SonarSource delivers what is probably the best static code analysis you can find on the market for COBOL. Based on our own COBOL parsing technology, it uses the most advanced techniques (pattern matching, dataflow analysis) to analyze code and find Code Smells, Bugs, and Security Vulnerabilities. As with everything we develop at SonarSource, it was built on the principles of depth, accuracy, and speed.
SonarSource's COBOL analysis has a great coverage of well-established quality standards. This capability is available in Compuware Topaz and IBM IDz for developers (SonarLint) as well as throughout the development chain for automated code review with self-hosted SonarQube or cloud-based SonarCloud.
- COBOL-74, COBOL-85 and COBOL-2002 (partial) standards
- Solidly tested against the following dialects: IBM OS/VS COBOL, IBM OS/VS COBOL II, IBM COBOL/400, IBM ILE COBOL, IBM Enterprise COBOL, MicroFocus COBOL, AcuCobol-GT, Bull GCOS, HP Tandem and COBOL-IT.
- Analysis of DB2 SQL and CICS statements embedded inside COBOL.
- Ability to automatically flag code generated by COBOL code generators like CA-Telon.
- Microsoft Windows, Linux and Mac OS X for runtime environment
SonarSource's COBOL analysis provides the ability to write custom rules.