|In this topic:|
The Klocwork Desktop Plug-in for Visual Studio helps you detect and fix issues before check-in. The Visual Studio plug-in supports C/C++, C# and mixed projects and solutions, but certain features are not supported for C#.
The plug-in is equipped with several popular C/C++ refactorings, such as renaming and inlining functions, which can be performed within your IDE.
To take advantage of the new features related to viewing server issues in the Visual Studio plug-in, you must install the latest version of the plug-in designed for Visual Studio 2012 and up.
You can also customize project settings, issue filters and analysis settings to your own preferences. For more information about these features, see the topics below.
You get the most from desktop static code analysis when you connect a local project to a project on the Klocwork Server. The local project is analyzed quickly while incorporating Klocwork knowledge bases generated on the server where additional source files were analyzed (for example, shared libraries). Connecting to a server project also allows you to share issue status information with the integration build analysis and among team members. You can also run a standalone desktop analysis, but the analysis only derives knowledge from the local project's source files, and is not recommended.
You perform this step only once for each project.
C/C++ code: With on-the-fly analysis, issues are detected when you open files and as you type. If you prefer, you can also configure it to run whenever you save files.
C# code: For pure C# or mixed C/C++ and C# solutions, right-click the solution and select Analyze Solution. Or, right-click a project and select Analyze Selection. A full solution or project analysis detects both C/C++ and C# issues.
When issues are detected in a file, you see issue markers on the left and right margins of the editor. The left markers (chevrons) scroll with the text. When more than one issue is detected on the same line, the left gutter markers display only the highest-priority issue.
|Left margin icon||Right margin icon||Severity|
|Critical, Error (server issue)|
|Warning, Review (server issue)|
|Ignored (server issue)|
Server issues are those that have been found in the integration build, but not by the local desktop analysis. This may sometimes occur because of the highly optimized nature of desktop analysis. If you modify the source code to fix a server issue, it won't disappear from the issues list until the next server build is run.
Disable loading server issues
For a real defect, fix the issue in your code. While working in Visual Studio, the Klocwork plug-in detects issues as follows:
You can change the status for one issue at a time for selected issues, or for an entire file. You need the Change Issue Status permission to change issue status.
Once you change an issue's status to something other than Analyze or Fix, you won't see it again because default filtering options hide all issues in statuses other than Analyze and Fix. You can adjust your filter to show ignored issues by clicking the icon and selecting an ignored status (Microsoft Visual Studio extension) or by clicking the icon (Microsoft Visual Studio addin).
If you prefer to simply ignore an issue without specifying a more specific status, right-click the issue, and select Ignore Issue.
If you want to restore an ignored issue, right-click the issue(s) you want to restore and select Recover Issue.
For connected projects, status updates are synchronized to the server. Your local project is also updated with changes made by other developers.
If you configure Continuous Integration (CI) builds and open an issue in Visual Studio using the 'open in IDE' button from one of the supported CI plug-ins, this imports the issue into your open project. If you have fixed this issue or simply want to remove it from your issue list, you can right-click the issue and select Discard this issue. Note that this functionality does not apply to issues found from a full analysis; these issues cannot be discarded.
For C/C++ users, false positive reports can be generated to collect information needed to reproduce false positives in specific source files.
To submit a false positive report from Visual Studio:
Within Visual Studio, you can configure settings for your Klocwork plug-in using the following dialogs:
The Authentication dialog in Visual Studio allows users to authenticate with the Klocwork Server. When access control has been configured, all users need to authenticate with the Klocwork Server.
To access the Authentication dialog, click Login or the status icon in the task bar.
The Authentication dialog prompts you to enter your user name and password.
Klocwork then stores a token in the user's home directory, so you need to log in only once. Note that users' passwords are not stored.
Once authenticated, you can run any Klocwork tool that points to the same Klocwork Server host and port. To run an Klocwork tool pointing to a different Klocwork Server host and port, you must log in again. Likewise, to run Klocwork as a different user, you must log in again.
To open the General Options dialog in Visual Studio, go to Klocwork > Options. The Options dialog appears with the General tab open by default.
Use this dialog to specify the location of the Klocwork Servers and to enable or disable on-the-fly analysis markers and underlining.
The Klocwork Server manages integration projects and their associated settings. You can obtain the server location from your Klocwork administrator. The server and port fields must have valid values to run the analysis when it is connected to a Klocwork project.
Server specifies the host name of the Klocwork Server. You can enter either an IP address or a host name. The default is localhost.
Port specifies the port on which the Klocwork Server listens. The value must be a number between 0 and 65535. The default port is 8080.
Enable Use secure connection if a secure connection to the Klocwork Server has been set up.
To configure analysis and appearance settings in Visual Studio, go to Klocwork > Options > Klocwork > General.
The Analysis tab allows you to enable or disable on-the-fly analysis, as well as limit how often on-the-fly analysis and/or on-demand analysis run. You can configure them both to run one to three threads at a time.
Also, you can configure when analysis is run on-the-fly. By default, analysis is run any time you open a file or pause while typing. If you prefer to have it run whenever you save, select On File Save under the On-The-Fly analysis menu. You can also configure if analysis is continued after a file is closed by enabling or disabling the option Cancel On-The-Fly analysis when the document is closed.
The Appearance tab allows you to enable or disable on-the-fly analysis markers and underlining for detected issues in your editor. You can also configure whether the change comment dialog shows by default and whether or not to show Klocwork engine errors and warnings in the error list.
The Data tab in Visual Studio allows you to control whether Klocwork data is stored next to the solution, or within a specified central location of your choice. This data includes solution properties, defects, and other meta data used by the Klocwork plug-in.
To access the Data tab, go to Klocwork > Options > Klocwork > General and select the Data tab.
If you want to store Klocwork data outside of your solution directory, select Store Klocwork data in a specified central location. Click Browse and specify the location you would like the data to be stored in. The change takes effect the next time you open the solution. Once you re-open your solution, your existing data is migrated to the new specified location. You can also opt to delete the data instead of migrating it by manually deleting it before making the change to your data location. If you opt to restore storage to the solution directory, the data is migrated when you close the solution.
You can configure how verbose you want your log to be by selecting the verbosity level on the logging tab.
To open the Klocwork Solution Properties dialog in Visual Studio, right-click a solution and select Klocwork Solution Properties.
There are separate tabs for C/C++ and C#, as well as a tab for configuring Source Code Management (SCM) systems.
This status bar can display several possible messages, as follows:
You can use the Update Build Specification action to explicitly generate a build specification for your solution or project. When selected, the Update Build Specification action performs clean and build operations on your project or solution. The build specification is generated on a per-project basis, using the Visual Studio project configuration.
To explicitly generate a build specification whenever you right-click your solution, project, folder or file, click Use the build specification generated by the "Update Build Specification" action.
To use a custom build specification for a project
This tab contains a list of SCM's that are supported within Visual Studio. You can configure and test your settings for each SCM manually from this tab if required.