What Is an Analytics Project?
An analysis project consists of a code repository branch, an analysis scheme, and an analysis path (default repository root directory). Since a code repository has 1 - n branches, in a multi-branch R&D model, business parties can choose to analyze only the trunk branch, each individual branch, or perform MR merge analysis as needed, thereby reducing potential code quality issues during development.
What Is an Analysis Scheme?
An analysis scheme is a series of configuration sets. During code analysis, corresponding code analysis will be performed according to the configuration information of the corresponding scheme.
Each code repository may have varying analysis requirements depending on different business needs. Sometimes the focus is solely on security, other times on compliance standards, and there may also be different access control requirements. Therefore, different analysis schemes and code repository branches form many-to-many relationships, creating multiple analysis projects that can flexibly meet the needs of various business scenarios.
Do You Need to Access Nodes to Perform Code Analysis?
TCA supports one-click access to dedicated machine resources for teams and team projects, enabling customers to independently manage machine resources and compilation environments. It provides multiple access methods such as CloudApp, binary packages, and Docker images for dedicated machine resources, making the process simple and efficient.
No need to rely on CI resources, shortening the call chain for initiating code analysis execution.
Dedicated machine resources can be managed according to business scale, enabling distributed code analysis execution to increase analysis concurrency, reduce task queuing, and accelerate analysis speed.
Mac dedicated machine resources can be accessed to perform code analysis for Object-C projects.
Development machines from various business units can also be integrated into the dedicated machine resource list, effectively utilizing development resources and reducing machine costs.
Business parties can autonomously manage the compilation environment of dedicated machines, designate specific machines to execute analysis tasks, and avoid compilation failure exceptions when code analysis is performed on projects requiring compilation.
Are There Any Doubts About the Check Results After the Analysis Is Complete?
In scenarios without code execution, some inference algorithms may not achieve 100% false positive elimination. If the issues are deemed non-issue or negligible, users can mark them as false positives or take no action. That specific issue will no longer be reported in subsequent analysis runs.
Note:
If you have doubts about this rule and believe it is unnecessary, you can go to the Analysis Plan > Code Inspection page to configure rules and disable this rule.
Can TCA Integrate Custom Tools?
TCA supports customers in integrating custom tools, which can be created on the Team > Tools page.
Disclaimer:
Any non-official tools integrated into the Tencent Cloud Code Analysis (TCA) system are treated as black boxes by TCA. TCA assumes no responsibility for such tools, and all liabilities (including but not limited to distribution of analyzed code, and leakage of code and related information) shall be borne by the providers of such tools.