CMake language support

[ligurio]

Is your feature request related to a problem? Please describe.

I want to use semgrep to find any problems in CMake files. There is no good and supported static analyzer for CMake,
(see section "Describe alternatives you've considered" below), so I want to create semgrep rules for CMake on my own and use them in CMake projects.

CMake is the most popular build systems in C/C++ projects (sources: ¹²):

C:

C++:

Describe the solution you'd like

Running Semgrep with rules for CMake declarative language and detect errors and mistakes by Semgrep custom rules.

Describe alternatives you've considered

• grep
• code review (time-consuming and error-prone)
• cmake-lint (adandoned)
• cmake-format (abandoned), rules
• polysquare-cmake-linter (abandoned)

Use case

It will be easier to add rules for static analysis of CMake files.

Additional context

• Feature Request: CMake autoformatter and linter, https://gitlab.kitware.com/cmake/cmake/-/issues/17441
• add support for Makefile, add support for Makefile #8087

Footnotes

1. https://www.jetbrains.com/lp/devecosystem-2023/c/ ↩

2. https://www.jetbrains.com/lp/devecosystem-2023/cpp/ ↩

[aryx]

I see https://github.com/uyha/tree-sitter-cmake
and https://github.com/Symbitic/tree-sitter-cmake
which could be good candidates to use to add support for cmake in semgrep.

[aryx]

Oh actually the second one above is to a project to build tree-sitter using cmake, so not relevant for this issue.
But I guess we still have the first one https://github.com/uyha/tree-sitter-cmake as a good starting point.