Improving code quality and ISO-5055 compliance

Overview

Are you looking to enhance the quality of your application’s source code? CAST Imaging offers a comprehensive solution for identifying and addressing potential code quality issues through rigorous automated analysis.

Key features include:

Automated structural rules analysis: CAST Imaging applies a set of predefined, well-documented rules to your source code during the analysis process.
Detailed rule documentation: each built-in rule comes with clear documentation explaining:
- What specific aspects of code are being checked
- Potential risks or quality concerns
- Recommended remediation strategies

Flaw Detection and Reporting

When the analysis identifies code that doesn’t meet the established standards, CAST Imaging:

Flags the specific code segment as a “flaw”
Provides a targeted investigation path
Helps developers prioritize and address code quality issues systematically

By leveraging these insights, development teams can proactively improve code reliability, maintainability, and overall software quality in alignment with ISO-5055 standards.

Are there any prerequisites for this feature?

The structural rules are provided out-of-the-box in CAST Imaging, but to leverage this feature, you must ensure that your application analyses have the structural flaw results generation option enabled (this option is enabled by default for all newly onboarded applications):

In addition, the application needs to be analyzed with the following extensions:

com.castsoftware.qualitystandards (this extension is Force Installed)
com.castsoftware.consoleinformation ≥ 1.0.2-funcrel (this extension is Force Installed, but ensure that you are using the correct release)

How do I find out where the flaws are in my application?

Your application needs to have the Ready to view status in the Landing page:

Click Ready to view, expand the Improve application quality section and select any of the available tiles (Security Flaws, Performance Flaws, Error Handling Flaws):

If you do not see the "Welcome" page with the various sections, it may be disabled. See Landing Page in Viewer preferences.
If you do see the "Welcome" page, but not the Improve application quality section, it's likely that your application does not meet the prerequisites (see above) or that CAST Imaging was not able to find any structural flaws.

Clicking a tile will display the following screen, where flaws are listed:

You can also access structural flaws via the Insights menu option in the right-panel:

What is shown in the flaws screen?

Available in ≥ 3.3.x-funcrel

Structural flaws are listed by transaction and then by the rule that has been “violated” by your source code:

Use the info bubbles to understand the rule and the remediation path:

Use the right panel to visualize the object containing the flaw:

Click the object to views its characteristics:

Investigate the flaws

Once you have a list of the structural flaws in your application, the next step is find out where these flaws are so that you can make a remediation plan. The right panel shows a high-level view of the items interacting with the object containing the flaw. Clicking the Open in a new view button opens up the relevant objects and nodes in full screen mode so that you can take advantage of the standard features of CAST Imaging (e.g. save the view, add a Post-It) - this will help you understand the impact of updating the object code to remediate the flaw.

Deal with the flaws

To build your remediation plan use the Export and Tags options:

Export to .csv

Use this option to export to .csv ALL the objects containing a violation of the specific rule listed in the panel:

The result is a .csv file containing the following information about each object:

Object ID
Object Name
Object Full Name
Object Type
Rule Name