Migrate from code climate to QLTY (#178)

soumeh01 · web-flow · commit a5e4288dcf4e · 2025-06-02T12:44:53.000+02:00
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -222,11 +222,9 @@ jobs:
         run: |
           make coverage-check
 
-      - name: Publish coverage report to Code Climate
-        uses: paambaati/codeclimate-action@f429536ee076d758a24705203199548125a28ca7 # v9.0.0
-        env:
-          CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
-        with:
-          debug: true
-          coverageLocations: ./cover.out:gocov
-          prefix: github.com/open-cmsis-pack/generator-bridge
+      - name: Publish coverage report to QLTY
+        uses: qltysh/qlty-action/coverage@f13b3559771beedd11e68b03d49512f3c21a75ba # v1
+        with:
+          token: ${{ secrets.QLTY_COVERAGE_TOKEN }}
+          files: ./cover.out
+          strip-prefix: github.com/open-cmsis-pack/generator-bridge
diff --git a/.qlty/qlty.toml b/.qlty/qlty.toml
@@ -0,0 +1,74 @@
+# Configuration version for compatibility with the tool
+config_version = "0"
+
+# Glob patterns to exclude from analysis (e.g., build artifacts and dependencies)
+exclude_patterns = [
+    "scripts/**",
+    ".github/**",
+    "testdata/**",
+    "**/*_test.go"
+]
+
+# Glob patterns to identify test files
+test_patterns = [
+    "**/*_test.go"         # Match go test files
+]
+
+# === Smells Configuration ===
+# Controls how detected code smells are reported
+[smells]
+mode = "comment"          # Adds comments in code or PRs to report smells
+
+# === Source Configuration ===
+# Defines a code source for analysis
+[[source]]
+name = "default"          # Name of the source
+default = true            # Marks this as the default source to scan
+
+# === Individual Code Smell Toggles ===
+# Enables or disables detection of specific code smells
+
+[smells.similar_code]
+enabled = true            # Detects similar (but not identical) code blocks
+
+[smells.duplication]
+enabled = true            # Detects duplication of code blocks
+
+[smells.identical_code]
+enabled = true            # Detects exact duplicate code blocks
+
+[smells.function_parameters]
+enabled = false           # Flags functions with too many parameters
+
+[smells.nested_control_flow]
+enabled = false           # Would flag deeply nested control flow (e.g., many if/else)
+
+[smells.file_complexity]
+enabled = false           # Would flag files with high overall complexity
+
+[smells.function_complexity]
+enabled = false           # Would flag individual functions that are too complex
+
+[smells.return_statements]
+enabled = false           # Would flag functions with multiple return paths
+
+[smells.boolean_logic]
+enabled = false           # Detects overly complex or nested boolean logic
+
+# === Plugins Section ===
+# Each plugin performs a specific type of analysis or linting
+
+[[plugin]]
+name = "actionlint"       # Validates GitHub Actions workflows
+
+[[plugin]]
+name = "osv-scanner"      # Scans for known vulnerabilities using OSV database
+
+[[plugin]]
+name = "ripgrep"          # Fast searching for pattern matching in codebase
+
+[[plugin]]
+name = "trivy"            # Scans for vulnerabilities in containers and dependencies
+
+[[plugin]]
+name = "trufflehog"       # Detects secrets and sensitive data in code
diff --git a/README.md b/README.md
@@ -3,8 +3,8 @@
 [![Markdown](https://github.com/Open-CMSIS-Pack/generator-bridge/actions/workflows/markdown.yml/badge.svg)](https://github.com/Open-CMSIS-Pack/generator-bridge/actions/workflows/markdown.yml)
 [![TPIP](https://github.com/Open-CMSIS-Pack/generator-bridge/actions/workflows/tpip-check.yml/badge.svg)](https://github.com/Open-CMSIS-Pack/generator-bridge/actions/workflows/tpip-check.yml)
 
-[![Maintainability](https://api.codeclimate.com/v1/badges/34a60fa31d662d3a1c9a/maintainability)](https://codeclimate.com/github/Open-CMSIS-Pack/generator-bridge/maintainability)
-[![Test Coverage](https://api.codeclimate.com/v1/badges/34a60fa31d662d3a1c9a/test_coverage)](https://codeclimate.com/github/Open-CMSIS-Pack/generator-bridge/test_coverage)
+[![Maintainability](https://qlty.sh/badges/b857d2f6-41ee-4e0a-85fd-5b0dbe9832ca/maintainability.svg)](https://qlty.sh/gh/Open-CMSIS-Pack/projects/generator-bridge)
+[![Test Coverage](https://qlty.sh/badges/b857d2f6-41ee-4e0a-85fd-5b0dbe9832ca/test_coverage.svg)](https://qlty.sh/gh/Open-CMSIS-Pack/projects/generator-bridge)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/Open-CMSIS-Pack/generator-bridge/badge)](https://securityscorecards.dev/viewer/?uri=github.com/Open-CMSIS-Pack/generator-bridge)
 
 # generator_bridge
