- What's New
- Function Overview
- Service Overview
- Getting Started
-
User Guide
- Working with CodeArts Check
- Purchasing CodeArts Check
- Configuring Project-level Role Permissions
- Creating a Task
- Configuring a Task
- Executing a Task
- Viewing Check Results
- Querying Audit Logs
- Reference
- Best Practices
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
APIs
-
Task Management
- Creating a Check Task
- Deleting a Check Task
- Querying Tasks
- Executing a Check Task
- Stopping a Check Task
- Querying the Status of a Task
- Querying Historical Check Results
- Querying Selected Rule Sets of a Task (Version 2)
- Querying Selected Rule Sets of a Task (Version 3)
- Querying the Check Parameters of a Rule Set (Version 2)
- Querying the Check Parameters of a Rule Set (Version 3)
- Configuring the Check Parameters of a Task
- Modifying the Rule Set in a Task
- Querying Check Failure Logs
- Obtaining the Directory Tree of a Task
- Ignoring Directories of a Task
- Querying Advanced Configurations of a Task
- Configuring Advanced Configurations for a Task
- Issue Management
- Rule Management
-
Task Management
- Application Examples
- Appendixes
- Description
-
FAQs
-
General Issues
- Why Am I Told that a Task Is Running and I Should Try Again Later?
- Why Am I Told that I Don't Have Sufficient Permissions and I Should Check and Try Again?
- Why Am I Told that Cppcheck Cannot Tokenize the Code Correctly?
- Why Am I Told that No Dependency Exists in the Maven Repository?
- Why Am I Seeing Error CC.00070400.500?
- Why Don't I Have Enough Permissions When Clicking a Task Name?
- Why Does a Project with WPF in C# Fail?
- Why Is No Data Displayed After a Task Is Complete?
- Why Does a TypeScript Task Fail with a 404 Error in the Log?
- API Issues
-
General Issues
- Videos
- General Reference
Copied.
What Is CodeArts Check?
CodeArts Check is a cloud-based service that checks codes. With years of experience in automatic static check and enterprise application, CodeArts Check provides rich check services on code style, common quality, cyber security risk, and other elements. It also includes comprehensive check reports, convenient bug handling, and many other efficient, easy-to-use functions for enterprises to effectively improve code quality.
The cloud service and IDE plug-in are two forms of CodeArts Check. In addition, it provides an enhanced package with in-depth security check.
CodeArts Check Functions
Function |
Description |
---|---|
Coding issue check |
Use rule sets to check issues in your own code. |
Code security check |
Use rule sets to check code security risks and issues. |
Code style check |
Use rule sets to check whether your code matches the selected style. |
Code health score |
A comprehensive metric. It is related to the issue impact, quantity, and code quantity. The code health score is automatically calculated. |
Issue management |
Handle issues found in code checks based on issue descriptions, status, check rules, file paths, source code, and fix suggestions. |
Cyclomatic complexity |
Evaluate code quality risks based on the code cyclomatic complexity report. |
NBNC (non-blank non-comment) |
Number of valid lines of code (LOC) excluding blank lines and comment lines. |
Duplication rate |
Evaluate code quality risks based on the duplication rate report. |
Scheduled check |
Use the function of scheduling code checks every week and every day to balance rest and coding. |
Check result notification |
After the check is complete, the messages are sent to notify related personnel of the check results so that they can handle issues in time. |
Check in multiple languages |
Check code in Java, C++, JavaScript, Go, Python, C#, TypeScript, CSS, HTML, Lua, Rust, Shell, Kotlin, and PHP. |
IDE Plug-in of CodeArts Check
It is a powerful assistant for developers to protect the code quality.
- Provides industry standard (including Huawei Cloud) check, one-click code style formatting, and automatic code fixing, adhering to the concepts of simplicity, high speed, and real-time monitoring.
- Checks code accurately and efficiently, and builds three-layer protection during coding, merging, and version release with cloud services jointly.
- Displays all built-in lightweight IDE rules that are a subset of cloud rules in the cloud, implements security scan shifting left, and covers 30+ defect categories.
- Supports Java, C, C++, and Python. The IDE plug-in has been rolled out on four mainstream IDE platforms: VSCode IDE, Intellij IDEA, CodeArts IDE, and Cloud IDE.
Enhanced Package of CodeArts Check
The security check feature in this package is highly valuable as it thoroughly identifies code security risks and vulnerabilities. It also includes security scenarios that are not found in other packages, such as value errors, encryption issues, and data verification issues. Moreover, it enhances security check and analysis for vulnerability detection items in the industry (such as cross-function check, cross-file check, taint analysis, semantic analysis).
Currently, the package contains 284 rules (Java: 61; C++: 199; Go: 8; Python: 16).
The enhanced package provides the following items:
- Supports vulnerability check that complies with the taint propagation model, such as command injection, SQL injection, path traversal, and information disclosure.
- Covers common security vulnerability detection items, such as LDAP injection, open redirect, value processing, and information disclosure.
- Checks hard-coded passwords, API keys, and access tokens.
- Checks access key leaks.
After a tenant purchases an enhanced package, the tenant and its IAM accounts can use the package.
The number of parallel jobs of the package is limited. 1 package: 1 job; 2 packages: 2 parallel jobs; N (max. 100) packages: N (max. 100) parallel jobs. For details about how to purchase, see Purchasing a Value-Added Feature.
To purchase the enhanced package, purchase CodeArts Pro or Enterprise Edition. The enhanced package cannot be used after the CodeArts package expires.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot