Whether you're an independent developer or part of a large enterprise software team, assessing and correcting software quality and security issues is one of those tasks you just can't ignore. One of the best ways to achieve this is with the Bitnami Code Dx Stack, which integrates a set of analysis tools (both open source and commercial) against your code to identify security issues and other weaknesses. The analysis produced by Code Dx then serves as a roadmap for you to begin battle-proofing your software.
This is exactly as awesome as it sounds...but it gets even better when you realize that Code Dx isn't just a static observer/inspector of your code, but can be integrated with every stage of your development workflow in a more proactive role.
- IDE Integration: If you use Eclipse or Visual Studio, Code Dx comes with ready-to-use plugins for these IDEs. Developers can review Code Dx findings directly in their IDE, switch to the offending lines of code, and fix problems immediately. When software projects use more than one programming language (for example, Java or Python on the server, JavaScript on the client), Code Dx's IDE plugins also collate and centralize results in one place, making it easy to get a handle on the scale and scope of the work involved. Read more about Code Dx’s IDE integration.
- SCM Integration: If you're using Code Dx in your IDE, you're probably going to fix the problems it identified before committing the code to your SCM. But what if you're using an unsupported IDE, or you're auditing an existing project? If your project uses Git, you can use Code Dx's Git integration to directly analyze a Git repository for quality and security issues. Or, if the project uses Subversion, Mercurial or TFVC, you can upload a zip file containing your source code into Code Dx for analysis. Read more about Code Dx’s SCM integration.
- CI/CD Integration: If you use build automation, you can integrate Code Dx into your build pipeline and benefit from continuous auditing of your source code. Put simply, this means that once your project is built, you can send it to Code Dx for analysis and optionally choose to break the build/mark it as unstable based on the Code Dx results. If you're using Jenkins, Code Dx has a native Jenkins plugin designed for this, or you can use the Code Dx REST API to achieve the same result with other CI servers. Read about more Code Dx’s CI integration.
Do you like the idea of integrating quality assurance into your development/deployment workflow? Get started right away with the Bitnami Code Dx Stack, available as a native installer on Windows, Mac OS X, and Linux.