Translation Phase
To successfully translate a project that is normally compiled, make sure that you have any dependencies required to build the project available. The
The basic command-line syntax to perform the first step of the analysis process, file translation, is:
sourceanalyzer -b <build_id> ... <files>
or
sourceanalyzer -b <build_id> ... <compiler_command>
The translation phase consists of one or more invocations of Fortify Static Code Analyzer using the sourceanalyzer command. Fortify Static Code Analyzer uses a build ID
Name of an application being analyzed. (-b option) to tie the invocations together. Subsequent invocations of sourceanalyzer add any newly specified source or configuration files to the file list associated with the build ID.
Caution! When you translate dynamic languages (JavaScript/TypeScript, PHP, Python, and Ruby), you must specify all source files together in one invocation. Fortify Static Code Analyzer does not support adding new files to the file list associated with the build ID on subsequent invocations.
After translation, you can use the -show-build-warnings directive to list any warnings and errors that occurred in the translation phase:
sourceanalyzer -b <build_id> -show-build-warnings
To view the files associated with a build ID, use the -show-files directive:
sourceanalyzer -b <build_id> -show-files
The following
- Translating Java Code
- Translating Kotlin Code
- Translating Visual Studio and MSBuild Projects
- Translating C and C++ Code
- Translating JavaScript and TypeScript Code
- Translating Python Code
- Translating Code for Mobile Platforms
- Translating Go Code
- Translating Ruby Code
- Translating COBOL Code
- Translating Apex and Visualforce Code
- Translating Other Languages and Configurations