Perforce launches full CI/CD integration

Latest updates provide broader code coverage while allowing embedded developer teams to detect and fix security and compliance issues earlier in the testing cycle.

  • Friday, 2nd August 2024 Posted 3 months ago in by Phil Alsop

Perforce Software has introduced the latest version of its static analysis tools with the latest release, providing enhanced security and maximum CI/CD process flexibility for safety-critical development projects.

Static Code Analysis with Perforce

Perforce static analysis engines ensure software quality, safety and security, and offer continuous compliance throughout the development process by alerting developers to defects, vulnerabilities and standards rule violations as the code is being written.

Adoption of shift-left strategies — processes and tooling to automate testing and security scanning earlier in the CI/CD pipeline — is growing. According to the 2024 State of Automotive Development Report by Perforce, 59% of embedded software professionals have adopted or are actively implementing shift-left practices. Shifting to the left of the linear development timeline makes fixing errors more manageable, improves product quality, increases efficiency, ensures compliance to standards, and reduces time-to-market. Using static analysis tools can empower development teams to adopt a shift-left methodology faster, more accurately, and at scale.

With the latest release, Perforce now offers market-leading CI/CD integration capabilities, providing maximum flexibility for modern development practices. This includes the ability to produce delta analysis results for change sets as part of a new feature branch commit, merge request or pull request, and then reporting of these results through Perforce Validate, the continuous security and code compliance platform that provides a centralized store of Perforce static analysis data for codebases across the organization, making peer reviews and deviation approvals simple and efficient. Support also extends to analysis jobs running in cloud-based CI pipelines, containerized build tasks and integration into all manner of different CI/CD platforms via the built-in Web API, allowing development teams to find and fix defects earlier in the development lifecycle and go to market faster.

Customers also get enhanced and simplified security with the new Validate authentication improvements, including support for integration of identity providers with Validate using SAML and OIDC, allowing IT teams to manage users and groups more efficiently, and making it more convenient for users.

"We're committed to evolving our tools with our customers' needs," said Steve Howard, Director of Product Management for Static Analysis at Perforce. "As we add more powerful, flexible analysis functionalities and security authentication, we're set up to grow with a development pipeline the modern world requires, and customers expect."

"Tools, platforms and workflows common already within the enterprise software development space are steadily cross-pollinating into the traditionally more reserved embedded software development space," said Stephen Feloney, Vice President of Product Management at Perforce. "And we are right there now to meet them, where they are, integrated into the same platforms and tools, making static analysis easier to use and the whole process more efficient and more effective."

Additional enhancements of Helix QAC 2024.2 and Klocwork 2024.2 include:

Klocwork's new modern C/C++ analysis engine ships with significant performance improvements and a "modern mode" functionality with greater code coverage and defect detection for C++17 and newer language versions, lower false positives and false negatives rates, and improved precision and faster analysis times of up to 25 percent.

Improved language feature support for C++20 and C23.

New support for projects using multiple compilers in Helix QAC.

Extended compiler support in Klocwork for Clang, Clang-cl, GCC, IAR, Renesas.

New and expanded coding standards coverage.

Improved presentation of the MISRA® C and MISRA C++ taxonomies in Klocwork.

Get more details on the latest release for Helix QAC here and Klocwork here. To see how Helix QAC and Klocwork can help you streamline development and ensure code quality, register for a free trial.

Guardz expands in EMEA

Posted 1 day ago by Phil Alsop
Through a new partnership with Infinigate Cloud, Guardz will help to secure SMBs and support the MSP community across EMEA.
Data centre operators can now achieve the unparalleled speeds needed for the most demanding Artificial Intelligence (AI) applications, thanks to a...

Dell Technologies boosts AI for enterprises

Posted 1 day ago by Phil Alsop
Dell Technologies continues to make enterprise AI adoption easier with the Dell AI Factory, expanding the world’s broadest AI solutions portfolio....

AMD accelerates Exascale Computing

Posted 1 day ago by Phil Alsop
El Capitan, powered by the AMD Instinct MI300A APU, becomes the second AMD supercomputer to surpass the Exascale barrier, placing #1 on the Top500...
Global system integrator won over by simplicity, security and speed of the Cloudbrink service.
The Seeq platform will be leveraged to maximize production and increase energy efficiency across the largest biorefinery in Europe.
This global service forms part of the recently launched Intelligent Security portfolio and increases Logicalis' proactive threat-hunting capabilities...

Pure Storage invests in CoreWeave

Posted 2 days ago by Phil Alsop
Pure Storage and CoreWeave have announced Pure Storage’s strategic investment in CoreWeave to accelerate AI cloud services innovation. Alongside...