Home » Blog » Categories » Product News

Product News

Take control of your vcpkg dependencies with versioning support--Victor Romero

By Adrien Hamelin | Feb 19, 2021 12:48 PM | Tags: community

A new feature.

Take control of your vcpkg dependencies with versioning support

by Victor Romero

From the article:

We have an exciting new feature to announce in vcpkg: the long-awaited and highly requested package versioning! This feature makes it possible to install specific versions of dependencies and control installed versions over time. In order to use this feature, a vcpkg.json manifest file must be present in your repo to declare dependencies. Versioning is not currently available for libraries installed via the command line (i.e. vcpkg install library_name commands). The versioning feature is completely optional – you can choose not to specify library versions, and vcpkg will pick the most appropriate set of compatible versions for your dependencies from its baseline catalog. For now, we are considering this feature experimental. Please give us your feedback and let us know how we can improve...

Why PVS-Studio Uses Data Flow Analysis: Based on Gripping Error in Open Asset Import Library

By Andrey Karpov | Feb 18, 2021 10:20 AM | Tags: value range analysis static code analysis pvs-studio data flow analysis cwe-571 bugs

An essential part of any modern static code analyzer is data flow analysis. However, from an outside perspective, the use of data flow analysis and its benefit is unclear.

Why PVS-Studio Uses Data Flow Analysis: Based on Gripping Error in Open Asset Import Library

by Andrey Karpov

From the article:

It all started with checking the latest version of the Qt 6 library. There was a separate usual article on this, where I'd described 77 errors found. It turned out that at first, I decided to flip through the report, not excluding the third-party libraries' warnings. In other words, I didn't exclude the warnings related to \src\3rdparty in the settings. It so happened that I immediately ran up against a gripping error example in the Open Asset Import Library. So, I decided to write this extra little note about it.

HPX V1.6.0 released -- STE||AR Group

By Hartmut Kaiser | Feb 18, 2021 07:18 AM | Tags: performance parallelism heterogeneous computing distributed computing concurrency c++20 c++17 c++14 c++11

The STE||AR Group has released V1.6.0 of HPX -- A C++ Standard library for parallelism and concurrency.

HPX V1.6.0 Released

The newest version of HPX (V1.6.0) is now available for download! This release continues the focus on C++20 conformance with multiple new algorithms adapted to be C++20 conformant and becoming customization point objects (CPOs). We have added experimental support for HIP, allowing existing CUDA features to now be compiled with hipcc and run on AMD GPUs as well. We have also continued improving the performance of the parallel executors, and added an experimental fork-join executor. The full list of improvements, fixes, and breaking changes can be found in the release notes.

    HPX is a general purpose parallel C++ runtime system for applications of any scale. It implements all of the related facilities as defined by the C++ Standard. As of this writing, HPX provides the only widely available open-source implementation of the new C++17 parallel algorithms. Additionally, HPX implements functionalities proposed as part of the ongoing C++ standardization process, such as large parts of the features related parallelism and concurrency as specified by the upcoming C++20 Standard, the C++ Concurrency TS, Parallelism TS V2, data-parallel algorithms, executors, and many more. It also extends the existing C++ Standard APIs to the distributed case (e.g. compute clusters) and for heterogeneous systems (e.g. GPUs).

    HPX seamlessly enables a new Asynchronous C++ Standard Programming Model that tends to improve the parallel efficiency of our applications and helps reducing complexities usually associated with parallelism and concurrency.

 

PVS-Studio Roadmap 2021

By Andrey Karpov | Feb 8, 2021 05:32 AM | Tags: static code analysis sast pvs-studio misra c++ clion autsar c++14 coding guidelines autosar

PVS-Studio can currently analyze programs written in C, C++, C#, and Java. It also supports some C++ language extensions, for example, C++/CLI and C++/CX. In 2021, we do not plan to implement support for new languages, but we plan to expand the analyzer. We want to support several new compilers (C, C++) for micro controllers and some development environments, such as CLion.

