This product is not supported for your selected
Datadog site. (
).
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel,
n'hésitez pas à nous contacter.
Overview
The Code Security integration in the Datadog plugin for JetBrains IDEs promotes better security by flagging library vulnerabilities and runtime code vulnerabilities. The local code analyzer checks your code changes as you edit to detect quality and security issues prior to commit.
The feature is supported for any source code repository that is onboarded for Datadog Code Security.
Vulnerabilities
The Datadog plugin reports library and runtime code vulnerabilities by highlighting the issues directly in the source editor:
Full details of each vulnerability are shown in the Datadog tool window in the File Insights and Project Insights tabs.
Click on the link in the Code Links section to navigate to the source location, or click on the vulnerability description to open the summary in Datadog.
Local code analysis
File editing
As you edit your source files, the Datadog plugin checks the content (locally) against a set of rules to detect and flag quality and security issues before you commit your changes.
The local analysis engine supports all the file types listed in Static Analysis Rules. Issues are shown in the source code editor with the JetBrains inspection system, and you can apply suggested fixes directly.
Additionally, all issues detected by this feature are listed in the standard Problems view.
Analyzing multiple files
You can run the local code analysis across multiple files. In the Code menu, select Analyze Code → Run Inspection By Name… and choose Datadog Static Analysis:
Choose the scope, click OK, and review the flagged issues in the Problems view.
Configuration
The code analyzer runs automatically if you meet both of these conditions:
- Your repository has been onboarded for Datadog Code Security.
- You are logged in to Datadog so that the remote configuration data is available.
To see the configuration data in your IDE, run the action Show Datadog Static Analyzer Config:
You can save a local configuration file (static-analysis.datadog.yml) at the root of the repository, and its settings will be merged with the remote configuration. When there is no remote configuration available, the local configuration file is used on its own.
Using a local configuration file is a great way to try out the feature, and it works even without a Datadog login.
Read more about how to customize your configuration.
Settings
The Datadog Static Analyzer can be activated and deactivated in the IDE settings under Editor → Inspections.
Further reading
Documentation, liens et articles supplémentaires utiles:
