Software Integrity Blog

 

Announcing Code Sight 2019.4

The Code Sight IDE plugin uses the Coverity static analysis engine to find issues as developers code. Release 2019.4 supports more languages and IDEs.

Code Sight 2019.4 IDE plugin supports more languages, IDEs

What’s new?

The product team at Synopsys is pleased to announce that Code Sight™ IDE plugin 2019.4 is generally available! This release accommodates the growing variety of technologies in modern application development environments. As a result, more developers can quickly find and fix issues in their IDE.

New features in this release of the Code Sight IDE plugin include static analysis for C/C++ in Visual Studio and support for more IDEs:

  • IntelliJ 2019.1
  • RubyMine 2018.1–2019.1
  • Eclipse 2019-3 (4.11)

An IDE plugin that makes debugging code easier and faster

Designed for developers, the Polaris Code Sight IDE plugin uses the Coverity® static analysis engine to scan code automatically when users save files. Developers get noninvasive and nearly instantaneous feedback on the quality and security of their code before they commit it.

The unique combination of Coverity quality and security checkers can find defects affecting application reliability and functionality. It also reveals security weaknesses that could expose sensitive data to attacks. The solution carefully examines potential execution paths that could lead to software issues. As a result, developers can produce clean, secure, and reliable code. Now, with the Code Sight IDE plugin’s expanded language and IDE support, more developers can use the broad set of Coverity security and quality checkers without leaving their editor.

The Code Sight plugin makes debugging code easier and faster

Beyond the IDE, many development teams integrate static application security testing (SAST) into their CI/CD pipelines as well. However, many SAST solutions provide different analysis engines in the IDE and build/test environment. Frustrated developers might ask themselves, “Why wasn’t this issue found while I was running tests in the IDE?” So Synopsys has ensured consistent results between analyses in the IDE and the build/test environment.

What’s next for the Code Sight IDE plugin?

To decrease debugging times, organizations are shifting application security responsibilities to developers. This shift is pushing developers to catch software defects earlier in the SDLC. But if security testing slows them down, developers might see this request as unfair, considering their primary goal of hitting tight release deadlines.

That’s why Synopsys introduced the Code Sight IDE plugin to make SAST easier and faster. With this release, the plugin’s support of development technologies expands to include Java, JavaScript, Ruby, C#, and C/C++ in IntelliJ, Eclipse, Visual Studio, and RubyMine. Future releases will support more languages from the Coverity stable and other IDEs to extend the Code Sight IDE plugin’s userbase.

Learn more about the Polaris Code Sight IDE plugin

 

More by this author