Code review in RAM
Is there any code review/analysis policy in RAM that could be used to validate published source code assets?
|
3 answers
What kind of analysis are you looking for?
Mostly Code/Security analysis are driven by a build process, and the results are published with the packaged source/build. For src. elements like XML schemas, WSDL and such (published from an IDE), RAM 7.5.1 has the Service Policy (part of the SOA library). |
I'm looking for security/coding standard/compliance analysis.
Yes, I know it's something that would typically be done in the build process, but people are asking me if I could also do it in RAM. Initially I tought about a custom policy that could call some Rational Software Analyser validation for example. Thank you Paulo |
Yes.
You can certainly initiate this kind of process through a life cycle. E.g., as an integration build is published to RAM, a policy instigate an automation process that fetch the published asset, drives various scans/tests, and publishs the results back to RAM while voting - approve, reject. Reviewers will be notified ... |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.