src |
| created_at | 2021-10-12 12:36:09.883376 |
| updated_at | 2024-09-02 03:26:26.196025 |
| description | Convert clang-tidy output to SARIF |
| homepage | https://psastras.github.io/sarif-rs/ |
| repository | https://github.com/psastras/sarif-rs |
| max_upload_size | |
| id | 463967 |
| size | 33,619 |
Paul Sastrasinh (psastras)
documentation
README
clang-tidy-sarif
This crate provides a command line tool to convert clang-tidy diagnostic
output into SARIF.
The latest documentation can be found here.
clang-tidy is a popular linter / static analysis tool for C++. More information can be found on the official page: https://clang.llvm.org/extra/clang-tidy/
SARIF or the Static Analysis Results Interchange Format is an industry standard format for the output of static analysis tools. More information can be found on the official website: https://sarifweb.azurewebsites.net/.
Installation
clang-tidy-sarif may be installed via cargo
cargo install clang-tidy-sarif
via cargo-binstall
cargo binstall clang-tidy-sarif
or downloaded directly from Github Releases
# make sure to adjust the target and version (you may also want to pin to a specific version)
curl -sSL https://github.com/psastras/sarif-rs/releases/download/clang-tidy-sarif-v0.6.6/clang-tidy-sarif-x86_64-unknown-linux-gnu -o clang-tidy-sarif
Fedora Linux
sudo dnf install <cli_name> # ex. cargo binstall clang-tidy-sarif
Nix
Through the nix cli,
nix --accept-flake-config profile install github:psastras/sarif-rs#clang-tidy-sarif
Usage
For most cases, simply run clang-tidy and pipe the results into
clang-tidy-sarif.
Example
clang-tidy -checks=cert-* -warnings-as-errors=* main.cpp -- | clang-tidy-sarif
If you are using Github Actions, SARIF is useful for integrating with Github Advanced Security (GHAS), which can show code alerts in the "Security" tab of your repository.
After uploading clang-tidy-sarif output to Github, clang-tidy diagnostics
are available in GHAS.
Example
on:
workflow_run:
workflows: ["main"]
branches: [main]
types: [completed]
name: sarif
jobs:
upload-sarif:
runs-on: ubuntu-latest
if: ${{ github.ref == 'refs/heads/main' }}
steps:
- uses: actions/checkout@v2
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: Swatinem/rust-cache@v1
- run: cargo install clang-tidy-sarif sarif-fmt
- run: clang-tidy -checks=cert-* -warnings-as-errors=* main.cpp -- | tee
results.sarif | sarif-fmt
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: results.sarif
License: MIT