Task: See How Results Have Changed After Upgrading CodeSonar

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

CodeSonar^® 9.2p0

CONFIDENTIAL

CodeSecure Inc

Task: See How Results Have Changed After Upgrading CodeSonar

When you upgrade CodeSonar, it is useful to see the effects of analysis improvements on your own project or projects. This task can be summarized as follows.

Before upgrading, set up a hub containing a full analysis of the project, performed with the old version of CodeSonar.
Upgrade CodeSonar on the hub machine.
Upgrade CodeSonar on the machine you use to run the build/analysis (if this is not the same as the hub machine).
Start the upgraded hub.
Perform a full analysis of the project with the new version of CodeSonar.
Compare the results of the two analyses.

Depending on the hub configuration, you may be prompted to provide hub user account credentials to authenticate authorize some of the command lines described here. See Hub Authentication: Authenticated codesonar Subcommands for more information.

Preliminaries
Method
Links

This task will use the following for brevity.

interface:hubport is your hub location.
hubdir is your hub directory.
projname is the name of the project you are analyzing.
Examples are based on a project built with make. Substitute your own build command and full rebuild mechanism as appropriate.

Preliminaries

This task requires that you have analyzed the project before upgrading. Work through the following steps before upgrading CodeSonar.

Start the hub, if it is not already running.
codesonar hub-start hubdir interface:hubport
In order to see how the analysis results have changed, you will need analysis results for the latest version of projname. If you do not already have such results, perform a CodeSonar build/analysis of projname and send the results to your hub. For example:
codesonar analyze projname interface:port make
If you are currently signed in to the hub, sign out.

Method

Once you have a hub with baseline results and are ready to upgrade, proceed as follows.

Shut down the hub.
codesonar hub-stop interface:hubport
(You may be prompted for hub user account credentials.)
Upgrade CodeSonar on the hub machine.
- See the Installation section for full details.
- You may also need to refresh the CodeSonar license key.
- If you are not installing the new version of CodeSonar in the same place you stored the old version, make sure you update your PATH environment variable.
Upgrade CodeSonar on the machine you use to run the build/analysis, if this is different to the hub machine.
On the hub machine, verify that your PATH setting is enabling your system to find the new version of CodeSonar.
which codesonar
On the hub machine, start the hub.
codesonar hub-start hubdir interface:hubport
As part of the hub starting process, CodeSonar will upgrade the hub database to work properly with the new version of CodeSonar. Depending on the size of the database, this may take several minutes.
On the build/analysis machine, verify that your PATH setting is enabling your system to find the new version of CodeSonar.
which codesonar
Perform a CodeSonar build/analysis based on a full rebuild of projname. For example:
make clean
codesonar analyze projname interface:port make
Open the web GUI and list the analyses for projname.
Click the Analysis table heading to show a table menu, then select Show > Analysis ID to add the Analysis ID column to the table.
The most recent analysis is the one you performed with the new version of CodeSonar. Note its analysis ID. Call this new_id.
The next-most-recent analysis is your baseline analysis. Note its analysis ID. Call this old_id.
Construct the search string:
aid=new_id DIFFERENCE aid=old_id
Paste the search string into the search field, select warnings in all projects from the search domain/scope menu, and click Search.
A search results page will open.
Select all from the Visible Warnings menu.
The search results page now displays all the representative instances of warnings found in the new analysis but not the baseline analysis.
If you want to be able to access this search from the Visible Warnings menu in future, save it as a named search.
Conversely, to see the representative instances of warnings found in the baseline analysis but not the new analysis:
1. Construct the search string:
  aid=old_id DIFFERENCE aid=new_id
2. Paste the search string into the search field, select warnings in all projects from the domain/scope menu, and click Search.
3. Select all from the Visible Warnings menu.

Links

Related tasks

Using CodeSonar

To report problems with this documentation, please visit https://support.codesecure.com/.