optimized supressions

FScholPer · FScholPer · commit 7f950469ac2c · 2025-12-12T15:19:43.000+01:00
diff --git a/.github/codeql/codeql-config.yml b/.github/codeql/codeql-config.yml
@@ -0,0 +1,11 @@
+name: "Custom CodeQL Configuration for MISRA"
+
+queries:
+  - uses: codeql/cpp-queries
+  - uses: codeql/misra-cpp-coding-standards
+
+paths-ignore:
+  - "**/*test*"
+  - "**/*mock*"
+  - "**/test/**"
+  - "**/mock/**"
diff --git a/.github/codeql/coding-standards.yml b/.github/codeql/coding-standards.yml
@@ -0,0 +1,3 @@
+deviations: []
+guideline-recategorizations: []
+deviation-permits: []
diff --git a/.github/workflows/codeql-multiple-repo-scan.yml b/.github/workflows/codeql-multiple-repo-scan.yml
@@ -36,6 +36,19 @@ jobs:
     - name: Checkout central repository
       uses: actions/checkout@v4
 
+    - name: Checkout CodeQL Coding Standards scripts
+      uses: actions/checkout@v4
+      with:
+        repository: github/codeql-coding-standards
+        path: codeql-coding-standards-repo # Klonen in diesen Ordner
+        ref: main # Oder eine spezifische Release-Version, z.B. 'v2.53.0-dev'
+
+    # Add coding standard packages and dependencies
+    - name: Install Python dependencies for Coding Standards scripts
+      run: |
+        python3 -m pip install --upgrade pip
+        pip3 install pyyaml jsonpath-ng jsonschema jsonpatch jsonpointer pytest
+
     - name: Parse known_good.json and create repos.json
       id: parse-repos
       run: |
@@ -141,6 +154,7 @@ jobs:
         languages: cpp
         build-mode: none
         packs: codeql/misra-cpp-coding-standards
+        config-file: ./.github/codeql/codeql-config.yml
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v4
@@ -149,6 +163,22 @@ jobs:
         output: sarif-results/
         category: "multi-repo-scan"
 
+    - name: Recategorize Guidelines
+      if: always()
+      run: | 
+        RECATEGORIZE_SCRIPT="codeql-coding-standards-repo/scripts/guideline_recategorization/recategorize.py"
+        CODING_STANDARDS_CONFIG="./.github/codeql/coding-standards.yml"
+        mkdir -p sarif-results-recategorized
+        for sarif_file in sarif-results/*.sarif; do
+           echo "Processing $sarif_file for recategorization..."
+          python3.9 "$RECATEGORIZE_SCRIPT" \
+            coding_standards_config_file "$CODING_STANDARDS_CONFIG" \
+            sarif_in "$sarif_file" \
+            sarif_out "sarif-results-recategorized/$(basename "$sarif_file")"
+        done
+        rm -rf sarif-results/*
+        mv sarif-results-recategorized/* sarif-results/
+
     - name: Upload SARIF results as artifact
       uses: actions/upload-artifact@v4
       with:

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+deviations: []`
	`2`	`+guideline-recategorizations: []`
	`3`	`+deviation-permits: []`