Announcing Code Sight 2019.4

The Code Sight IDE plugin uses the Coverity static analysis engine to find issues as developers code. Release 2019.4 supports more languages and IDEs.

Code Sight 2019.4 IDE plugin supports more languages, IDEs

What’s new?

The product team at Synopsys is pleased to announce that Code Sight™ IDE plugin 2019.4 is generally available! This release accommodates the growing variety of technologies in modern application development environments. As a result, more developers can quickly find and fix issues in their IDE.

New features in this release of the Code Sight IDE plugin include static analysis for C/C++ in Visual Studio and support for more IDEs:

  • IntelliJ 2019.1
  • RubyMine 2018.1–2019.1
  • Eclipse 2019-3 (4.11)

An IDE plugin that makes debugging code easier and faster

Designed for developers, the Polaris Code Sight IDE plugin uses the Coverity® static analysis engine to scan code automatically when users save files. Developers get noninvasive and nearly instantaneous feedback on the quality and security of their code before they commit it.

The unique combination of Coverity quality and security checkers can find defects affecting application reliability and functionality. It also reveals security weaknesses that could expose sensitive data to attacks. The solution carefully examines potential execution paths that could lead to software issues. As a result, developers can produce clean, secure, and reliable code. Now, with the Code Sight IDE plugin’s expanded language and IDE support, more developers can use the broad set of Coverity security and quality checkers without leaving their editor.

The Code Sight plugin makes debugging code easier and faster

Beyond the IDE, many development teams integrate static application security testing (SAST) into their CI/CD pipelines as well. However, many SAST solutions provide different analysis engines in the IDE and build/test environment. Frustrated developers might ask themselves, “Why wasn’t this issue found while I was running tests in the IDE?” So Synopsys has ensured consistent results between analyses in the IDE and the build/test environment.

What’s next for the Code Sight IDE plugin?

To decrease debugging times, organizations are shifting application security responsibilities to developers. This shift is pushing developers to catch software defects earlier in the SDLC. But if security testing slows them down, developers might see this request as unfair, considering their primary goal of hitting tight release deadlines.

That’s why Synopsys introduced the Code Sight IDE plugin to make SAST easier and faster. With this release, the plugin’s support of development technologies expands to include Java, JavaScript, Ruby, C#, and C/C++ in IntelliJ, Eclipse, Visual Studio, and RubyMine. Future releases will support more languages from the Coverity stable and other IDEs to extend the Code Sight IDE plugin’s userbase.

Learn more about the Polaris Code Sight IDE plugin

 
Charlie Klein

Posted by

Charlie Klein

Charlie Klein

As a Product Marketing/Business Rotational Program Associate at Synopsys, Charlie will rotate through the sales, marketing, sales operations, and finance departments four months at a time. He joined Black Duck Software in July, before Black Duck Software was acquired by Synopsys. During his time in sales and marketing, Charlie has researched and learned about the importance of open source risk management—especially pertaining to container security and secure DevOps practices. While in marketing, Charlie has been helping with the launch of OpsSight, a product designed for IT Operations and Infrastructure teams hoping to automate security practices in the production environment. He holds a B.A. in Political Economy from Bates College.


More from Security news and research