Improving code quality and ISO-5055 compliance
Overview
Are you looking to enhance the quality of your application’s source code? CAST Imaging offers a comprehensive solution for identifying and addressing potential code quality issues through rigorous automated analysis.
Key features include:
- Automated structural rules analysis: CAST Imaging applies a set of predefined, well-documented rules to your source code during the analysis process.
- Detailed rule documentation: each built-in rule comes with clear documentation explaining:
- What specific aspects of code are being checked
- Potential risks or quality concerns
- Recommended remediation strategies
Flaw Detection and Reporting
When the analysis identifies code that doesn’t meet the established standards, CAST Imaging:
- Flags the specific code segment as a “flaw”
- Provides a targeted investigation path
- Helps developers prioritize and address code quality issues systematically
By leveraging these insights, development teams can proactively improve code reliability, maintainability, and overall software quality in alignment with ISO-5055 standards.
Are there any prerequisites for this feature?
The structural rules are provided out-of-the-box in CAST Imaging, but to leverage this feature, you must ensure that your application analyses have the structural flaw results generation option enabled (this option is enabled by default for all newly onboarded applications):
In addition, the application needs to be analyzed with the following extensions:
- com.castsoftware.qualitystandards (this extension is Force Installed)
- com.castsoftware.consoleinformation ≥ 1.0.2-funcrel (this extension is Force Installed, but ensure that you are using the correct release)
How do I find out where the flaws are in my application?
Your application needs to have the Ready to view status in the Landing page:
Click Ready to view, expand the Improve application quality section and select any of the available tiles (Security Flaws, Performance Flaws, Error Handling Flaws):
- If you do not see the "Welcome" page with the various sections, it may be disabled. See Landing Page in Viewer preferences.
- If you do see the "Welcome" page, but not the Improve application quality section, it's likely that your application does not meet the prerequisites (see above) or that CAST Imaging was not able to find any structural flaws.
Clicking a tile will display the following screen, where flaws are listed:
You can also access structural flaws via the Insights menu option in the right-panel:
What is shown in the flaws screen?
Structural flaws are listed by transaction and then by the rule that has been “violated” by your source code:
Learn more
Use the Learn more link to understand the rule and the remediation path:
Right panel
Use the right panel to visualize the violation path for the object containing the flaw. There may be more than one violation path to investigate - in the example below, there are 5:
Expand each violation path to view the source and target steps through the violation and any intermediate steps:
Use the details buttons available on each violation step within the selected object to view more information about the particular item:
- Open in new tab (open the object in a new tab within “viewer”)
- View source code (displays in a panel to the right - the data source needs to be correctly configured) - the line of code resulting in the step in the violation will be highlighted (color coded: orange for an intermediate step, blue for a target step):
- View object characteristics (displays in a panel to the right):
Note also that the specific line of code where the violation step is referenced in the object will be shown:
Investigate the flaws
Once you have a list of the structural flaws in your application, the next step is find out where these flaws are so that you can make a remediation plan. You can:
- use the Remediation button to understand how to resolve the violations present in a selected object:
- use the right-panel as explained in the previous section What is shown in the flaws screen?. In particular, use the Open in new tab option to view the object in a new tab so that you can take advantage of the standard features of CAST Imaging (e.g. save the view, add a Post-It) - this will help you understand the impact of updating the object code to remediate the flaw/
Deal with the flaws
To build your remediation plan use the Export and Tags options:
Tags
To ensure the team dealing with the remediation can easily find these objects in the future, it is possible to tag some or all of them. First click the Tag button - this will enable checkboxes next to the objects. Select the object or objects you want to tag:
Click the Tag button again, then add an appropriate tag: in this example we have tagged them with the name of the violated rule “Avoid direct or indirect remote calls inside a loop”:
Finally, team members can use the global search feature, searching by tag to display all the objects that need updating:
Export to .csv
Use this option to export to .csv ALL the objects containing a violation of the specific rule listed in the panel:
The result is a .csv file containing the following information about each object:
- Object ID
- Object Name
- Object Full Name
- Object Type
- Rule Name