Modifying a Build Script to Invoke Fortify Static Code Analyzer

As an alternative to build integration Ability to translate your codebase as part of your build process., you can modify your build script to prefix each compiler, linker, and archiver operation with the sourceanalyzer command. For example, a makefile often defines variables for the names of these tools:

CC=gcc
CXX=g++
LD=ld
AR=ar

You can prepend the tool references in the makefile with the sourceanalyzer command and the appropriate Fortify Static Code Analyzer options.

CC=sourceanalyzer -b mybuild gcc
CXX=sourceanalyzer -b mybuild g++
LD=sourceanalyzer -b mybuild ld
AR=sourceanalyzer -b mybuild ar

When you use the same build ID Name of an application being analyzed. for each operation, Fortify Static Code Analyzer automatically combines each of the separately-translated files into a single translated project.