Micro Focus Fortify Static Code Analyzer – New Updates

The following features have been added to Fortify Static Code Analyzer.

.NET Updates

  • Support added for .NET Core 2.2, 3.0, and 3.1
  • Support added for C# 8
  • Support added for VB.NET 16.0 (2019)
  • Support added for MSBuild 16.4
  • Support added for .NET Framework version 4.8
  • Support added for ASP.NET 4.8

macOS Update

  • Support added for macOS 10.15

Java Update

  • Support added for Java 13

Swift and Objective-C Updates

  • Support added for Xcode 11, 11.1, 11.2.1, 11.3, 11.3.1
  • Improved translator

Compiler Updates

  • Support added for cl 2019
  • Support added for Apple LLVM (Clang) 11.0.0
  • Support added for Swiftc 5.1, 5.1.2, 5.1.3

Kotlin (Technical Preview)

  • Support added for Kotlin 1.3.50

Note: Fortify Static Code Analyzer support for scanning Kotlin is available as a technical preview. However, security content for this feature will be released toward the end of June 2020. You can find vulnerabilities in your Kotlin applications only after the security content is available.

Go Updates

  • Support added for Go language 1.13.x (up to 1.13.3)

Performance Improvements

We have substantially improved dynamic languages analysis performance by making changes to:

  • The Higher Order Analysis (HOA) algorithm
  • Taint analysis of Python’s static initializers
  • Type inference scalability on multiple cores

These changes affect all languages that leverage higher order analysis:

  • Python
  • TypeScript
  • JavaScript
  • Ruby
  • Swift

FPR File Enhancements

  • Translation options are now persisted in FPR files
  • Filter files are persisted in FPR files

Leave a Comment