From b557abc66a83bad4a577f756a1e2f8d42f07684c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Sat, 31 Aug 2024 14:34:10 +0200 Subject: [PATCH] manual-premium.md: merge changes in manual.md into the premium manual. [ci skip] --- man/manual-premium.md | 39 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 38 insertions(+), 1 deletion(-) diff --git a/man/manual-premium.md b/man/manual-premium.md index 1b73d1990cb..7da885e7026 100644 --- a/man/manual-premium.md +++ b/man/manual-premium.md @@ -701,6 +701,10 @@ this attribute is only used when the error message is inconclusive CWE ID for the problem; note that this attribute is only used when the CWE ID for the message is known +**remark** + +Optional attribute. The related remark/justification from a remark comment. + ## The `` element All locations related to an error are listed with `` elements. The primary location is listed first. @@ -847,6 +851,10 @@ The warning message Warning id +**{remark}** + +The remark text if a remark comment has been provided + **{code}** The real code @@ -899,6 +907,35 @@ Newline Carriage return +# Justifications for warnings in the report + +You can add remark comments in the source code that justify why there is a warning/violation. + +Such a remark comment shall: + * start with REMARK. + * can either be added above the source code that generates the warning, or after the code on the same line. + +Example code: + + void foo(void) { + // REMARK Initialize x with 0 + int x = 0; + } + +In Cppcheck text output the remarks are not shown by default, you can use `--template` option `{remark}` to show remarks: + + $ ./cppcheck --enable=style --template="{file}:{line}: {message} [{id}]\\n{remark}" test1.c + Checking test1.c ... + test1.c:4: Variable 'x' is assigned a value that is never used. [unreadVariable] + Initialize x with 0 + +In xml output the comment text is provided in a "remark" attribute: + + $ ./cppcheck --enable=style --xml test1.c + .... + remark="Initialize x with 0" + .... + # Addons Addons are scripts that analyse Cppcheck dump files to check compatibility with secure coding standards and to locate issues. @@ -911,7 +948,7 @@ Cppcheck is distributed with a few addons which are listed below. [misra.py](https://github.com/danmar/cppcheck/blob/main/addons/misra.py) is used to verify compliance with MISRA C 2012, a proprietary set of guidelines to avoid questionable code, developed for embedded systems. -The full list of supported rules is available on: [https://files.cppchecksolutions.com/misrac2012.html](https://files.cppchecksolutions.com/misrac2012.html) +The full list of supported rules is available on: [https://files.cppchecksolutions.com/misrac2023.html](https://files.cppchecksolutions.com/misrac2023.html) ### y2038.py