What's new in Klocwork 2024.1

Released March 2024

Here are the highlights for Klocwork 2024.1. If you're upgrading Klocwork, see the Limitations for items that might affect your upgrade and usage.

Take advantage of upgrade and migration improvements

You can now:

Minimize maintenance and downtime by starting the Validate Server before projects have been migrated. Successful migrations will be available immediately, and failed migrations will be automatically disabled.
Apply fixes and remigrate problematic projects without interrupting the use of successfully migrated projects.
Save time by migrating individual projects without having to restart the Validate Server.

Manage project states

You can assign project states using the kwadmin command, to indicate whether a project is active, inactive, or unavailable, and whether it is being migrated or deleted. Project states are visible in Validate and the Web API.

In addition, you can assign project states to restrict edit and view access during maintenance operations or backup creation.

Exclude individual projects from migration

To help speed up migration, you can exclude specific projects. Excluded projects will not be migrated and will appear as disabled in the Validate tools. Later, you can migrate and enable excluded projects individually without restarting the Validate server. For details, see Migrate your projects_root directory.

Prioritize migration of specific projects

To prioritize important projects, you can assign a priority list which specifies the order in which projects will be migrated. Projects not included in the list will be migrated in the order of their project id. To learn more, see Migrate your projects_root directory.

Import or duplicate existing projects

You can now import a project from another Validate server even if the project name matches an existing project on the target server. For more information, see Import your projects and server settings.

Explore new capabilities in Validate

You can now:

Allow specific users to change an issue's owner but not its status by assigning the permission change issue owner.
Benefit from expanded search capabilities with increased support for the use of * and ** wildcard characters in modules.

Preserve license logs for audit purposes in Klocwork and Validate

You can now preserve logs for auditing purposes, by appending the logs to your license server license.report.log file instead of overwriting the file after the server restarts. To learn about the append.license.logging setting, see kwservice.

Analyze projects that were built with Bazel

You can analyze projects built with Bazel by using the kwbazel command on Linux or the --bazel option in kwandroid for Android projects. The kwbazel command supports build integration for C/C++, C#, and Java projects, allowing custom compilation mnemonics handling through configuration. Bazel's virtual_includes are also supported.

Download issue list as CSV

You can now download your list of issues as a CSV file. The CSV download button can be found at the top of the Issues page.

Discontinuation of docs.roguewave.com in 2024

The docs.roguewave.com site will be discontinued in early 2024. For Klocwork versions 2021 and earlier, see the offline documentation that is included with the product.

C and C++ enhancements

This release includes new taxonomies that map Klocwork checkers to the MISRA C++:2023 standards.

Expanded coverage for coding standards

This release includes new and expanded standards coverage for the following coding standards:

CWE for C and C++
MISRA C++:2023

Plugins and extensions

Visual Studio Code

To save you time, Visual Studio Code will run differential analysis when you open or change a file instead of analyzing the whole build specification.

Visual Studio

The status and info bars are improved to highlight important information and reduce visual distractions.

Checker improvements

New checkers

No checkers were added in this release.

Modified checkers

Checker	Description
Buffer overflow checkers	Finds additional defects
INVARIANT_CONDITION.UNREACH	Finds fewer false positives
MISRA.EXPR.PARENS.REDUNDANT	Finds additional defects
NPD.FUNC.MUST	Finds additional defects

Enabled or disabled checkers

No checkers were added to or removed from the default enabled field of the checker configuration files in this release.

Taxonomy improvements

As part of the installation, you will find several custom taxonomy files that map Klocwork checkers to coding standards such as MISRA, CWE, OWASP, and DISA STIG.

Taxonomy	Improvements
cwe_all_cxx.tconf and cwe_all_cxx_ja.tconf	Added or modified checker mappings to the following weaknesses: CWE-126 CWE-192 CWE-195 CWE-197 CWE-704
Helix QAC taxonomies	Updated the Helix QAC taxonomies to Helix QAC version 2024.1.
misra_cpp_2023_certified.tconf and misra_cpp_2023_certified_ja.tconf	Added new taxonomies that map Klocwork checkers to the MISRA C++:2023 standards.

Taxonomy

Improvements

cwe_all_cxx.tconf and cwe_all_cxx_ja.tconf

Added or modified checker mappings to the following weaknesses:

CWE-126
CWE-192
CWE-195
CWE-197
CWE-704

Helix QAC taxonomies

Updated the Helix QAC taxonomies to Helix QAC version 2024.1.

misra_cpp_2023_certified.tconf and misra_cpp_2023_certified_ja.tconf

Added new taxonomies that map Klocwork checkers to the MISRA C++:2023 standards.

Improvements to supported compilers

You'll find additional or improved support for the following compilers:

Clang
Clang-cl
Tasking Tricore

For the full list of supported C and C++ compilers, see C/C++ compilers supported for build integration.

Licensing

Klocwork supports Reprise License Manager (RLM).

2022 licenses are not compatible with Klocwork 2023.4 or newer. To use the latest version of the product, obtain a new license by contacting Perforce at license@perforce.com.

In this release, you'll find additional information about using RLM dongles with Klocwork. For more information, see Supported versions of RLM and Operating systems that support RLM dongles.

Changes to system requirements

In this release, support is discontinued for:

AlmaLinux 9.3
Amazon Linux 2 (2.0.20240124.0 update)
Android Studio Giraffe 2022.3.1 Patch 4, Hedgehog 2023.1.1 Patch 4, Iguana 2023.2.1 RC2
Chrome 111.x to 122.x
CLion 2023.1.6, 2023.2.3
Debian 11.9
Eclipse 4.30 (2023-12)
Fedora 39
Firefox 111.x to 122.x, 115.x ESR
Gradle 8.6
IntelliJ IDEA 2023.1.6, 2023.2.6
Jenkins 2.445
Microsoft Edge 111.x to 121.x
Oracle Linux 9 to 9.3
Red Hat Enterprise Linux 9 to 9.3
Rocky Linux 9.3
Visual Studio 2017 version 15.9.60, 2019 version 16.11.34, 2022 version 17.9.0
Visual Studio Code 1.76.2 to 1.84.1

In this release, we've ended support for:

Chrome 109.x to 110.x
Fedora 37
Firefox 107.x to 110.x
Microsoft Edge 108.x to 110.x
Visual Studio Code 1.74.3 to 1.76.1

For the complete list of supported versions, see System Requirements.

Maintenance ending for Klocwork 2022

Maintenance (including end of maintenance and end of sale) for all 2022 versions of Klocwork ends on March 31, 2024. To learn about the support available for all Klocwork releases, see the Klocwork Product Lifecycle.

Discontinuation of Klocwork Server installations in release 2023.4

Starting from release 2023.4, Klocwork Server installations have been discontinued. You can transition to a Validate installation, which is designed to provide a more streamlined and integrated experience.

When transitioning from Klocwork to Validate:

Stop your Klocwork instance and back up the projects_root directory.
During Validate install, set the projects_root directory location to your current projects_root directory.
If you are currently using non-default values for ports or license server, be sure to set the same values when you install Validate.

Discontinuation of issue grouping

Starting from Klocwork 2023.3, issue grouping is turned off by default for new projects.

To help avoid issues, turn off issue grouping before you upgrade Klocwork.