Code Quality Analysis
Code quality analysis applies defined rules to inspect your code for security, performance, design, and other issues. Code quality determines code that is good (high quality) and code that is bad (low quality). While code quality is subjective, the minimum standard is not, nor is the requirement that code be assessed and the findings categorized, prioritized, and disclosed.
Depending upon the language developers have chosen and the IDE being used, code quality analysis is either embedded and enabled or suppressed. Often development teams suppress certain messages or fail to review the results of this analysis before build and release and unknowingly fail to address vulnerabilities, engage in risky practices, or miss information about upcoming changes to existing components.
Provided in reports, dashboards, and can be integrated with other tools.
The output of the code quality analysis supports machine-readable formats such as SARIF.