March 18-23, Tokyo, Japan
April 17-20, Bristol, UK
April 24-26, Leganes, Spain
April 30, Online
May 7-12, Aspen, CO, USA
June 24-29, St. Louis, MO, USA
July 2-5, Folkestone, Kent, UK
By Andrey Karpov | May 16, 2020 05:40 AM | Tags: static analyzer sonarqube sast pvs-studio devops cwe
The purpose of this article is to give a general overview of the features of the PVS-Studio static analyzer.
PVS-Studio 7.07: Features Overview
by Ekaterina Nikiforova
From the article:
The next command I'd like to talk about is called "Display CWE Codes in Output Window". PVS-Studio is a static application security testing (SAST) tool, which means its warnings can be classified according to the Common Weakness Enumeration (CWE).
By Andrey Karpov | Sep 4, 2019 09:40 AM | Tags: warningsng virallicense unreal engine sonarqube pvsstudio misra jenkins devops
PVS-Studio is a tool designed to detect errors and potential vulnerabilities in the source code of programs, written in C, C++, C#, Java. It works in Windows, Linux, and macOS environment.
PVS-Studio 7.04
by Svyatoslav Razmyslov
From the article:
When working on a task developers take code from so many various places. A popular source of Copy-Paste code is the Stackoverflow website and similar ones. There are cases when a developer takes the code from an open source project and doesn't check license requirements. Thus, a closed source project may accidentally get a few files from an open source project with a Copyleft license, which obliges to make the entire project code open source. In companies with a large number of employees, it's difficult to keep track of this, whereas such actions might cause adverse risks and problems. So, PVS-Studio now has a diagnostic, which will help to find such files. It relates to all supported languages (C, C++, C#, Java). The diagnostic is looking for the following "virus" licenses: AGPL-3.0, GPL-2.0, GPL-3.0, LGPL-3.0.