Configuring checkers for the integration build analysis

From current

Contents 1 Opening the Configuration Editor 2 Selecting what issues Insight will detect 3 Configuring taxonomies and categories 3.1 Creating and editing taxonomies and categories 3.2 Adding a checker to a taxonomy 3.3 How is deleting a checker different from disabling it? 4 Editing the Reference information for a checker 5 Changing issue severities 6 Applying a global checker configuration to all new projects 7 Copying the checker configuration to an existing project 8 When do your changes take effect? 9 See also

This article covers:

• configuring the analysis profile - the set of checkers that are run during the integration build analysis
• organizing checkers into categories and taxonomies - how the analysis data is presented in Klocwork Review and on connected desktops
• setting up a global checker configuration for all new projects in a projects_root and copying a checker configuration to existing projects

You need the "Change project settings" permission to perform these tasks.

Opening the Configuration Editor

You configure checkers and taxonomies in the Configuration Editor, which is accessed through Klocwork Review.

To open the Configuration Editor:

1. Log into Klocwork Review.
2. Click the project you want to configure.

   The project details appear on the right.

   

3. In the project details, click Configuration.
4. Under Configuration Files, click problems_default.pconf.xml.

   

5. If your browser requests permission to launch the Java Web Start Launcher for configeditor.jnlp, confirm the launch.
6. If you see a warning about a digital signature, select Always trust content from this publisher and click Run.

   The Configuration Editor appears.

Note: Clicking Restore Defaults at any time restores all of the default settings.

Selecting what issues Insight will detect

1. Open the Configuration Editor.

   The Analysis Profile tab is active by default.

2. Expand a tree to see the list of categories and checkers it contains.

   

3. To enable or disable a checker, select or deselect its checkbox.

   Tip: On the Analysis Profile tab, settings you've changed are displayed in blue.

4. Click OK.

   Your changes do not come into effect until the next integration build analysis.

Configuring taxonomies and categories

Klocwork Insight provides three default organizational structures, or taxonomies:

• C and C++
• Java
• C#

Each taxonomy contains a set of checkers, grouped by category.

The three default taxonomies, as their names suggest, organize all checkers by language. You can set up taxonomies to report on whatever is important to you. For example:

• to measure compliance with a standard such as CWE. In this case, you'd include only the checkers that detect violations of the standard.
• to measure software quality
• to assess software security

You can create your own taxonomies and edit the defaults. The structure you set up will be available for reporting in Klocwork Review and on connected desktops.

Creating and editing taxonomies and categories

You create and edit taxonomies and categories on the Taxonomies tab of the Configuration Editor.

• Add a new taxonomy: Right-click on any white space on the Taxonomies tab and click New taxonomy. In the Create new taxonomy dialog, enter a name and click OK.
• Add a new category: Right-click the category that you want to be the parent for your new category, or right-click a taxonomy to create a top-level category. Click New category. In the Create new category dialog, enter a name and click OK.
• Rename a category: Right-click and click Rename. In the Rename dialog, enter a new name and click OK. Note: You can't rename a taxonomy.
• Delete a taxonomy or category: Right-click and click Delete. Click OK to confirm. The taxonomy or category and all of its contents are removed. This change can't be undone for non-default taxonomies and categories.
• Delete a checker from a taxonomy : Right-click and click Delete. Click OK to confirm.

Adding a checker to a taxonomy

You can add a checker in a few ways:

• drag from another taxonomy. Note that the checker will be removed from the taxonomy you're dragging it from.
• copy-and-paste or cut-and-paste from another taxonomy (through the right-click menu, or with Ctrl+x, Ctrl+c and Ctrl+v)
• right-click on either a taxonomy or category and click Add issue. In the Add issue dialog, start typing an issue code, and auto-completion will suggest available matches. Double-click an item in the list and click OK. For a list of issue codes, see C and C++ checker reference, Java checker reference and C# checker reference.

  

Note that because a checker can't appear more than once in a taxonomy, you can't copy-and-paste from one category to another within the same taxonomy; you can only cut-and-paste, or drag-and-drop.

How is deleting a checker different from disabling it?

