to the top
close form
To get a trial key
fill out the form below
Team license
Enterprise license
** By clicking this button you agree to our Privacy Policy statement

close form
Request our prices
New License
License Renewal
--Select currency--
USD
EUR
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS-Studio license for Microsoft MVP specialists
** By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
** By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
** By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

>
>
PVS-Studio 7.22: Visual Studio Code, Qt…

PVS-Studio 7.22: Visual Studio Code, Qt Creator, .NET 7

Dec 16 2022

PVS-Studio 7.22 has been released. It includes plugins for Visual Studio Code and Qt Creator, support of .NET 7 projects analysis, enhanced Best Warnings filter and new diagnostic rules. Learn more information on the release in this short note.

1016_Release_7_22/image1.png

Plugins for Visual Studio Code and Qt Creator

New plugins provide even more options for cross-platform work. Now you can use them to work with logs: view warnings, filter them, sort them in a grid, etc. You can't run the analysis yet — we plan to add this feature in future releases.

This is how the plugin for Visual Studio Code looks like (the screenshot is clickable):

1016_Release_7_22/image2.png

And here is the plugin for Qt Creator (the screenshot is also clickable):

1016_Release_7_22/image4.png

The documentation on the new plugins can be found on the following pages:

Support of Blazor components analysis, C# 11, and .NET 7

In this case, pretty much everything is evident from the title. The C# analyzer on Linux and macOS now works on .NET 7 as well.

Let us clarify a couple of things regarding Blazor components: PVS-Studio now checks @code blocks in .razor files. We're going to write an article exploring this topic in more details.

Enhanced Best Warnings mechanism

Best Warnings is a mechanism that selects the analyzer's most interesting warnings. It's particularly useful when you try PVS-Studio for the first time, as it helps you see in one click the most interesting issues the analyzer has detected.

There are several Best Warnings updates in this release at once:

1. We've modified the filter interface. The "Best Warnings" button is now easier to find — you can see it on the main panel of the PVS-Studio main window (the screenshot is clickable):

1016_Release_7_22/image6.png

If needed, you can hide the filter button through the settings (the "Show Best Warnings Button" option).

2. We've adjusted the "weights" of diagnostics and selection algorithms. This should make the list of warnings more interesting.

3. We've integrated the filter into several more IDEs. Previously, the Best Warnings mechanism was only available in the Visual Studio plugin. Now, in addition to VS, the filter can be used in the "C and C++ Compiler Monitoring UI" utility, as well as in plugins for IntelliJ IDEA, Rider, CLion.

See the updated Best Warnings documentation on this page.

New diagnostic rules

C, C++

  • V836. Decreased performance. Unnecessary copying is detected when declaring a variable. Consider declaring the variable as a reference.
  • V2018. Cast should not remove 'const' qualifier from the type that is pointed to by a pointer or a reference.
  • V2019. Cast should not remove 'volatile' qualifier from the type that is pointed to by a pointer or a reference.

C#

  • V3183. Code formatting implies that the statement should not be a part of the 'then' branch that belongs to the preceding 'if' statement.
  • V5626. OWASP. Possible ReDoS vulnerability. Potentially tainted data is processed by regular expression that contains an unsafe pattern.
  • V5627. OWASP. Possible NoSQL injection. Potentially tainted data is used to create query.
  • V5628. OWASP. Possible Zip Slip vulnerability. Potentially tainted data is used in the path to extract the file.

Articles

For those who code in C++:

For those who code in C#:

Other:

**

You can download PVS-Studio 7.22 here.

Subscribe to the PVS-Studio newsletter to receive the PVS-Studio press releases by email.

Comments (0)

Next comments next comments
close comment form
Unicorn with delicious cookie
Our website uses cookies to enhance your browsing experience.
Accept