Showing results for code analysis - C++ Team Blog

Introduction  To make your C++ coding experience as safe as possible, the Microsoft C++ Code Analysis has added new checks and improved existing ones to help you prevent bugs before they find their way into your products. Some of the checks work harder than others, analyzing the code deeper by simulating runtime behavior. As such, they can find de...

The latest insiders release of the C++ extension is here, bringing clang-tidy support to VS Code! Clang-tidy is a clang-based C++ linter tool that detects common errors in your code, like style violations and bugs that can be deduced via static analysis. Clang-tidy integration was one of our top asks on GitHub, so we’re excited to announce that it’...

Starting with Visual Studio 16.8, MSVC Code Analysis officially supports SARIF 2.1.0 standard. SARIF is an industry standard for representing static analysis logs and we've been one of the earliest collaborators with the SARIF Technical Committee. Behind the scenes, analysis log files in the SARIF format powers Visual Studio IDE to provide a richer...

We have added a new experimental static analysis rule in Visual Studio 16.10 version Preview 3 - C26458, . The new warning is a more precise and less noisy version of warning C26446, . Both warnings analyse standard containers for unchecked element access and they both share the warning message: “Prefer to use instead of unchecked subscript operat...

In Visual Studio version 16.8 Preview 3,  we have added a few safety rules to C++ Code Analysis that can find some common mistakes, which can lead to bugs ranging from simple broken features to costly security vulnerabilities. These new rules are developed around issues discovered in production software via security reviews and incidents requiring ...

C++ Core Check is Microsoft’s static analysis tool that enforces the rules from the C++ Core Guidelines, which is maintained by the C++ Foundation. This post is to provide a snapshot of the C++ Core Guidelines coverage that C++ Core Check offers. For background, the C++ team introduced C++ Core Check in December 2015 as part of Visual Studio 201...

In Visual Studio version 16.8 Preview 3,  we are adding a few safety rules to C++ Code Analysis that can find some common mistakes, which can lead to bugs ranging from simple broken features to costly security vulnerabilities. These new rules are developed around issues discovered in production software via security reviews and incidents requiring ...

Rust and C++ are two popular systems programming languages. For years, the focus of C++ has been on performance. We are increasingly hearing calls from customers and security researchers that C++ should have stronger safety guarantees in the language. C++ often falls behind Rust when it comes to programming safety. Visual Studio 2019 version 16.7 c...

Introducing the IntelliSense Code Linter for C++; a preview of "as-you-type" code analysis with fixups. Try it out today in Visual Studio 2019 16.6 Preview 2.

[Updated on 11/6/2019] - Removed "Setup: Installing Clang tools" section; this is no longer required starting in Visual Studio 2019 version 16.4 Preview 3. Visual Studio 2019 version 16.4 Preview 1 brings a significant improvement to the C++ code analysis experience: native support for clang-tidy, a Clang-based “linter” tool developed by the LLV...