danmar
Map MISRA severities
Context
When using the MISRA addon, a colleague found out the MISRA defects were all categorized as style by cppcheck.
We use the cppcheck_codequality script to convert the cppcheck xml results to the GitLab CodeQuality format. As a consequence, all the defect were flagged as Minor in GitLab UI, which is not ideal.
The MISRA rules are defined over 3 severities : advisory, required and mandatory. The goal of this PR is to map the MISRA severities with cppcheck ones. That way, defects are labeled with the appropriate priority and ordered correctly in the GitLab results
Use
By default, the severities are mapped this way :
| cppcheck | MISRA |
|---|---|
| style | advisory |
| warning | required |
| error | mandatory |
One can change this behavior with the --map-serverity CLI arguments :
python misra.py --rule-texts=misra-rules.txt --map-severity "style,warning,error" main.cpp.dump
or
{
"script": "misra.py",
"args": [
"--rule-texts=misra-rules.txt",
"--map-severity style,warning,error"
]
}
cppcheck --addon=misra.json main.cpp
Question
I have a question for cppcheck maintainers. In its current state, this PR would change the severity of some MISRA defects. It means some users might see a difference in their cppcheck MISRA analysis results after this PR is merged.
If this is a problem, my last commit (7a7a3ae8a14d15dfcb1df014be10e70c4f1d24a1) can be reverted and the PR would take effect only when setting --map-severity.
If this issue is considered as a bug, I think this PR can be left as is. Indeed, MISRA defects are not related to "style". Users will see a change in their results but could consider it as beneficial.
Would you rather have this PR fixing the MISRA severities by default or opt-in ?
PS: credits to my colleague Nicolas Couvreur for this PR.
I have a question for cppcheck maintainers. In its current state, this PR would change the severity of some MISRA defects.
I think it's an improvement to set the severity more properly. So I think we will allow this by default.
