{"id":16073258,"url":"https://github.com/flast/cppcheck-sarif","last_synced_at":"2026-05-11T03:02:03.253Z","repository":{"id":244485330,"uuid":"812540204","full_name":"Flast/cppcheck-sarif","owner":"Flast","description":"Convert cppcheck xml report to SARIF","archived":false,"fork":false,"pushed_at":"2024-06-28T01:29:31.000Z","size":66,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-10T21:19:28.205Z","etag":null,"topics":["c","c-plus-plus","cplusplus","cpp","cppcheck","sarif","static-analysis"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Flast.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-06-09T07:26:48.000Z","updated_at":"2025-02-07T13:12:46.000Z","dependencies_parsed_at":null,"dependency_job_id":"b719105e-7a77-4b85-abfd-0cbd2d87b626","html_url":"https://github.com/Flast/cppcheck-sarif","commit_stats":null,"previous_names":["flast/cppcheck-sarif"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flast%2Fcppcheck-sarif","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flast%2Fcppcheck-sarif/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flast%2Fcppcheck-sarif/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Flast%2Fcppcheck-sarif/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Flast","download_url":"https://codeload.github.com/Flast/cppcheck-sarif/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247321391,"owners_count":20919984,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","c-plus-plus","cplusplus","cpp","cppcheck","sarif","static-analysis"],"created_at":"2024-10-09T08:05:22.915Z","updated_at":"2026-05-11T03:01:58.204Z","avatar_url":"https://github.com/Flast.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cppcheck-sarif\n\n[![Go Report Card](https://goreportcard.com/badge/github.com/Flast/cppcheck-sarif)](https://goreportcard.com/report/github.com/Flast/cppcheck-sarif)\n\ncppcheck-sarif is a converter which converts cppcheck xml report to Static Analysis Results Interchange Format (SARIF).\n\n## Build\n\n```sh\ngo build .\n```\n\n## Example usage\n\n```sh\ncppcheck --xml --output-file=report.xml .\ncppcheck-sarif -output report.sarif report.xml\n```\n\n### Use errorlist.xml instead of embedded one\n\n```sh\ncppcheck --errorlist \u003e errorlist.xml\ncppcheck --xml --output-file=report.xml .\ncppcheck-sarif -errorlist errorlist.xml -output report.sarif report.xml\n```\n\n## GitHub Action usage\n\n```yaml\nname: cppcheck\n\non:\n  push:\n    branches:\n      - master\n\njobs:\n  upload-sarif:\n    runs-on: ubuntu-24.04\n    permissions:\n      security-events: write\n      actions: read\n      contents: read\n    steps:\n      - uses: actions/checkout@v4\n\n      - run: |\n          sudo apt-get install -y cppcheck\n\n      - run: |\n          cppcheck --enable=all --xml --output-file=report.xml .\n\n      - uses: Flast/cppcheck-sarif@v2\n        with:\n          input: report.xml\n          output: report.sarif\n\n      - uses: github/codeql-action/upload-sarif@v3\n        with:\n          sarif_file: report.sarif\n          category: cppcheck\n```\n\n## References\n\n- https://trac.cppcheck.net/ticket/9972\n- https://github.com/danmar/cppcheck/pull/4651\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflast%2Fcppcheck-sarif","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fflast%2Fcppcheck-sarif","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fflast%2Fcppcheck-sarif/lists"}