![]() It is pretty straightforward to take a deployment pipeline or CI/CD pipeline and integrate SonarQube into it." "It is a very good tool for analysis and security vulnerability checking." "We are using the Community edition. This is going to help you to make a more readable code and have more flexibility for the engineers to understand how things should work when they do not know." "My focus is mainly on the DevOps pipeline side of things, and from my perspective, the ease of use and configuration is valuable. You receive a quick comprehensive comparison overview regarding the current release and the last release and what type of depths dependency or duplication should be used. It gets integrated within the pipeline well." "The depth features I have found most valuable. "The reporting and the results are quick. What really matters for us is to ensure that we are able to catch vulnerabilities ahead of time." ![]() So it's working at the moment, or at least it seems to be." "It provides reports about a lot of potential defects." "Coverity is scalable." "The app analysis is the most valuable feature as I know other solutions don't have that." "The ability to scan code gives us details of existing and potential vulnerabilities. So you can locate the starting point of the defect and figure out exactly how it is being exploited." "I encountered a bug with Coverity, and I opened a ticket. That particular feature helps the developer understand the root cause of a defect. Additionally, it is a powerful capabilities solution." "One of the most valuable features is Contributing Events. ![]() We use the wrapper to build the C++ component, then we use the other code analysis to analyze the code to the build object, and then send back the result to the SonarQube server. "The most valuable feature of Coverity is the wrapper. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |