cppcheck-codequality
Advanced tools
Convert a CppCheck XML report to a GitLab-compatible Code Quality JSON report.
I wanted reports from CppCheck to appear in GitLab Merge Requests as Code Quality reports, which is a JSON file defined by the Code Climate team/service.
That's all this does: convert CppCheck XML to Code Climate JSON.
It is primarily used as a console script. As such, ensure you have Python 3's "scripts" directory in your PATH variable.
For example, on Linux, that might be $HOME/.local/bin.
To test, try the --help or --version flags:
cppcheck-codequality --help
CppCheck already has a script to convert its XML report to HTML for easy human reading. See "Chapter 11 HTML Report" in the CppCheck Manual
This script follows that example and provides similar command-line options. A typical workflow might look like this:
# Generate CppCheck report as XML
cppcheck --xml --enable=warning,style,performance ./my_src_dir/ 2> cppcheck_out.xml
# Convert to a Code Climate JSON report
cppcheck-codequality --input-file cppcheck_out.xml --output-file cppcheck.json
If you wanted, you could invoke the script directly as a module, like this:
# Run as a module instead (note the underscore in the module name here)
python -m cppcheck_codequality --input-file=cppcheck_out.xml --output-file=cppcheck.json
Now, in your GitLab CI script, upload this file as a Code Quality report.
my-code-quality:
script:
- [...]
artifacts:
reports:
codequality: cppcheck.json
git commit -s) to indicate you agree to Developer Certificate of Origin (DCO) Version 1.1 https://developercertificate.org/Setup development environment.
sudo apt install pipx
pipx install poetry
poetry install
source ./venv/bin/activate
Format
black ./
Use Tox to run tests in all python environments available on your system.
poetry run tox -e clean
poetry run tox
CppCheck is an open-source project with a GPL v3.0 license.
"Code Climate" may be a registered trademark of Code Climate, Inc. which provides super-cool free and paid services to the developer community.
"GitLab" is a trademark of GitLab B.V.
All other trademarks belong to their respective owners.
FAQs
Convert a CppCheck XML report to a GitLab-compatible Code Quality JSON report.
We found that cppcheck-codequality demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Meet Socket at Black Hat & DEF CON 2025 for 1:1s, insider security talks at Allegiant Stadium, and a private dinner with top minds in software supply chain security.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.