PVS-Studio PVS-Studio

Basic Information
PVS-Studio is a tool for detecting bugs and security weaknesses in the source code of programs, written in C, C++, C# and Java. It works under 64-bit systems in Windows, Linux and macOS environments, and can analyze source code intended for 32-bit, 64-bit and embedded ARM platforms.

Tool first release date
Version release date
Software cost
Free, Paid
Software license
Supported operating systems
macOS, Linux, Windows
Process Integration
PVS-Studio and Continuous Integration: https://www.viva64.com/en/m/0005/

Deployment model
Workstation, CI Server, Standalone Server
Analysis inputs
Source code
Display results in IDE
CLion, Eclipse, IntelliJ IDEA, Visual Studio, VS Code
Live analysis & feedback while coding in IDE
CLion, Eclipse, Visual Studio, VS Code
Pre-commit invocation from workstation
CI Integration
Jenkins, MSBuild, Team Foundation Server, TeamCity
Able to analyze incremental changes to code (commit, patch, pull request)
Can schedule scans
API method to report results in SARIF format
API method to report results in XML/JSON/CSV format
Supported programming languages
C, C#, C++, Java
Claimed Weakness Coverage
Checker Customization
Can disable checkers
Can customize checker logic
First-class API to create new checkers
Speed & Scalability
Speeding up the analysis of C/C++ code through distributed build systems (IncrediBuild): https://www.viva64.com/en/m/0041/

Parallelizes on one host
Parallelizes across more than one host
Results Quality
Provides explanation of warning
Provides severity of warning
Provides confidence information about warning
Provides code context around warning
Provides control flow context for warning
Provides data flow context for warning
Provides code coverage information per checker
Results suppression even after code changes
Show differences in results set to previous scan
Two-way data sync with external remediation bug tracker
Graphical user interface (GUI)
Filter results by compliance standard
CWE All, MISRA C (2012), MISRA C++ (2008), OWASP Top Ten (2017)
Centralized reporting
Team License: E-mail reply within 48 hours
Enterprise License: E-mail reply within 24 hours

Installation guide or documentation
User/operator guide or documentation
Integration guide or API documentation