Qodana for C/C++

Qodana for C/C++ lets you analyze C and C++ projects containing compilation databases. This linter is based on the Clang-Tidy linter and works on the AMD64 and ARM64 architectures.

Qodana for C/C++ extends the existing Clang-Tidy inspections by supplying the Clang-Tidy and MISRA checks inspections provided by CLion.

Qodana for C/C++ is available under the Community, Ultimate, and Ultimate Plus licenses. However, the Clang-Tidy and MISRA checks inspections from CLion are available only under the Ultimate and Ultimate Plus licenses.

Supported features

The Qodana for C/C++ linter provides the following Qodana features:

Feature	Available under licenses
Baseline	Community, Ultimate and Ultimate Plus
Quality gate	Community, Ultimate and Ultimate Plus

How it works

The Docker image of Qodana for C/C++ employs Clang 16.0.0 and LLVM 16. You can see the Dockerfile for the detailed description of all software employed by the linter.

The linter searches for the compilation database file contained in the build/compile_commands.json file of the project directory and reads this file, analyzes the project, generates analysis reports, and saves them locally or uploads to Qodana Cloud.

Prepare the project

Make sure that Clang-Tidy is deployed on your system. If necessary, install it using the LLVM website.
Open the qodana.yaml file and use the include and exclude configuration options to configure the list of inspections. Alternatively, you can configure inspections in the .clang-tidy file, see the configuration example on the GitHub website. After configuring, save this file under the project root.
You can get the list of all available Clang-Tidy inspections using the following command:
clang-tidy -list-checks -checks="*"
./clang-tidy.exe -list-checks -checks="*"
To obtain the list of all inspections enabled in Clang-Tidy by default, you can run the following command:
clang-tidy -list-checks
./clang-tidy.exe -list-checks
Open the .clang-tidy file and configure the list of files and paths that will be analyzed by Qodana for C/C++.
If you already have the compile_commands.json file, you can also configure files and paths in this file.
Generate the compile_commands.json file as explained in the CLion documentation portal, and save it to the build directory under the project root.
If you use CMake, you can also generate a compilation database by specifying the following bootstrap option in the qodana.yaml file, for example:
bootstrap: mkdir -p build; cd build;cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .. || true
If your project requires specific packages not previously mentioned in the Dockerfile, add the following bootstrap command to your qodana.yaml file to install the required packages:
bootstrap: sudo apt-get update; sudo apt-get install -y <list of required packages> | rm -rf build; mkdir -p build; cd build;cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=ON .. || true

Run Qodana for C/C++

Run the following Docker command:

docker run \
   -v $(pwd):/data/project/ \
   -v $(pwd)/results/:/data/results/ \
   -e QODANA_TOKEN="<cloud-project-token>" \
   jetbrains/qodana-clang:2024.1-eap

The linter will read the build/compile_commands.json file and run the Clang-Tidy tool.

In this command, the QODANA_TOKEN variable refers to the project token that lets you upload inspection results to Qodana Cloud. If you omit the QODANA_TOKEN variable, the inspection results will be available in the qodana.sarif.json saved in the /results directory of your project root.

To override the location of a compilation command database, you can specify the location for the compile_commands.json file relatively to the project root, so the Docker command will look like:

docker run \
   -v $(pwd):/data/project/ \
   -v $(pwd)/results/:/data/results/ \
   -e QODANA_TOKEN="<cloud-project-token>" \
   jetbrains/qodana-clang:2024.1-eap \
   --compile-commands <path-to-compile_commands.json>

Last modified: 28 June 2024