GNAT Static Analysis Suite (previously known as CodePeer) 24 Release Notes¶
We present here a few highlights of the new features in GNAT SAS 24. You can access the complete list here.
Vulnerability report¶
From 24.2, you can download the GNAT SAS vulnerability report from the Release Download section. It will provide you the list of the CVEs that can impact this product and the corresponding impact analysis describing whether the product is concerned by each CVE.
Redesign of GNAT SAS User Experience¶
The product is now called through a new command line tool gnatsas. This tool now stores results and reviews in files that can be placed under version control, as opposed to an SQL database. Other aspects of the command line interface are simplified (such as CodePeer levels). This will improve overall user experience, in particular when interacting with CI pipelines or when supporting project architectures involving reused components or multiple versions.
Redesign of Levels¶
CodePeer / GNAT SAS –level option is discontinued. Instead, we now provide two modes, –mode=fast which is default, and –mode=deep intended for offline analysis that can spare larger amount of resources.
Incremental results in Infer¶
GNAT SAS now supports incremental analysis in Infer: after an entire project is analyzed, local changes results in partial analysis related to these local changes. Together with the (pre-existing) incremental analysis features of Inspector, this will allow developers to have rapid feedback on their current changes.
Production of SARIF format¶
GNAT SAS now produces outputs compatible with the Static Analysis Results Interchange Format (SARIF) industry standard. SARIF specifies a format for storing messages generated by static analysis tools that is supported by a set of widely used viewers.
Platform Status Changes¶
GNAT Static Analysis Suite depends on GNAT Pro toolchains; as such, changes to GNAT Pro-supported host platforms are equally applicable to the GNAT SAS. For detailed information on platform status changes to the GNAT Pro suite, see the GNAT Pro Release notes.