TICS Client Use Cases

Running TICS Client for Coding Standards

One of the most common use cases for the TICS client is to use it to check whether code contains any violations.

For example, the following command allows you to check Coding Standards violations on /dev/myproject within the context of the TICSQServer project MYPROJECT:

TICS -project MYPROJECT -calc CS /dev/myproject

There are multiple ways to run this command. This can either be done via the command line, or via the IDE integration. For the command line, use the command as given above; for the IDE integration, check for your specific plugin how to do this.

The output in the console should look something like this:

    The goto statement shall not be used.
    C Coding Standard item (Category: Statements and Blocks, Level: 6)
    The goto statement shall not be used.

This points out violations in the source code, which is a way to find (and resolve) defects in the local source code before committing it to a SCM repository.

Running TICS Client for other metrics

With different arguments to the -calc argument, it is possible to run the TICS client for a variety of metrics. See the list of supported metrics for all possibilities to pass to the TICS Client.

Controlling TICS output

The recommended way to show changes in your violations is to make use of the -viewer option. This will give you a link to the TICS Viewer, which visualizes your code changes in a delta overview. In this overview you can easily see changes in your violations. See this page for a more detailed overview of the Client Viewer functionality.

There are also various other command line options which allow you more extensive control over which violations TICS will show you. These options can be found at the list of TICS client options for command line usage, or can be set via the TICS Configuration Tool.

A small selection of options that can be used for controlling your output:

Running TICS Client with a quality gate

Organizations may have a quality gate in place to make certain that no commit can be made that seriously degrades the quality of the code. Via the Client Viewer functionality, it is possible to do a local check whether the local changes in the source code meet the quality gate by adding the -qa option:

TICS -project PROJECT_WITH_QUALITY_GATE -calc CS -qa ~/branchdir/subdir

See the respective pages for more information on the client viewer and quality gate.

Comparing violations of different source code versions

If a project is passed to TICS for a violation metric, it is possible for TICS to evaluate a delta. For instance, let's take the basic invocation of the TICS Client:

TICS -project MYPROJECT -calc CS /dev/myproject

Since a project is passed, the TICS Client can use database information of previous runs for this project. So then it is possible for TICS to define a predecessor of your source files (if one exists). This predecessor should then match the last version of your source files that has been analyzed by TICS. TICS makes use of the configured source control tool to find which was the last analysis done on the previous version of the source code.

Alternatively, the predecessor to make a delta with can be set by the option -delta and an SCM tag from your SCM setup, like this:

TICS -project MYPROJECT -calc CS -delta [SCMTAG] /dev/myproject

Having determined a predecessor, TICS will then run an analysis for the metrics passed via -calc or -recalc options. This analysis can then be compared to the violations that TICS has stored in the database for the predecessor. TICS will then show you the delta with the previous version of your code as well as the violations that have been found in the current version. This allows you to get an easy overview of whether local changes have resolved violations that existed in previous versions, or introduced new violations.

Abstract Interpretation and Security

The TICS client now also supports running for Abstract Interpretation and Security. Since Abstract Interpretation and Security are metrics which can potentially use more than the input set of the client, this analysis comes with the following limitations:

Currently, only the Coverity and Bandit analyzers are supported for the TICS Client as Abstract Interpretation / Security analysis tools.

If all the aforementioned requirements are in place, you can run the TICS Client for AI and Security in the same way you would run it for Coding Standards or Compiler Warnings:

TICS -project MYPROJECT -calc AI,SEC /dev/myproject