• When you enable or disable a checker on the Analysis Profile tab, it is enabled or disabled in all taxonomies.
• When you delete a checker from one taxonomy on the Taxonomies tab, it will not be deleted from any other taxonomies.

Because of this:

• Delete a checker from a taxonomy if you don't want issues of this type reported in one taxonomy, but you do want it reported in another.
• Disable a checker if you don't want the checker to be run at all.

Also, since adding/deleting takes effect immediately, adding or deleting a checker allows you to quickly test the effect of a particular checker on reports.

Tip: If you add a checker to a taxonomy in the Taxonomies tab, verify that the checker is enabled on the Analysis Profile tab.

Editing the Reference information for a checker

The Reference field can contain any extra information you'd like to add for a checker. The Reference field is taxonomy-specific; this means that if a checker exists in multiple taxonomies, it can have multiple values for the Reference field. This also means that when you copy or move a checker from one taxonomy to another, the Reference information is not copied or moved.

A typical use for this field is to map the checker to a rule in a standard. For example, the checker MISRA.ASM.ENCAPS detects violations of both MISRA-C rule 2.1 and MISRA-C++ rule 7-4-3. We've included both of these rule numbers in the Reference field for this checker.

The Reference field is visible in Klocwork Review and in the developer desktop tools. In the desktop tools, it's shortened to "Ref".

To change the reference value for a checker:

1. Open the Configuration Editor.
2. On the Taxonomies tab, expand an issue category to display the checker you want to change.
3. Right-click the checker.
4. In the pop-up menu, click Edit reference.
5. In the Specify Reference dialog, enter a value.
6. Click OK to save your changes.

Changing issue severities

The severity label (for example, "Critical") is associated with a severity number. You can change the severity label to whatever is most meaningful.

When you make a change to a severity in one taxonomy, the change is applied to all taxonomies.

Ten severity levels are available. Klocwork checkers use only severities 1 through 4 by default, but you can edit the severity level for any checker.

To change a severity label:

1. Open the Configuration Editor.
2. Click the Severities tab.
3. Click the text you want to change in the Name column.
4. Type the new severity label. You can use alphanumeric characters, as well as space, minus, and underscore.
5. Click OK .

To change the severity level of a checker:

1. Open the Configuration Editor.
2. On the Taxonomies tab, expand an issue category to display the checker you want to change.
3. Right-click the checker.
4. In the pop-up menu, select Change Severity, and select a new severity level (for example, 2: Error).
5. Click OK .

Applying a global checker configuration to all new projects

If you edit the configuration for one project, you can use this configuration for all projects that are created in future. Existing projects are not affected.

1. Back up the following file:

   <projects_root>/projects/workspace/rules/problems_default.pconf.xml

2. Run kwadmin import-config:

   kwadmin import-config workspace <projects_root>/projects/<project_name>/rules/problems_default.pconf.xml

   where:

   • <projects_root> is your projects_root directory
   • <project_name> is the name of the project whose configuration you want to copy

Tip: Specifying workspace as the project name indicates that the file is to be imported into the projects_root.

Copying the checker configuration to an existing project

If you edit the configuration for one project, you can import the configuration into other existing projects.

1. Log in to Klocwork Review.
2. In Klocwork Review's project list, click the project you want to configure.

   The project details appear.

3. In the project details, click Configuration.
4. On the Configuration page, click Add a configuration file.
5. In the Choose file dialog, browse to:

   <projects_root>/projects/<project_name>/rules/problems_default.pconf.xml

   where <project_name> is the project whose configuration you want to copy.

6. Click Send.

   The configuration file is updated.

Tip: For a large number of projects, you can use the command kwadmin import-config instead.

When do your changes take effect?

When you enable or disable checkers on the Analysis Profile tab and save your changes, your changes do not come into effect until the next integration build analysis is run.

For changes on the Taxonomies and Severities tabs, your changes will be immediately visible in Klocwork Review. This is a good way to quickly test a new organizational structure. Your changes will also be available to connected desktops through synchronization.

See also

• Tutorial - Creating a taxonomy and viewing the results
• Managing integration projects and builds
• Managing configuration files for integration projects