SonarCOBOL

SonarSource delivers what is probably the best static code analyzer you can find on the market for COBOL. Based on our own COBOL parsing technology, it uses the most advanced techniques (pattern matching, dataflow analysis) to analyze code and find code smells, bugs and security vulnerabilities. As for any product we develop at SonarSource, it was built on the following principles: depth, accuracy and speed.

SonarCOBOL has a great coverage of well-established quality standards. The SonarCOBOL capability is available in Compuware Topaz and IBM IDz for developers (SonarLint) as well as throughout the development chain for automated code review with self-hosted SonarQube or on-line SonarCloud.

Samples of Issues Detected
 
Always true condition Always true condition Always true condition
Branches same implementation Branches same implementation Branches same implementation
Collapsible if statements Collapsible if statements Collapsible if statements
Loss of data Loss of data Loss of data
Misleading indentation Misleading indentation Misleading indentation
Redefinition of paragraph Redefinition of paragraph Redefinition of paragraph
Supported Compilers, Language Standards and Operating Systems
  • COBOL-74, COBOL-85 and COBOL-2002 (partial) standards
  • Solidly tested against the following dialects: IBM OS/VS COBOL, IBM OS/VS COBOL II, IBM COBOL/400, IBM ILE COBOL, IBM Enterprise COBOL, MicroFocus COBOL, AcuCobol-GT, Bull GCOS, HP Tandem and COBOL-IT.
  • Analysis of DB2 SQL and CICS statements embedded inside COBOL.
  • Ability to automatically flag code generated by COBOL code generators like CA-Telon.
  • Microsoft Windows, Linux and Mac OS X for runtime environment
Custom Rules

SonarCOBOL provides the ability to write custom rules.

Use in enterprise edition

See all editions


Issue Tracker


Related Content