Versions Compared

Old Version 3

changes.mady.by.user Robert Andelin

Saved on

compared with

New Version Current

changes.mady.by.user Robert Andelin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space DTPDEVEL and version 2025.1

In this section:

Table of Contents
maxLevel2

...

  1. Choose Extension Designer from the DTP settings (gear icon) menu.
  2. Click the Services tab and expand the DTP Workflows services category. You can deploy assets under any service category you wish, but we recommend using the DTP Workflows category to match how Parasoft categorizes the assets. You can also click Add Category to create your own service category (see Working with Services for additional information).
    Image Modified 
  3. You can deploy the artifact to an existing service or add a new service. The number of artifacts deployed to a service affects the overall performance. See Extension Designer Best Practices for additional information. Choose an existing service and continue to step 5 or click Add Service.
  4. Specify a name for the service and click Confirm.
  5. The tabbed interface helps you keep artifacts organized within the service. Organizing your artifacts across one or more tabs does not affect the performance of the system. Click on a tab (or click the + icon to add a new tab) and choose Import from the vertical ellipses menu.
  6. Choose Local > Flows > Workflows > Security > CWE Compliance and click Import.
  7. Click anywhere in the open area to drop the artifact into the service. 
  8. Click Deploy and return to your DTP dashboard.
  9. Refresh your browser.

...

  1. Click Add Dashboard in the DTP toolbar and specify a name when prompted.
  2. (Optional) You can configure the default view for the dashboard by specifying the following information:
    • Choose the filter associated with your project from the Filter drop-down menu. A filter represents a set of run configurations that enabled custom views of the data stored in DTP. See Configuring Filters for additional information. 
    • Specify a range of time from the Period menu. 
    • Specify a range of builds from the Baseline Build and Target Build menus.
    Image Modified
  3. Enable Create dashboard from a template and choose one of the CWE templates from the associated menu.
  4. Click Create to finish adding the dashboard.

...

This widget shows how static analysis violations are concentrated according to their technical impact. 

Image Modified

Mouse over a leaf in the widget to view details. Click on a leaf to open the Violations Explorer filtered by the compliance category.

Manually Adding the CWE Widgets

You can manually add the After deploying the artifact, you can add CWE widgets to an existing a dashboard. See Adding Widgets for general instructions on how to add widgets to a dashboard. After deploying the artifact, widgets will appear See Adding Widgets for more information about this process. CWE widgets can be found in the CWE category.  

Image Removed

CWE Widget Configuration Settings

The following configurations are available:

Scroll Table Layout
widths30%,70%

...

The report includes data for the build ID and filter configured in the widget you clicked to access the report. The compliance status of the project is also determined by the compliance profile configuration specified in the widget you clicked to access the report (see CWE Widget Configuration Settings).

Image Modified

The report can show the following states:

...

The Weakness Detection Plan shows how Parasoft code analysis rules map to weaknesses. This report is populated with data from the selected compliance profile (see Models and Profiles). 

Image Modified

Deviation Report

The Deviation Report shows information about which violations have been suppressed in the project. See Suppressing Violations for information about suppressions in DTP. Refer to the documentation for your analysis tool to learn about in-code suppressions.

Image Removed

...

Click the Deviation Report link in the CWE Compliance report to open the Deviation Report.

The Deviation Report shows all guideline IDs and headers with deviations. You can click on the Violation ID to drill down into the Violations Explorer.

Build Audit Report

The Build Audit Report is native functionality in DTP. It shows an overview of code analysis violations, as well as test results and coverage information, associated with the build. This report also allows you to download an archive of the data, which is an artifact you can use to demonstrate compliance with CWE during a regulatory audit.

Image Modified

In order to download an archive, the build has to be locked. See Build Audit Report for additional details.

...