Product Overview
ダウンロード
フォーカスモード
フォントサイズ
TCA (Tencent Cloud Code Analysis), originating in 2012, is an integrated code analysis tool subsystem supporting multiple programming languages. It serves as a cloud-native, distributed, and high-performance comprehensive code analysis and tracking management platform. By leveraging technologies such as lexical analysis, syntax analysis, control flow, and data flow analysis, it identifies risks in code including security vulnerabilities, quality issues, coding standard violations, and component dependencies. The platform continuously monitors project code iterations, supports various continuous integration processes, and helps teams perpetuate a code excellence culture.
Architecture Description
TCA consists of the TCA platform + TCA client:
The platform primarily handles relevant configurations and stores related analysis results.
The client hosts code analysis tasks and executes the analysis on its local machine. TCA employs a distributed client architecture, allowing flexible deployment of clients to any region (provided they can access the TCA platform), such as for use as one-time temporary nodes or persistent nodes.
Function Name | Feature Description | |
Code inspection | | It supports code inspection, capable of detecting code quality defects, code security vulnerabilities, code standards, and more. Through code inspection, it accurately tracks and manages discovered issues such as code quality defects, code standards, code security vulnerabilities, and ineffective code. It has currently integrated numerous self-developed and well-known open-source analysis tools, and adopted a layered and decoupled architecture, enabling teams to rapidly utilize self-service management tools. |
Code metrics | Cyclomatic complexity | Supporting cyclomatic complexity analysis, it can detect the cyclomatic complexity of code, including method-level and file-level cyclomatic complexity. Cyclomatic complexity, also known as conditional complexity or loop complexity, measures the structural complexity of a module. A high cyclomatic complexity indicates complex decision logic in the program code, which may lead to poor code quality and difficulties in testing and maintenance. Regularly analyzing the cyclomatic complexity of code in engineering projects effectively assists development and testing teams in progressively optimizing code quality. |
| Duplicate code | It supports duplicate code inspection, capable of detecting duplicated lines, duplicated blocks, and duplication rates in code. Regularly analyzing duplicate code in engineering projects effectively helps development teams discover redundant code, facilitates code abstraction and refactoring, reduces code risks, thus enabling better code management and maintenance. |
| Code statistics | It supports displaying full and incremental code line statistics, including code lines, comment lines, and blank lines. This effectively tracks continuous changes in code volume within engineering projects and allows viewing the proportions of various programming languages. |
Historical trends | Historical trends | It supports historical trend analysis of code, capable of analyzing change trends in code volume, commit counts, code inspections, duplicate code, cyclomatic complexity, and so on, for both the entire codebase and individual members. |
Component composition analysis | | Supports component composition analysis for source code and binary artifacts. It analyzes multi-dimensional risks in projects, including software components, License compliance risks, security vulnerabilities, open-source component poisoning risks, and sensitive information leakage. |
フィードバック