Page History

...

Supported Languages

Refer to the Appendix section  section for a full list of supported languages.

...

• Integration with Your Build Tool
• Integration with CI
• Installing and Deploying the DTP Parasoft Security Bundle

Integration with Your Build Tool

...

Parasoft Jtest must be integrated into one of the following supported build systems to automate analysis and run tests:

• Integrating with Ant
• Integrating with Gradle
• Integrating with Maven

You can configure specific aspects of the analysis, such as which test configuration to execute, in the .properties file, in the build file, or both.

...

Parasoft dotTEST supports integration with MSBuild and NAnt, but a build system is not required to automate analysis. Although build system integration eases automation, you can use a script to launch dotTEST with a specific .properties file and command line switches to configure code analysis execution.

• Integrating with Build Systems

Building with C/C++test

A variety of build systems are available for C and C++ development, including Make, CMake, Bazel, Bitbake, custom scripts, etc. Parasoft provides flexible ways to integrate with both common and custom build systems.

• Running Static Analysis (C/C++test Standard)
• Creating a Project Using an Existing Build System (C/C++test Professional for Eclipse)
• Creating a Project Using an Existing Build System (C/C++test Professional for Visual Studio)

...

The plug-ins are available for Bamboo, Jenkins, TeamCity, and Azure DevOps (formerly Visual Studio Team Services) CI systems. You can download the code for each project from Parasoft's GitHub page.

Refer to the Parasoft Findings documentation for  for details on installation, configuration, and usage.

...

The Parasoft Security Bundle is a package of tools for your DTP infrastructure that provide visibility into your security compliance efforts. The Security Bundle contains configurations that align the findings sent to DTP with security guidelines. It also includes specialized reporting mechanisms that enable you to demonstrate compliance with guidelines for auditing purposes.

Refer to the Security Bundle documentation for  for installation instructions and other details. 

...

1. Developers check code out from source control.
2. The code is modified and analyzed locally with the scope of analysis limited to the local changes. Depending on your implementation, local analysis may run a limited set of checkers.
3. The code is checked into source control, triggering an automated build process.
4. The entire codebase is analyzed during the build process.
5. The results of the automated code analysis are sent to DTP.
   1. Depending on the implementation and business requirements, the CI process may or may not be gated. See See Implementing Gates|#_Implementing_Gates.
6. The results are processed in DTP, where the team lead can use the Violations Explorer view to manually review violations and put them into remediation workflows or automate the process using DTP Enterprise Pack extensions and/or the DTP REST API.
   1. You can optionally create tickets in a tracking system from DTP. See See Creating Tickets in External Systems (Optional)|#_Creating_Tickets_in.
7. Developers download the processed results ("findings") from DTP into their IDEs.
8. Developers remediate the defects and repeat the process until the code meets the compliance policy.

...