Pattern-Based Analysis, Flow Analysis, Code Metrics, Global Analysis, & Code Duplication Analysis
To guard against software defects entering the codebase, Parasoft Jtest analyzes the parse tree within a file and looks for patterns that represent bad development practices. Jtest exposes dangerous paths through the codebase that could cause instabilities and security issues at runtime, without executing all of those paths programmatically. By analyzing the execution paths through the code, Jtest’s static analysis can detect potential issues early in the development stage, such as null pointer exceptions, division by zero, array out of bound problems, and more.
To manage complexity, Jtest helps you understand code metrics. By helping you understand the structure/design of your codebase and measure the complexity of your codebase, Jtest helps you manage, set thresholds, and take actions, identifying potential maintenance nightmares.
Jtest identifies instances where code has been duplicated or where the code is similar enough that you might want to consolidate the implementation. This not only helps you identify where you might refactor the code to benefit the design, but also reduces the maintenance cycle associated with changes in the codebase.
Analysis and Verification of Code Compliance With Security Standards
Parasoft Jtest provides a set of built-in checkers for verifying compliance with standards like OWASP Top 10 2017, CERT for Java, CWE-SANS Top 25 2011, PCI Data Security Standard 3.2, and more. Leveraging coding standards enables users to build secure and reliable web/distributed applications and services.
Continuous Analysis & Feedback in the IDE During Development
Using Parasoft Jtest’s continuous quality mode in the IDE (Eclipse, IntelliJ, NetBeans), Jtest automatically analyzes the code in the background (every time you press save) and alerts users when it detects defects. With this feature, users get immediate feedback to detect issues as early as possible.
Flexible Code Analysis Configurations and Custom Rules
Jtest’s customizable code analysis enables teams to define organization-specific guidelines and coding standards. With this flexibility, users can turn rules on and off (creating customized test configurations to only include rules that are relevant from the organization’s development perspective), modify existing rules (rules can be parameterized to better suit the development needs), and create entirely new custom rules without having to write any code, to extend (or replace) built-in rules.
To enforce the same development strategies across the organization, these custom test configurations and static analysis rules can be shared through source control for individual projects, or through a centralized infrastructure to help different teams follow the same coding standards.
Convenient and Effective Result Views and Post-Processing
Parasoft Jtest users can review static analysis results directly in the IDE (Eclipse, IntelliJ, NetBeans), presented as actionable findings in the Finding and Finding Details views. Analysis results can also be collected and analyzed within Parasoft’s Process Intelligence Engine for advanced reporting, deeper insights, and accessing trends and historical data, a key element in assessing quality-state of the project and providing data for external parties, such as auditors. Results are also available as HTML, PDF, and custom extension reports.