...
Local defects list
Info | ||
---|---|---|
| ||
Local defects list displays defects found during local analysis executed within your Eclipse. |
Info |
---|
Double-clicking on a defect will open associated file in Eclipse editor and place cursor on affected line. Right-clicking and selecting a defect will allow you to inspect Rule Information for a better understanding of the defect. This option will open an internal browser to display Rule Information. In case you are presented with Kiuwan Login page, please use the same credentials than used in K4D Connection Settings. |
Vulnerabilities details (Source and Sink)
Info | ||
---|---|---|
| ||
Security defects (i.e. vulnerabilites) are prefixed by a > icon. Clicking on > icon will open details on associated Source and Sink of the defect. Just double-click on any of them to open source file and line. |
Local Analysis Configuration
K4D will execute the analysis with the rules contained into the model associated to the mapped Kiuwan application.
But K4D also allows you to reduce the scope of the analysis to a subset of that model.
When you execute the local analysis on your Eclipse project, the number of defects can be quite large. If you are not going to work on all of them, you should consider to reduce the analysis to to let you concentrate on the most important subset of defects. K4D allows you to configure the local analysis to only report defects based on Priority, Characteristic, Language or even a subet of file (based on file path substring)
This would allow you to concentrate on a specific set of rules or files, reducing the number of defects that appear in the list. Only those defects matching the filters will be displayed.
Info | ||
---|---|---|
| ||
An important point is to set a limit for the number of defects displayed in the list. By default, it's set to 100. You can increase such limit, but performance of your Eclipse can be seriously damaged. Take care not to set that limit to a high number. |
You can access Local Analysis Configuration by clicking on icon of Local Defects list.
Note: All the options unchecked are equivalent to all checked.
Configuring Defects View
Regardless of you have configured the subset of defects of K4D analysis (see above), you can further reduce the defects view by defining additional filtering conditions.
Most important filter is Scope:
- File option will only display defects of the selected file in the Eclipse source file editor
- Project option will display the defects of the entire project
Additionally, you can define filters based on Priority, Characteristic and Language.
You can define view filters by clicking on icon of Local Defects list.
Note: All the options unchecked are equivalent to all checked.
Server defects list
Info | title | Local defects list
---|
Server defects list displays defects of the application stored at the Kiuwan servers. This utility allows developers to download defects found during Kiuwan analysis of the application in a centralized environnment. |
- Your current source code could be different to the source code of the server (you or other might already have modified that version)
- The list of defects to be fixed will be more probably a subset of all defects found during the server analysis (more on this topic below)
In these cases, you will need to have access to server defects.
Source of Server defects list
- Last baseline analysis
- All the defects found during last complete application analysis (i.e. the Application Baseline)
- Action plan
- Defects included within an Action Plan (you can select the plan from the app's list of available action plans)
- Audit Delivery
- Defects that must be fixed so the Audit of a delivery can be successfull (you can select the delivery among the list of executed deliveries)
Please, visit Kiuwan Life Cycle documentation for a full explanation of Baseline, Delivery and Audit concepts).
You can access Source of Server defects by clicking on icon of Server Defects list.
Note: All the options unchecked are equivalent to all checked.
Besides to configure the source of server defects, you can further filter server defects to be downloaded based on Priority, Characteristic, Language or File Pattern
Info | ||
---|---|---|
| ||
An important point is to set a limit for the number of defects displayed in the list. By default, it's set to 100. You can increase such limit, but performance of your Eclipse can be seriously damaged. Take care not to set that limit to a high number. |
...