Coverity Static Analysis - Synopsys

Coverity

? AppSec

?

? /

?

? e e CWE

Coverity? Coverity e Coverity CI/CD Coverity SaaS Polaris Coverity 22 70

Coverity web IaCInfrastructureas-Code Rapid Scan Coverity Rapid Scan CI Rapid Scan Rapid Scan Code SightTM Git IaC API API Rapid Scan SARIFJSON GitHub Actions GitLab CI GitHub Actions Rapid Scan

? Code SightTM IDE IDE Coverity CWE IDE

? Coverity Point and Scan IaC Coverity CLI

| | 1

Coverity on Polaris SDLC ? API

?

OWASP Top 10CWE Top 25PCI DSS ?

PDF Coverity C/C++ MISRA?CERT C/C++CERT JavaDISA STIGISO 26262ISO/IEC TS 17961AUTOSAR? NVIDIA CUDA C++ Coverity Qualification Kit(Q-Kit) Coverity

? Polaris Coverity

? Polaris URL CLICI

? Polaris Coverity

SDLC

? Code Sight Visual StudioEclipseIntelliJWebStormPyCharmPhpStormRubyMine Web

? Coverity IDEVisual StudioVisual Studio CodeEclipseIntelliJRubyMineWind River Workbench Android Studio SCMJiraBugzilla CI JenkinsAzure DevOps ALM

? REST API ? Polaris Coverity

? REST API / Polaris

? OWASP Top 10CWE Top 25

? 5

? CWE /

Coverity Extend SDKSDK Coverity CodeXM

| | 2

Coverity |

? Apex ? C/C++* ? C#* ? CUDA ? Java*# ? JavaScript*#

? PHP*# ? Python* ? .NET Core ? ? Objective-C/C++* ? Go

? JSP ? Ruby* ? Swift*# ? Fortran ? Scala ?

? iOS ? Android ? TypeScript*# ? Kotlin

* Coverity Point and Scan Coverity CLI # Rapid Scan

IaC

? Terraform ? AWS CloudFormation ? Kubernetes

? Helm ? ELK

? JSON

? YAML ? HCL (Terraform) ? HTML ? XML ? plist

? Coverity Connect AWSAzure GCP ? DockerKubernetes

? TOML ? Properties ? Vue ? JSX ? TSX

Coverity JavaJavaScriptC# 70 Coverity AWS EC2S3DynamoDB IAM Google Cloud Storage API GCP JavaScript API

Java

? Android SDK ? Apache Shiro ? Axis ? DWR ? Enterprise Java Beans (EJBs) ? GWT ? Hibernate ? iBatis ? Java ? Java Persistence API (JPA) ? Javax.websocket ? JAX RS ? JAX WS ? JEE ? JSF/Facelets ? JSP and JSP Standard Tag

Library (JSTL) ? ReactiveX (RxJava, Reactor) ? Restlet ? Spring Boot ? Spring Framework ? Struts ? Terasoluna ? Tiles ? Vert.x ? WS XML-RPC

C#

? Core MVC/ MVC

? Core Web API ? ASMX Web Services ? Web Forms ? Identity Server ? MassTransit ? Razor templates ? WCF Services

JavaScript/TypeScript

? Angular ? Angular JS ? Apache Cordova ? Backbone ? Bootstrap ? Ember ? HTML5 DOM APIs/Ajax ? jQuery ? Mithril ? React/ Preact ? React Native ? Socket.IO ? Swig ? Vue

? Angular server-side rendering

(Express and Hapi engines) ? Express ? Fastify ? Hapi ? Koa ? Mean.io ? Node ? Passport ? React server-side rendering

(Next.js) ? Restify ? SAP XS Classic and Advanced ? Socket.IO ? Vue server-side rendering

? Consolidate ? doT.js ? EJS ? Handlebars ? Hogan ? Jade ? koa-views ? Lodash (templating) ? Marko ? Mustache

