PVS-Studio 7.39 has been released. This version brings the new features, and today we talk about them in this note.
The new PVS-Studio 7.39 release brings an update to the Java analyzer, which includes diagnostic rules from the OWASP Top Ten 2021. Now, the Java analyzer covers 9 out of 10 of its categories. This is a significant step toward the growth of PVS-Studio Java as a SAST solution.
You can find out how the diagnostic rules of C/C++, C#, and Java analyzers align with the OWASP Top Ten 2021 categories here.
PVS-Studio plugin for Visual Studio Code now supports running analysis in compilation monitoring mode on Windows.
The compilation monitoring system (PVS-Studio Compiler Monitoring, CLMonitoring) seamlessly integrates PVS-Studio's static analysis into any build system on Windows. The build system should use one of the preprocessors supported by the PVS-Studio.exe command-line analyzer for file compilation (Visual C++, GCC, Clang, Keil MDK ARM Compiler 5/6, or IAR C/C++ Compiler for ARM).
More details on the compilation monitoring mode in the VS Code plugin can be found in the documentation.
We also plan to support build tracing on Linux in Visual Studio Code in upcoming releases.
MISRA Compliance is a standard that assesses whether a project is compliant with MISRA C and/or MISRA C++, considering all deviations and re-categorizations. The new PVS-Studio release introduces support for generating MISRA Compliance reports for the new MISRA guideline versions supported by the analyzer.
To generate a report, use the PlogConverter.exe
utility (Windows) or plog-converter
(Linux and macOS). The report is an HTML page that's convenient for printing. Here's an example of a report when a project complies with MISRA C 2012:
For more details, please refer to the documentation.
We're also continuing to expand the C/C++ analyzer coverage for the MISRA C 2023 standard. We plan to finish the work by the end of this year. You can find out how PVS-Studio diagnostic rules align with MISRA C and MISRA C++ standards here.
Starting with this version, PVS-Studio for C# projects can analyze not only solutions in the .sln
format but also their lightweight versions in the .slnf
format.
Solution Filter files (.slnf
) enable working only with selected projects within a large solution, which boosts compilation and streamlines handling code fragments.
The .pvsconfig
configuration file is used to display and filter analyzer messages, as well as specify additional analysis settings.
In this release, we've added a mechanism for overriding higher-priority settings in diagnostic rule configuration files (.pvsconfig
).
More details can be found in the documentation.
These changes aren't backward compatible with earlier analyzer versions. You may need to adjust how you use the analyzer due to these changes.
Do you want to check a project with PVS-Studio? Then start from this page.
If you would like to get news on latest releases, subscribe to the PVS-Studio newsletter here.
0