Code Security

문서 > 개발자 > Datadog IDE Plugins > Datadog Plugin for JetBrains IDEs > Code Security

이 페이지는 아직 한국어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Overview

The Code Security integration in the Datadog plugin for JetBrains IDEs promotes better security by flagging library vulnerabilities and runtime code vulnerabilities. The local code analyzer checks your code changes as you edit to detect quality and security issues prior to commit.

The feature is supported for any source code repository that is onboarded for Datadog Code Security.

Vulnerabilities

The Datadog plugin reports library and runtime code vulnerabilities by highlighting the issues directly in the source editor:

A library vulnerability highlighted in the source editor

Full details of each vulnerability are shown in the Datadog tool window in the File Insights and Project Insights tabs.

A library vulnerability shown in the Datadog tool-window

Click on the link in the Code Links section to navigate to the source location, or click on the vulnerability description to open the summary in Datadog.

Local code analysis

File editing

As you edit your source files, the Datadog plugin checks the content (locally) against a set of rules to detect and flag quality and security issues before you commit your changes.

The local analysis engine supports all the file types listed in Static Analysis Rules. Issues are shown in the source code editor with the JetBrains inspection system, and you can apply suggested fixes directly.

Static analysis violation in the source editor

Additionally, all issues detected by this feature are listed in the standard Problems view.

Analyzing multiple files

You can run the local code analysis across multiple files. In the Code menu, select Analyze Code → Run Inspection By Name… and choose Datadog Static Analysis:

Choose the scope, click OK, and review the flagged issues in the Problems view.

Configuration

The code analyzer runs automatically if you meet both of these conditions:

Your repository has been onboarded for Datadog Code Security.
You are logged in to Datadog so that the remote configuration data is available.

To see the configuration data in your IDE, run the action Show Datadog Static Analyzer Config:

Action to show the Static Analyzer configuration

You can save a local configuration file (static-analysis.datadog.yml) at the root of the repository, and its settings will be merged with the remote configuration. When there is no remote configuration available, the local configuration file is used on its own.

Using a local configuration file is a great way to try out the feature, and it works even without a Datadog login.