CodeSonar® analyzes Java source code along with your C/C++ code

To flag defects and vulnerabilities in Java source code, CodeSonar works seamlessly with the interface for C and C++. Thus, it becomes possible to analyze code written in multiple languages and manage warnings in a single location.

The Java analysis of CodeSonar works in parallel with the popular open-source Java static analysis engines FindBugs™ and PMD, which are free of charge. CodeSonar imports automatically programming flaws find by FindBugs™ and PMD. Whereby developers benefit of CodeSonar´s superb warning management infrastructure and reporting.

Examined errors

• Bad Practices
• Concurrency Problems
• Internationalization Problems
• Performance Problems
• Programming Errors
• Security Vulnerabilities

Workflow Benefits

CodeSonar helps to handle warning reports in a streamlined and coordinated way. Warnings can be annotated or suppressed without modifying the code. Moreover the tool provides numerous workflow automation features, such as the automatic assignment of a warning to the responsible developer. Warnings generated by CodeSonar can be exported in XML or text format. Furthermore a Python API supports the integration of results calculated by other tools.

Metrics and Reporting

CodeSonar not only finds critical defects, it also provides information about code-level metrics and quality trends. To show trends and help manage development and testing efforts the defects are displayed by graphs. CodeSonar insert standard metrics, such as cyclomatic complexity and augment them by creating customised metrics.