Scanning C/C++ files in a Rust project

Hey all,

I’m using SonarQube Developer deployed via Docker container, with SonarScanner and no other plugins/extensions.

I have a Rust project that I’m attempting to scan. The project is 90% Rust, and I’ve successfully scanned everything except for 10-ish C/C++ files that are included with the project. These files are primarily examples and SDKs. After reading SQ documentation, it appears that, regardless of which option I choose (build wrapper or compilation database), I need to build a C/C++ project with a C compiler.

I’m on an ARM Mac, so I need to use the compilation database option. Regardless, all instructions for both options reference using C compilers, when this project is built with Cargo.

Is there a way to scan C/C++ files like this that are part of a larger non-C/C++ project?


Welcome to the community!

Per the docs

For a C/C++/Objective-C analysis to be accurate, the analyzer needs to understand how the code is meant to be compiled. Compilation options, like macro definitions and include directories, can have a huge impact on the generated code and consequently on the analysis results.

So compilation is required if you want to analyze these files, whether they’re the entire project or just a small subset of another project.



when this project is built with Cargo.

But cargo ultimately calls a C++ compiler like clang or gcc, right? Are you using the cxx-build crate?

Out of curiosity, I have tried on their demo project

build-wrapper-linux-x86-64 --out-dir bwrapper cargo build

And I can see indeed the call to clang++ is captured


The CFamily plugin you have in your SQ version should provide a working build-wrapper for ARM Mac. Can you give it a try, and wrap the call to cargo build? Make sure you do a clean build.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.