PVS-Studio Roadmap 2021

by Andrey Karpov

From the article:

We will continue to support the MISRA C and MISRA C++ coding standards. However, it's time to also support a more modern set of rules described in The AUTSAR C++14 Coding Guidelines. This document is the MISRA C++:2008 standard update, and is also based on leading code standards and research papers prepared by AUTOSAR.

Include What You Use--Jonathan Boccara

By Adrien Hamelin | Jan 5, 2021 12:53 PM | Tags: community

Did you know that tool?

Include What You Use

by Jonathan Boccara

From the article:

I’ve used the clang based include-what-you-use tool on a fairly large chunk of code — a couple of hundreds of files, containing dozens of includes each.

That was an interesting experiment.

Here are my takeaways on this powerful tool, what it can bring to your code, and a few things I wish I had known when I started using it...

SonarQube / SoanrCloud add C++17 rules -- Alexandre Gigleux

By ganncamp | Dec 22, 2020 01:54 AM | Tags: c++17

SonarSource has been working all year to improve C++ support. Recently we adjusted standard-specific rules to run only on code compiled to that standard. So C++98 rules will no longer raise issues on your C++17 code, and vice versa! 

C++ analyzer helps developers to write C++17 compliant code

by Alexandre Gigleux

From the article:

C++17 standard is out for a while now and supported by the C++ analyzer running on SonarCloud. We did an effort in the past years to fix false-positives/false-negatives related to the new constructs/features of C++17. That was great but not enough to help you be more familiar with the standard and take the best out of it.
This is why we are happy to introduce a first set of rules dedicated to C++17. With these rules, we hope you will take advantage of the new features of C++17 and write more reliable and maintainable C++17 code.

C++ analysis is available free for open source projects in SonarCloud, and in commercial editions of SonarQube.

 

PVS-Studio 7.11 Release: IAR Arm, Diagnostics, FREE-FREE-FREE-FREE

By Andrey Karpov | Dec 18, 2020 07:18 AM | Tags: static code analysis sast pvs-studio ld-linux iar devsecops arm

This is the press release of the New Year's version of the PVS-Studio 7.11 analyzer. Since the new version includes only a few enhancements, let's take this opportunity to recall the options for free PVS-Studio use.

PVS-Studio 7.11 Release: IAR Arm, Diagnostics, FREE-FREE-FREE-FREE

by Andrey Karpov

From the article:

Support of the IAR Arm compilers is now available in the pvs-studio-analyzer utility. This family of compilers was previously supported only in the CLMonitor.exe utility on Windows. Now users of PVS-Studio for Linux can check the code written for these compilers as well. We added interception of compiler calls via ld-linux to the pvs-studio-analyzer utility.

C and C++ analysers detect cryptography-related security issues -- Alexandre Gigleux

By ganncamp | Dec 14, 2020 02:29 PM | Tags: None

Recent improvements to SonarCloud C++ analysis (coming soon in SonarQube 8.6!) bring new rules related to cryptography.

C and C++ analyzers detect cryptography-related security issues

by Alexandre Gigleux

From the article:

Communications should be encrypted to protect users’s privacy, but when it comes to really implement it, it’s not that easy due to the complexity of the area.

With SonarCloud, you are no longer alone thanks to these 7 new security rules focusing on detecting cryptography-related security issues

C++20 Comparisons in ReSharper C++ 2020.3 -- Igor Akhmetov

By Anastasia Kazakova | Dec 10, 2020 12:11 PM | Tags: c++20

ReSharper C++ 2020.3 brings full support for C++20’s changes to comparison semantics.

C++20 Comparisons in ReSharper C++ 2020.3

by Igor Akhmetov

This blog post briefly goes over the language updates to comparisons in C++20 and takes a look at how ReSharper C++ can help you use the new language features.

The post discusses:

  • The complexity of pre-C++20 comparisons
  • Three-way comparison operator, what is it for
  • Operator rewriting rules
  • Defaulted comparison operators
  • Implicitly generated operator==
  • Creating new operators from usage