Help Center/ CodeArts Check/ Service Overview/ What Is CodeArts Check?
Updated on 2025-01-22 GMT+08:00
View PDF
Share

What Is CodeArts Check?

CodeArts Check is a cloud-based service that checks codes. With years of experience in automatic static check and enterprise application, CodeArts Check provides rich check services on code style, common quality, cyber security risk, and other elements. It also includes comprehensive check reports, convenient bug handling, and many other efficient, easy-to-use functions for enterprises to effectively improve code quality.

The cloud service and IDE plug-in are two forms of CodeArts Check. In addition, it provides an enhanced package with in-depth security check.

CodeArts Check Functions

Table 1 CodeArts Check functions

Function

Description

Coding issue check

Use rule sets to check issues in your own code.

Code security check

Use rule sets to check code security risks and issues.

Code style check

Use rule sets to check whether your code matches the selected style.

Code health score

A comprehensive metric. It is related to the issue impact, quantity, and code quantity. The code health score is automatically calculated.

Issue management

Handle issues found in code checks based on issue descriptions, status, check rules, file paths, source code, and fix suggestions.

Cyclomatic complexity

Evaluate code quality risks based on the code cyclomatic complexity report.

NBNC (non-blank non-comment)

Number of valid lines of code (LOC) excluding blank lines and comment lines.

Duplication rate

Evaluate code quality risks based on the duplication rate report.

Scheduled check

Use the function of scheduling code checks every week and every day to balance rest and coding.

Check result notification

After the check is complete, the messages are sent to notify related personnel of the check results so that they can handle issues in time.

Check in multiple languages

Check code in Java, C++, JavaScript, Go, Python, C#, TypeScript, CSS, HTML, Lua, Rust, Shell, Kotlin, and PHP.

IDE Plug-in of CodeArts Check

It is a powerful assistant for developers to protect the code quality.

  • Provides industry standard (including Huawei Cloud) check, one-click code style formatting, and automatic code fixing, adhering to the concepts of simplicity, high speed, and real-time monitoring.
  • Checks code accurately and efficiently, and builds three-layer protection during coding, merging, and version release with cloud services jointly.
  • Displays all built-in lightweight IDE rules that are a subset of cloud rules in the cloud, implements security scan shifting left, and covers 30+ defect categories.
  • Supports Java, C, C++, and Python. The IDE plug-in has been rolled out on four mainstream IDE platforms: VSCode IDE, Intellij IDEA, CodeArts IDE, and Cloud IDE.

Enhanced Package of CodeArts Check

The security check feature in this package is highly valuable as it thoroughly identifies code security risks and vulnerabilities. It also includes security scenarios that are not found in other packages, such as value errors, encryption issues, and data verification issues. Moreover, it enhances security check and analysis for vulnerability detection items in the industry (such as cross-function check, cross-file check, taint analysis, semantic analysis).

Currently, the package contains 284 rules (Java: 61; C++: 199; Go: 8; Python: 16).

The enhanced package provides the following items:

  • Supports vulnerability check that complies with the taint propagation model, such as command injection, SQL injection, path traversal, and information disclosure.
  • Covers common security vulnerability detection items, such as LDAP injection, open redirect, value processing, and information disclosure.
  • Checks hard-coded passwords, API keys, and access tokens.
  • Checks access key leaks.

After a tenant purchases an enhanced package, the tenant and its IAM accounts can use the package.

The number of parallel jobs of the package is limited. 1 package: 1 job; 2 packages: 2 parallel jobs; N (max. 100) packages: N (max. 100) parallel jobs. For details about how to purchase, see Purchasing a Value-Added Feature.

To purchase the enhanced package, purchase CodeArts Pro or Enterprise Edition. The enhanced package cannot be used after the CodeArts package expires.