Is there a way to import, add, or edit sonar cfamily rules? Specifically, there are some issues that the Clang Static Analyzer finds (e.g. dead increment, array subscript is undefined, uninitialized argument value) which SonarQube does not. I see that SonarQube has similar rules, e.g. “Unused assignments should be removed” and “Variables should be initialized before use.” But, these do not flag all the same places in the code that Clang does – in fact they did not find any issues when running on SonarQube 8.3, SonarScanner 4.3.0.
I also see on the SonarQube documentation that C is not listed as supporting custom rules:
https://docs.sonarqube.org/latest/extend/adding-coding-rules/
What options are there for trying to get SonarQube to pick up the same bugs that Clang does? It would be helpful to run just one analyzer (SonarQube) for the full picture, as opposed to running both.