JetBrains Plugin Adds DeepCode Integration
Written by Nikos Vaggalis   
Tuesday, 23 June 2020

DeepCode, a SAST tool bug finder based on machine learning, can now be used seamlessly from within IntelliJ, PyCharm, and WebStorm.

There's a lot of interest lately on Static Application Security Testing (SAST) Tools, and that has to do with the fact that the software written today is very complex and very large - a simple code review by humans won't cut it anymore. Thus the introduction of SAST tools into the CI/CD pipeline and more specifically at the Commit-time and Test-time check phases.We've recently covered a new hybrid kind of tool of the genre, in "Semgrep - More Than Just a Glorified Grep", which occupies a space somewhere in between grep and a SAST tool - more expressive than grep, but not as hard to tweak and learn as a SAST.

Still there's no IDE integration for SemGrep at this time, unlike DeepCode. Kay Ewbank gave us the lowdown on it in DeepCode Gets Cash And Opens Free Tier:

DeepCode is an AI -based tool that integrates with code hosting platforms including GitHub, Bitbucket Server and GitLab. It can be used to carry out an AI QA audit, analyzing any branch of your repositories to see the analysis results in your browser. You can also carry out a commit analysis that analyzes all your commits and comments on them to see if a commit introduces any new issues. The final option is a pull request analysis that does the same thing for pull requests.

The same report noted:

"The system is based on machine learning and aims to understand the intention of your code".

DeepCode is now easier to use thanks to its integration into JetBrains popular range of IDEs, IntelliJ, PyCharm, and WebStorm. As those IDEs are also associated with specific programming languages, it also indicateds which of these are supported by DeepCode: Java, C/C++, Python, JavaScript and TypeScript. While it also works in CLion, support is experimental.

By installing the extension from the JetBrains marketplace, you get DeepCode's analysis of your code whenever you press Save from within your IDE. This is promised to:

"identify 10x more critical bugs and security vulnerabilities than other tools"

since, as our previous report pointed out, DeepCode's analysis understands the intention of your code through the use of ML.

Installation with usage instructions can be found on its GitHub repo. Now get bug crushing!

 

More Information

DeepCode on JetBrains Marketplace
DeepCode GitHub repo

DeepCode.ai

Related Articles

DeepCode Gets Cash And Opens Free Tier

Semgrep - More Than Just a Glorified Grep

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner


Datalore 2023 Updates Reporting
04/11/2022

JetBrains has updated Datalore, its collaborative data science platform for teams, which is available both on-premises and in the private cloud. Datalore Enterprise 2023 has improvements to the r [ ... ]



Google Joins Adoptium - What's The Deal?
28/11/2022

Another giant shows its support for Java. The news is that
Google has joined the Adoptium Working Group and is making Temurin available across Google Cloud Platform (GCP) products and services. S [ ... ]


More News

picobook

 



 

Comments




or email your comment to: comments@i-programmer.info

Last Updated ( Tuesday, 23 June 2020 )