Migrate from code climate to QLTY (#77)

Author: soumeh01

.codeclimate.yml

@@ -216,11 +216,9 @@ jobs:
         run: |
           make coverage-check
 
-      - name: Publish coverage report to Code Climate
-        uses: paambaati/codeclimate-action@f429536ee076d758a24705203199548125a28ca7 # v9.0.0
-        env:
-          CC_TEST_REPORTER_ID: ${{ secrets.CC_TEST_REPORTER_ID }}
-        with:
-          debug: true
-          coverageLocations: ./build/cover.out:gocov
-          prefix: github.com/open-cmsis-pack/vidx2pidx
+      - name: Publish coverage report to QLTY
+        uses: qltysh/qlty-action/coverage@f13b3559771beedd11e68b03d49512f3c21a75ba # v1
+        with:
+          token: ${{ secrets.QLTY_COVERAGE_TOKEN }}
+          files: ./build/cover.out
+          strip-prefix: github.com/open-cmsis-pack/vidx2pidx

.github/workflows/test.yml

@@ -0,0 +1,74 @@
+# Configuration version for compatibility with the tool
+config_version = "0"
+
+# Glob patterns to exclude from analysis (e.g., build artifacts and dependencies)
+exclude_patterns = [
+    "scripts/**",
+    ".github/**",
+    "test/**",
+    "**/*_test.go"
+]
+
+# Glob patterns to identify test files
+test_patterns = [
+    "**/*_test.go"         # Match go test files
+]
+
+# === Smells Configuration ===
+# Controls how detected code smells are reported
+[smells]
+mode = "comment"          # Adds comments in code or PRs to report smells
+
+# === Source Configuration ===
+# Defines a code source for analysis
+[[source]]
+name = "default"          # Name of the source
+default = true            # Marks this as the default source to scan
+
+# === Individual Code Smell Toggles ===
+# Enables or disables detection of specific code smells
+
+[smells.similar_code]
+enabled = true            # Detects similar (but not identical) code blocks
+
+[smells.duplication]
+enabled = true            # Detects duplication of code blocks
+
+[smells.identical_code]
+enabled = true            # Detects exact duplicate code blocks
+
+[smells.function_parameters]
+enabled = false           # Flags functions with too many parameters
+
+[smells.nested_control_flow]
+enabled = false           # Would flag deeply nested control flow (e.g., many if/else)
+
+[smells.file_complexity]
+enabled = false           # Would flag files with high overall complexity
+
+[smells.function_complexity]
+enabled = false           # Would flag individual functions that are too complex
+
+[smells.return_statements]
+enabled = false           # Would flag functions with multiple return paths
+
+[smells.boolean_logic]
+enabled = false           # Detects overly complex or nested boolean logic
+
+# === Plugins Section ===
+# Each plugin performs a specific type of analysis or linting
+
+[[plugin]]
+name = "actionlint"       # Validates GitHub Actions workflows
+
+[[plugin]]
+name = "osv-scanner"      # Scans for known vulnerabilities using OSV database
+
+[[plugin]]
+name = "ripgrep"          # Fast searching for pattern matching in codebase
+
+[[plugin]]
+name = "trivy"            # Scans for vulnerabilities in containers and dependencies
+
+[[plugin]]
+name = "trufflehog"       # Detects secrets and sensitive data in code

.qlty/qlty.toml

@@ -4,8 +4,8 @@
 [![Go Report Card](https://goreportcard.com/badge/github.com/open-cmsis-pack/vidx2pidx)](https://goreportcard.com/report/github.com/open-cmsis-pack/vidx2pidx)
 [![GoDoc](https://godoc.org/github.com/open-cmsis-pack/vidx2pidx?status.svg)](https://godoc.org/github.com/open-cmsis-pack/vidx2pidx)
 
-[![Maintainability](https://api.codeclimate.com/v1/badges/b97b1ecaad39a763ceca/maintainability)](https://codeclimate.com/github/Open-CMSIS-Pack/vidx2pidx/maintainability)
-[![Test Coverage](https://api.codeclimate.com/v1/badges/b97b1ecaad39a763ceca/test_coverage)](https://codeclimate.com/github/Open-CMSIS-Pack/vidx2pidx/test_coverage)
+[![Maintainability](https://qlty.sh/badges/bcdfb931-e2dc-4d84-b248-52e0f053f30c/maintainability.svg)](https://qlty.sh/gh/Open-CMSIS-Pack/projects/vidx2pidx)
+[![Test Coverage](https://qlty.sh/badges/bcdfb931-e2dc-4d84-b248-52e0f053f30c/test_coverage.svg)](https://qlty.sh/gh/Open-CMSIS-Pack/projects/vidx2pidx)
 [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/Open-CMSIS-Pack/vidx2pidx/badge)](https://securityscorecards.dev/viewer/?uri=github.com/Open-CMSIS-Pack/vidx2pidx)
 
 # vidx2pidx: Open-CMSIS-Pack Package Index Generator Tool