Hello everybody, I would like to help you guys use CppCheck in a simple, easy and effective way.
I want to let you know of a way you can use CppCheck to analyse your C or C++ code really easily without needing to set it up, install it or even run it.
Just a quick recap – for those who don’t know what CppCheck is, let me tell you that it is an excellent open-source tool developed by Daniel Marjamäki, and it can be found here: Cppcheck – A tool for static C/C++ code analysis (sourceforge.io). This tool runs a static analysis of your source code and finds potential issues with your code. There are different severities of issues, from design-like flaws to full-blown errors such as using an uninitialized pointer.
You can go to the CppCheck website to learn about the tool more deeply and learn how to install and set it up.
Why Use SoftaCheck to Run CppCheck?
If you would like to start using CppCheck and integrate it as part of your development process to routinely analyze your code every time you make changes to it, then you can learn how to do it yourself and spend the time and effort. Don’t get me wrong; it’s truly wonderful if you want to spend the time to do it yourself. However, not everybody can afford to spare the time necessary to do such setups. That’s where SoftaCheck comes into play.
SoftaCheck does all the heavy lifting for you and spares you from spending your precious time. SoftaCheck will automatically run CppCheck every time you make a commit to your GitHub repository and whenever you make a pull request. You will get a full report of all the warnings and errors detected by CppCheck and a code quality score from A to F.
CppCheck may also find issues that are not categorized as “warnings” or “errors” such as “style” issues, but we at SoftaCheck decided to focus on the major issues so SoftaCheck will only show you issues categorized as “warnings” or “errors.” You will get a code quality grade between A and F based on these errors. To learn about how this grade is calculated, please refer to the user manual here: https://novodes.atlassian.net/l/cp/bTXZ4BSW
How to Run CppCheck on Your Code Using SoftaCheck?
It’s very easy and straightforward. All you need to do is select your repository for analysis on the “Repositories View” page in the SoftaCheck web app and click on “Import”.
After the repository has been imported, it will appear on the left side under the list of “Imported repositories.”
Then the CppCheck analysis will automatically begin on that repository on the branch titled “main” or “master” (whichever is your main branch). The analysis typically takes a few minutes which is a bit longer than it would have been had you run it on your PC. It takes a bit more time because it runs in series with two other analyses on your code: Clang-Tidy and Doxygen. Clang-Tidy is another tool used to find bugs in your code, and Doxygen is used to create documentation automatically for your code. So once all tools have finished running on your code, you will get the final results on your “Issues” page.
Where Can You See the CppCheck Analysis Results?
You can see the analysis results of CppCheck run by SoftaCheck either on the SoftaCheck web app or on your GitHub repository. Let’s begin by seeing the analysis results on SoftaCheck.
Once you click on the repository of your choice in the list of imported repositories you will see the issues page of the repository.
You may scroll down and view all the issues and warnings detected by CppCheck. You can also select a specific error and escalate it as an issue on your GitHub repository to deal with it in an organized manner. Simply click on the “Create Issue” button to the right of the issue.
You can also choose to ignore issues that you think are irrelevant or not important to you. Simply click the “Ignore” button to the right of the issue.
Now let’s see how the issues appear on GitHub.
On GitHub, you will see the status results of each analysis done by SoftaCheck next to the commit ID or at the bottom of your pull request page. You can click on “Details” next to the status to see the details of the analysis including the issues found by CppCheck.
By default, clicking on “Details” will open the issues view on the SoftaCheck web app. However, it is possible to view the issues directly within GitHub itself without being redirected to the SoftaCheck web app. This can be done by going to the settings page of your repository on SoftaCheck and enabling SoftaCheck annotations on your GitHub repository.
Once you do this, the next time an analysis is made by SoftaCheck on your repository, you will be able to view the analysis results within GitHub. Try this by simply clicking on the “Details” of the analysis again, and you will see the following:
Settings of CppCheck on SoftaCheck
SoftaCheck uses another tool that analyses your code called Clang-Tidy. By default, both tools are set to analyze your code, but you can choose to have just CppCheck run if you wish in the settings page of your repository on SoftaCheck.