? Nunjucks ? Pug ? Swig ? Twig ? Underscore (templating) ? Vision ? Axios ? Google Cloud APIs (Storage) ? Mongoose / MongoDB ? Request ? Sequelize ? Sqlx ? Swashbuckle ? Underscore / Lodash

GO

? Echo

PHP

? Symfony

Python

? Flask ? Django

| | 3

Ruby

? Ruby on Rails

Rapid Scan IaC

? Android ? Apache Cordova ? Apache Kafka ? Apache Struts ? Apache Zookeeper ? Apollo GraphQL ? AWS CloudFormation ? Consul ? Express ? Grails? ? GraphQL ? Istio ? Jakarta Server Faces ? Java/Jakarta EE ? Kubernetes ? MyBatis ? Node.js ? OpenAPI ? Postman ? RabbitMQ ? React ? Socket.IO ? Spring ? Terraform ? Vue.js

? Windows ? Linux ? Mac OS X ? Solaris ? AIX ? FreeBSD

SDLC

? TI Code Composer

SCM

? AccuRev ? Apache Subversion (SVN)

? Analog Devices Blackfin ? Analog Devices SHARC ? Analog Devices TigerSHARC

? Visual Studio ? Wind River C/C++

? CVS ? Git

? ARM C/C++ ? Borland C++

? Mercurial (Hg)

? CEVA BXx

? API

? Perforce Helix

? CEVA XC16

?

? Team Foundation Server SCM ? CEVA-X2

IDE

? IBM Rational Team Concert ? QNX Momentics ? Wind River Workbench

? CEVA-XC4500 ? Clang ? Cosmic C ? Freescale CodeWarrior ? GNU GCC/G++

? ? ? ? ?

CI

? GHS PowerPC on Windows

?

? Azure DevOps Server

? Green Hills C/C++/EC++

?

? Bazel

? HI-TECH PICC

CSRF

? Jenkins

? IAR C/C++

?

Code Sight IDE

? IBM AIX

XSS

? Visual Studio for , C#, ? IBM XLC

?

C/C++, JavaScript, PHP, Python, ? Intel C++ for Windows

?

Ruby, TypeScript

? JDK for Mac OS X

?

?

Visual Studio Code for C# (.NET Core), C/C++, Java, JavaScript,

?

Keil compilers

PHP, Python, Ruby, TypeScript ? Marvell MSA

? Visual Studio Code (Rapid

? MPLAB XC8

Scan) for Java, JavaScript, and ? Nvidia CUDA Compiler (NVCC)

TypeScript

? OpenJDK

? Eclipse for Java, JavaScript,

? QNX C/C++

? ? ? ? ? ?

? ? ?

C/C++, PHP, Python, Ruby, TypeScript IntelliJ for Java, JavaScript, PHP, Python, Ruby, TypeScript WebStorm for JavaScript, TypeScript PyCharm for Python

? ? ? ? ? ?

Renesas C/C++ SNC C/C++ SNC GNU C/C++ SONY PS4 SDK STMicroelectronics GNU C/C++ STMicroelectronics ST Micro C/C++

?

? ? ? ? ?

NULL

? PhpStorm for PHP

? Sun (Oracle) CC

?

? RubyMine for Ruby

? Sun/Oracle JDK

?

? Synopsys MetaWare C and C++ ?

? Jira ? Bugzilla

? Tasking for ARM Cortex and TriCore

? SQL

?

CodeSight IDE sight_support_matrix.html

Rapid Scan Coverity 2023.6.0

DevSecOps

jp/software

158-0094 2-21-1

TEL: 03-6746-3600 Email: sig-japan@ jp/software

?2023 Synopsys, Inc. All rights reserved. Synopsys Synopsys, Inc. Synopsys MISRA? HORIBA MIRA Ltd. AUTOSAR? AUTOSAR organization 2023 8

| | 4

 ................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download