Scan C++ without building?


Is there a way to scan source C++ code without first building it? I am trying to run the scanner from the command line and it keeps failing due to needing the build wrapper. Is there any way to bypass the build wrapper? This program is very large (millions of lines of code) and might not be able to compile/build on my machine. I would just like to perform a static analyses from the command line. Thanks.

p.s. By the way I have the developer edition version 8.2.

Hi Benjamin,

Use of the build-wrapper is mandatory in order to analyze code properly. We need to be able to determine compiler options used, header files included, etc. in order to provide complete and accurate results.

We generally encourage customers to analyze code on a build/CI system that is appropriately scaled to be able to handle a full build + the minimal overhead of our analysis. If instead you’re looking for on-the-fly results appropriate to a developer working on individual areas within a project, you might consider SonarLint, which will analyze the C family of languages within your IDE if you’re using Eclipse CDT or Visual Studio. It can connect with your SonarQube Developer Edition and synchronize with the analyzer settings & quality profile used for consistent results.

Hope this helps,

1 Like