JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.
If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.
If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.
| CodeSonar® 9.2p0 | CONFIDENTIAL | CodeSecure Inc |
This page lists CodeSonar's third-party software integrations, with links to detailed information.
The integrations in this section ship with CodeSonar.
Integrations with the following warning detectors are built into CodeSonar.
| Clang Static Analysis | (C, C++) CodeSonar projects can incorporate information obtained by observing the execution of the Clang Static Analysis and importing its SARIF output. |
|---|---|
| detekt | (Kotlin) CodeSonar provides subcommand codesonar kotlin_scan.py that allows CodeSonar to observe the execution of detekt and import information about the warnings it issues. |
| ESLint | (JavaScript/TypeScript) CodeSonar provides subcommand codesonar es_scan.py that allows CodeSonar to observe the execution of ESLint and import information about the warnings it issues. |
| Pylint | (Python) CodeSonar provides subcommand codesonar python_scan.py that allows CodeSonar to observe the execution of Pylint 1.7 or later and import information about the warnings it issues. |
| Staticcheck | (Go) CodeSonar provides subcommand codesonar go_scan.py that allows CodeSonar to observe the execution of Staticcheck and import information about the warnings it issues. |
| Rust Clippy | (Rust) CodeSonar provides subcommand codesonar rust_scan.py that allows CodeSonar to observe the execution of Rust Clippy and import information about the warnings it issues. |
| other analyzers | CodeSonar provides a SARIF importer that supports
integration with any third-party analyzer that can produce SARIF
output. For more information, see Including Tier 3 Components in a CodeSonar Project. |
CodeSonar ships with integrations for the following Integrated Development Environments (IDEs). See the linked documentation sections for configuration and usage information.
Integrations for the following IDEs are available separately.
CodeSonar ships with integrations for the following continuous integration (CI) tools.
CodeSonar ships with integrations for the following project management tools.
CodeSonar ships with a number of hub authentication plug-ins, allowing you to configure your hub to use existing authentication infrastructure for hub authentication. Configuration instructions for each plug-in are provided in the Authentication Plug-Ins Shipped With CodeSonar section.
In addition, we provide detailed instructions for integrating CodeSonar with the following authentication platforms.
The integrations in this section are provided on third-party sites: they do not ship with CodeSonar.
Customized integrations are available for the following CI tools. We also provide general-purpose instructions for integrating your CI tool with CodeSonar.
| Hudson | See Using CodeSonar With Hudson. |
|---|---|
| Jenkins | See CodeSonar Jenkins integration documentation. |
Customized integrations are available for the following project management tools.
| GitHub | CodeSonar GitHub integration |
|---|---|
| GitLab | CodeSonar GitLab integration is suitable for use
with all GitLab editions/plans. We strongly recommend GitLab Ultimate: it has additional static analysis features including a "security scan report" which can display CodeSonar analysis results in GitLab. |
| Jira Server | CodeSonar for Jira Server plug-ins are
available for versions 7.0.0-9.4.8 and 6.0-6.4.14. (For Jira Cloud, see Built-In Integrations: Project Management, above.) |
To report problems with this documentation, please visit https://support.codesecure.com/.