How to be MISRA compliant while using GitLab

Posted on


In this video, our own Mark Hermeling, VP of Global Solutions Engineering for CodeSecure, discusses achieving MISRA compliance while using GitLab. MISRA C/C++ is a coding standard for C and C++ code commonly used in automotive and functional safety applications. GitLab is a GitHub-based continuous integration, DevOps orchestration platform.

In this demonstration, the open-source project “cURL” is used due to its manageable size and highly tested nature. GitLab serves as the source code repository and collaboration platform, and CodeSecure CodeSonar is the SAST tool responsible for finding and managing MISRA compliance issues. The process involves

  • Marking warnings as “technical debt” to focus on resolving them gradually
  • Running CodeSonar on every merge request to ensure no new issues are introduced
  • Deal with warnings in a gradual, organized fashion
  • Tracking progress and reporting using the reporting capabilities of GitLab.

The key takeaway is that MISRA compliance can be attained through a combination of automation, organized debt reduction, and a focus on preventing regression, making it more manageable and less daunting for development teams.

Book a Demo

We’re ready to help you integrate SAST and SCA security into your DevSecOps flow. Get a personally guided tour of our solution offerings to ensure you are receiving the right solution for your development team. 

book now