Home » Blog » Categories »

SonarQube / SoanrCloud add C++17 rules -- Alexandre Gigleux

By ganncamp | Dec 22, 2020 01:54 AM | Tags: c++17

SonarSource has been working all year to improve C++ support. Recently we adjusted standard-specific rules to run only on code compiled to that standard. So C++98 rules will no longer raise issues on your C++17 code, and vice versa! 

C++ analyzer helps developers to write C++17 compliant code

by Alexandre Gigleux

From the article:

C++17 standard is out for a while now and supported by the C++ analyzer running on SonarCloud. We did an effort in the past years to fix false-positives/false-negatives related to the new constructs/features of C++17. That was great but not enough to help you be more familiar with the standard and take the best out of it.
This is why we are happy to introduce a first set of rules dedicated to C++17. With these rules, we hope you will take advantage of the new features of C++17 and write more reliable and maintainable C++17 code.

C++ analysis is available free for open source projects in SonarCloud, and in commercial editions of SonarQube.

 

PVS-Studio 7.11 Release: IAR Arm, Diagnostics, FREE-FREE-FREE-FREE

By Andrey Karpov | Dec 18, 2020 07:18 AM | Tags: static code analysis sast pvs-studio ld-linux iar devsecops arm

This is the press release of the New Year's version of the PVS-Studio 7.11 analyzer. Since the new version includes only a few enhancements, let's take this opportunity to recall the options for free PVS-Studio use.

PVS-Studio 7.11 Release: IAR Arm, Diagnostics, FREE-FREE-FREE-FREE

by Andrey Karpov

From the article:

Support of the IAR Arm compilers is now available in the pvs-studio-analyzer utility. This family of compilers was previously supported only in the CLMonitor.exe utility on Windows. Now users of PVS-Studio for Linux can check the code written for these compilers as well. We added interception of compiler calls via ld-linux to the pvs-studio-analyzer utility.

std::any - comparison with void* and motivating examples -- Hitesh Kumar

By Hitesh Kumar | Dec 15, 2020 11:03 AM | Tags: c++17

An introduction to std::any and comparison with void*.

std::any - comparison with void* and motivating examples

by Hitesh Kumar

From the article:

std::any is often compared with void* because the latter has been the de-facto choice for storing or passing the arbitrary objects in C++ since the outset. std::any is not a replacement of void*, but it is a safer substitute for the boilerplate patterns built around void*. Nevertheless, a comparison between the two is required for a better understanding of std::any.

CopperSpice: C++ Memory Model

By Ansel Sermersheim | Dec 14, 2020 02:40 PM | Tags: None

New video on the CopperSpice YouTube Channel:

C++ Memory Model

by Barbara Geller and Ansel Sermersheim

About the video:

In this video we examine the C++ memory model and explain why it is a completely separate component from the multi-threading library added in C++11. We also look at the development of the memory model and its purpose in the C++ standard.

Please take a look and remember to subscribe!

C and C++ analysers detect cryptography-related security issues -- Alexandre Gigleux

By ganncamp | Dec 14, 2020 02:29 PM | Tags: None

Recent improvements to SonarCloud C++ analysis (coming soon in SonarQube 8.6!) bring new rules related to cryptography.

C and C++ analyzers detect cryptography-related security issues

by Alexandre Gigleux

From the article:

Communications should be encrypted to protect users’s privacy, but when it comes to really implement it, it’s not that easy due to the complexity of the area.

With SonarCloud, you are no longer alone thanks to these 7 new security rules focusing on detecting cryptography-related security issues