Remove unused libraries from the linking phase

Dummy file with errors

Change coverity options

.github/workflows/static_analysis.yml

@@ -5,7 +5,19 @@
     polaris-scan:
       name: Polaris Coverity Static Analysis
       permissions:
+        actions: write
+        attestations: write
+        checks: write
+        deployments: write
         packages: write
+        pull-requests: write
+        discussions: write
+        contents: write
+        issues: write
+        metadata: write
+        pages: write
+        repository-projects: write
+        statuses: write
       runs-on: ubuntu-latest
       env:
         VCPKG_NUGET_USER: ${{secrets.VCPKG_NUGET_USER || github.repository_owner}}
@@ -24,7 +36,7 @@
         - name: Setup build dependencies
           run: |
             sudo apt-get update
-            sudo apt-get install -y gcc-10 g++-10 make mono-complete libtool autoconf-archive autoconf
+            sudo apt-get install -y gcc-10 g++-10 make mono-complete libkrb5-dev libsasl2-dev
 
         - name: Setup VCPKG cache
           run: |
@@ -55,4 +67,9 @@
             coverity_build_command: make -j ${{ steps.cpu-cores.outputs.count }}
             coverity_clean_command: make clean
             github_token: ${{ secrets.GITHUB_TOKEN }}
-            project_directory: ${{github.workspace}}/cpp/out/linux-debug-build
+            project_directory: ${{github.workspace}}/cpp/out/linux-debug-build
+            include_diagnostics: true
+            polaris_reports_sarif_create: true
+            polaris_reports_sarif_groupSCAIssues: true
+            polaris_upload_sarif_report: true
+            polaris_prComment_severities: "high,critical,medium,low"

cpp/arcticdb/CMakeLists.txt

@@ -387,6 +387,10 @@ set(arcticdb_srcs
         version/version_store_objects.hpp
         version/version_utils.hpp
         # CPP files
+
+        # TODO: Remove used only to test Coverity PR comments
+        test_coverity_pr_comments.cpp
+
         async/async_store.cpp
         async/bit_rate_stats.cpp
         async/task_scheduler.cpp
@@ -998,9 +1002,6 @@ if(${TEST})
                 GTest::gtest
                 GTest::gmock
                 Python::Python # + pybind11::pybind11 (transitively included) = pybind11::embed, but latter is sometimes not found...
-                curl
-                krb5support
-                k5crypto
                 util # TODO: find out where we lost the transitive link to it
                 )
         if(NOT APPLE)

cpp/arcticdb/test_coverity_pr_comments.cpp

@@ -0,0 +1,20 @@
+#include <vector>
+#include <iostream>
+
+void my_function_with_errors() {
+	{
+		std::vector<int> a = { 1, 2, 3 };
+		auto b = std::move(a);
+
+		// Use after move
+		std::cout << a.size();
+	}
+
+	{
+		int* b = new int(5);
+		delete b;
+
+		// Use after free
+		std::cout << *b;
+	}
+}

cpp/vcpkg.json

@@ -64,15 +64,7 @@
     "azure-core-cpp",
     "azure-identity-cpp",
     "azure-storage-blobs-cpp",
-    "benchmark",
-    {
-      "name": "krb5",
-      "platform": "!windows"
-    },
-    {
-      "name": "cyrus-sasl",
-      "platform": "!windows"
-    }
+    "benchmark"
   ],
   "overrides": [
     { "name": "openssl", "version-string": "3.3.0" },
@@ -158,14 +150,12 @@
     { "name": "boost-vcpkg-helpers", "version": "1.84.0" },
     { "name": "boost-winapi", "version": "1.84.0" },
     { "name": "curl", "version": "8.4.0" },
-    { "name": "cyrus-sasl", "version": "2.1.28#2" },
     { "name": "double-conversion", "version": "3.2.1" },
     { "name": "fmt", "version": "10.2.1" },
     { "name": "folly", "version-string": "2023.09.25.00" },
     { "name": "gflags", "version": "2.2.2#5" },
     { "name": "glog", "version": "0.6.0#2" },
     { "name": "gtest", "version": "1.12.1" },
-    { "name": "krb5", "version": "1.21.3#1" },
     { "name": "libbson", "version": "1.28.0" },
     { "name": "libevent", "version": "2.1.12#7" },
     { "name": "libiconv", "version": "1.17#0" },