Static analyzers continuously detect and report on dataflow problems, software defects, language implementation errors, inconsistencies, dangerous usage, coding standard violations, and security vulnerabilities.
QA-C/QA-C++ identifies software defects at the first stage in the development cycle. By catching bugs as they occur, the cost and effort needed to resolve them is significantly reduced.
C/C++ source code is analyzed and more than 1,700 potential problems are reported on. Static analysis with QA-C/QA-C++ automatically identifies dangerous structures, problems with reliability, maintainability and portability.
There are many problems, that are not classified as incorrect by ISO standards, but which can result in unpredictable software behavior.
Static analysis, with QA-C/QA-C++, identifies issues that are often easy for developers and compilers to miss. Automatically picking up these defects reduces the time developers spend manually solving problems that are not even technically mistakes.
Some constructs in the C language can cause vulnerabilities that expose applications to attack. Static analysis can help you to avoid these risks:
Comprehensive reporting helps you to find problems, showing where to take a closer look and identifying areas where the most work is needed.
Compliance Report
Identifies areas that need more work to attain a higher compliance level
Code Review Report
Useful for peer-review enabling design, optimization and meeting requirements
Metric Data Report
Provides an XML file as a source of quality metrics data
Suppression Report
Gives details of message diagnostics suppressed during analyis
By monitoring implementation defined language features and language extensions, QA-C/QA-C ++ ensures that code works constantly across different platforms and compilers.
The QA-C/QA-C++ Jenkins plugin makes it easy developers and teams to share and integrate their contributions.
QA-C can also be used with any other continuous integration tool using a comprehensive command line interface (QACLI).
For more information see Continuous Integration