Perforce launches full CI/CD integration

Latest updates provide broader code coverage while allowing embedded developer teams to detect and fix security and compliance issues earlier in the testing cycle.

  • Friday, 2nd August 2024 Posted 7 months ago in by Phil Alsop

Perforce Software has introduced the latest version of its static analysis tools with the latest release, providing enhanced security and maximum CI/CD process flexibility for safety-critical development projects.

Static Code Analysis with Perforce

Perforce static analysis engines ensure software quality, safety and security, and offer continuous compliance throughout the development process by alerting developers to defects, vulnerabilities and standards rule violations as the code is being written.

Adoption of shift-left strategies — processes and tooling to automate testing and security scanning earlier in the CI/CD pipeline — is growing. According to the 2024 State of Automotive Development Report by Perforce, 59% of embedded software professionals have adopted or are actively implementing shift-left practices. Shifting to the left of the linear development timeline makes fixing errors more manageable, improves product quality, increases efficiency, ensures compliance to standards, and reduces time-to-market. Using static analysis tools can empower development teams to adopt a shift-left methodology faster, more accurately, and at scale.

With the latest release, Perforce now offers market-leading CI/CD integration capabilities, providing maximum flexibility for modern development practices. This includes the ability to produce delta analysis results for change sets as part of a new feature branch commit, merge request or pull request, and then reporting of these results through Perforce Validate, the continuous security and code compliance platform that provides a centralized store of Perforce static analysis data for codebases across the organization, making peer reviews and deviation approvals simple and efficient. Support also extends to analysis jobs running in cloud-based CI pipelines, containerized build tasks and integration into all manner of different CI/CD platforms via the built-in Web API, allowing development teams to find and fix defects earlier in the development lifecycle and go to market faster.

Customers also get enhanced and simplified security with the new Validate authentication improvements, including support for integration of identity providers with Validate using SAML and OIDC, allowing IT teams to manage users and groups more efficiently, and making it more convenient for users.

"We're committed to evolving our tools with our customers' needs," said Steve Howard, Director of Product Management for Static Analysis at Perforce. "As we add more powerful, flexible analysis functionalities and security authentication, we're set up to grow with a development pipeline the modern world requires, and customers expect."

"Tools, platforms and workflows common already within the enterprise software development space are steadily cross-pollinating into the traditionally more reserved embedded software development space," said Stephen Feloney, Vice President of Product Management at Perforce. "And we are right there now to meet them, where they are, integrated into the same platforms and tools, making static analysis easier to use and the whole process more efficient and more effective."

Additional enhancements of Helix QAC 2024.2 and Klocwork 2024.2 include:

Klocwork's new modern C/C++ analysis engine ships with significant performance improvements and a "modern mode" functionality with greater code coverage and defect detection for C++17 and newer language versions, lower false positives and false negatives rates, and improved precision and faster analysis times of up to 25 percent.

Improved language feature support for C++20 and C23.

New support for projects using multiple compilers in Helix QAC.

Extended compiler support in Klocwork for Clang, Clang-cl, GCC, IAR, Renesas.

New and expanded coding standards coverage.

Improved presentation of the MISRA® C and MISRA C++ taxonomies in Klocwork.

Get more details on the latest release for Helix QAC here and Klocwork here. To see how Helix QAC and Klocwork can help you streamline development and ensure code quality, register for a free trial.

virtualDCS strengthens leadership team

Posted 1 day ago by Phil Alsop
Cloud hosting and cyber resilience specialist virtualDCS has unveiled a new senior leadership team as it enters its next major growth phase, backed...
New integrations, broad marketplace access empower customers using cloud, security, and observability tools with network telemetry and insights.

runZero ushers in a new era of Exposure Management

Posted 2 days ago by Phil Alsop
Expanded platform offers new approach to detecting and prioritizing risk, starting with comprehensive visibility across the total attack surface.

Broadcom teams with Audi

Posted 2 days ago by Phil Alsop
VMware Cloud Foundation helps Audi Modernize IT on the factory floor while reducing cost, complexity and environmental impact.

Infinidat and Veeam team up

Posted 2 days ago by Phil Alsop
Veeam, a leader in Kubernetes data resilience, can now leverage Infinidat’s InfiniBox® high-performance, cyber resilient storage solution to...

Bitdefender and Techs + Together partner

Posted 2 days ago by Phil Alsop
Bitdefender and Techs + Together, a global managed service provider (MSP) community designed to empower MSPs through collective knowledge and shared...
Leaseweb has shared a major update on its contribution to the EU’s Important Projects of Common European Interest on Cloud Infrastructure and...
AI portfolio adds enhancements to Red Hat OpenShift AI and Red Hat Enterprise Linux AI to help operationalise AI strategies.