CodeSonar – Microsoft Visual Studio Integration
CodeSecure CodeSonar Integration with Microsoft Visual Studio.
Direct to Your Desktop
CodeSonar integrates with the most popular Integrated Development Environments (IDE) on the market such as Microsoft Visual Studio. These integrations shift security left and improve software quality by bringing advanced static analysis insights directly to the developer.
The key to integrating static analysis into any IDE is to follow the conventions for error and warning reporting of the platform. Menu and toolbar integration allow for quick access to the CodeSonar features in Visual Studio. Clicking on the warnings in any location brings you a new panel that provides more details on the error plus access to other parts of CodeSonar.
- View warnings in the editor as you would any other error or warning. These errors are displayed in the code view and in the warning panels typically below the code view.
- Show the warning path with the events that lead to the warning. This greatly simplifies the analysis to determine the veracity of the warning.
- Perform assessments on the warnings once the priority and accuracy of the warning have been determined. Any settings given to the warnings are persistent in the CodeSonar database in the same manner as the web UI.
- List active warnings to perform a further investigation on project-wide analysis. It’s then possible to open the web UI for CodeSonar to perform the required actions.
- Kick-off builds and new analyses within the IDE to make it quick and easy to see updated results based on recent fixes or code changes.
- Results are automatically synchronized with a CodeSonar Hub, enabling the development team to manage results in a coordinated way.