Basic Information
Version release date
Software cost
Free, Paid
Software license
Self-Hosted, SaaS
Supported operating systems
Linux, Windows
Process Integration
Deployment model
Standalone Server
Analysis inputs
Source code
SCM Integration
Git, Microsoft Team Foundation Server, Subversion
Display results in IDE
Eclipse, Visual Studio
Live analysis & feedback while coding in IDE
Eclipse, Visual Studio
CI Integration
Generic command line interface (CLI)
Able to analyze incremental changes to code (commit, patch, pull request)
API method to report results in XML/JSON/CSV format
Supported programming languages
C, C#, C++, Go, Java, JavaScript, Kotlin, Objective-C, PHP, Python, Solidity, TypeScript
Claimed Weakness Coverage
Claimed Weakness Coverage information hasn't been collected yet for this analyzer.
Really want it? Let us know.
Checker Customization
Can disable checkers
Can customize checker logic
First-class API to create new checkers
Speed & Scalability
Parallelizes on one host
Parallelizes across more than one host
Results Quality
Provides explanation of warning
Provides severity of warning
Provides confidence information about warning
Provides code context around warning
Provides control flow context for warning
Provides data flow context for warning
Provides code coverage information per checker
Show differences in results set to previous scan
Integration with external remediation bug tracker
Two-way data sync with external remediation bug tracker
Graphical user interface (GUI)
Ability to search results
Results remediation workflow
Hierarchical reporting for multiple projects, teams, departments, etc.
Filter results by compliance standard
MISRA C (2012)
Centralized reporting
Role-based access
Installation guide or documentation
User/operator guide or documentation
Integration guide or API documentation