Skip to content

SonarSource-Demos/vulnerable_cpp_example

This branch is 27 commits ahead of, 2 commits behind HishamParveezBavest/sonar_scanner_example:master.

Folders and files

NameName
Last commit message
Last commit date

Latest commit

88a95f1 · Apr 11, 2023

History

66 Commits
Mar 17, 2023
Feb 2, 2023
Nov 30, 2022
Apr 11, 2023
Nov 26, 2022
Mar 24, 2023
Mar 24, 2023
Apr 11, 2023
Mar 24, 2023
Mar 24, 2023
Feb 13, 2023
Nov 26, 2022
Nov 29, 2022
Nov 29, 2022
Nov 29, 2022
Nov 29, 2022
Nov 29, 2022
Mar 24, 2023
Mar 24, 2023
Nov 26, 2022
Mar 20, 2023
Nov 26, 2022
Apr 11, 2023
Apr 11, 2023
Feb 2, 2023
Feb 2, 2023
Nov 26, 2022

Repository files navigation

C++ example project scanned on SonarCloud using GitHub Actions

Build Status Quality Gate Status

This project is analysed on SonarCloud!

ℹ️
This simple example ignores analysis cache and multithreaded execution both of which can boost analysis significantly.

It is very easy to analyze a C, C++ and Objective-C project with SonarCloud and GitHub Actions:

  1. Create a sonar-project.properties file to store your configuration

  2. In your .github/workflows/build.yml file:

    1. Download the Sonar Scanner and Build Wrapper using SonarCloud C and C++ Github Action:

    2. Wrap your compilation with the Build Wrapper

    3. Run sonar-scanner as the final step

  3. Ensure that your token is stored as a secret in your repository (SONARCLOUD_TOKEN in this example project). You can request new tokens using Account/Security page.

You can take a look at the sonar-project.properties and build.yml to see it in practice.

Documentation

Windows\MSBuild

A build of the code repository on Windows platform using MSBuild build system.

To build the code run:

msbuild sonar_scanner_example.vcxproj

Code Description

An example of a flawed C++ code. The code repository is meant to be compiled with different build systems using different CI pipelines on Linux, MacOS, and Windows.

The code repository is forked into other repositories in this collection to add a specific build system, platform, and CI. The downstream repositories are analyzed either with SonarQube or SonarCloud.

You can find examples for:

Using the following build systems:

Running on the following CI services:

Configured for analysis on:

You can find also a few examples demonstrating:

See examples-structure.adoc for a description of the structure of this GitHub organization and the relations between its different repositories.

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C++ 91.6%
  • C 7.1%
  • Python 1.3%