Build integration

You can translate entire projects with a single operation. Prefix your original build operation with the sourceanalyzer command followed by the OpenText SAST options.

The basic command-line syntax to translate a complete project is:

sourceanalyzer -b <build_id> [<sca_options>] <build_tool> [<build_tool_options>]

where <build_tool> is the name of your build tool, such as make, gmake, msbuild, devenv, or xcodebuild. See Build toolsthe OpenTextâ„¢ Application Security Software System Requirements document for a list of supported build tools. OpenText SAST executes your build tool and intercepts all compiler operations to collect the specific command line used for each input.

OpenText SAST only processes the compiler commands that the build tool executes. If you do not clean your project before you execute the build, then OpenText SAST only processes those files that the build tool re-compiles.

For information about how to integrate with Xcodebuild, see Xcodebuild Integration Command-Line Syntax. For information about integration with MSBuild, see Translating Visual Studio and MSBuild Projects.

Successful build integration requires that the build tool:

  • Executes a supported compiler

    For a list of supported compilers, see Supported Compilersthe OpenTextâ„¢ Application Security Software System Requirements document.

  • Executes the compiler on the operating system path search, not with a hardcoded path (This requirement does not apply to xcodebuild integration.)
  • Executes the compiler, rather than executing a sub-process that then executes the compiler