In this demonstration, the open-source project “cURL” is used due to its manageable size and highly tested nature. GitLab serves as the source code repository and collaboration platform, and CodeSecure CodeSonar is the SAST tool responsible for finding and managing MISRA compliance issues. The process involves:
Marking warnings as “technical debt” to focus on resolving them gradually
Running CodeSonar on every merge request to ensure no new issues are introduced
Deal with warnings in a gradual, organized fashion
Tracking progress and reporting using the reporting capabilities of GitLab.
The key takeaway is that MISRA compliance can be attained through a combination of automation, organized debt reduction, and a focus on preventing regression, making it more manageable and less daunting for development teams