SonarSource delivers what is probably the best static code analyzer you can find on the market for COBOL. Based on our own COBOL parsing technology, it uses the most advanced techniques (pattern matching, dataflow analysis) to analyze code and find code smells, bugs and security vulnerabilities. As for any product we develop at SonarSource, it was built on the following principles: depth, accuracy and speed.
SonarCOBOL has a great coverage of well-established quality standards. The SonarCOBOL capability is available in Compuware Topaz and IBM IDz for developers (SonarLint) as well as throughout the development chain for automated code review with self-hosted SonarQube or on-line SonarCloud.
- COBOL-74, COBOL-85 and COBOL-2002 (partial) standards
- Solidly tested against the following dialects: IBM OS/VS COBOL, IBM OS/VS COBOL II, IBM COBOL/400, IBM ILE COBOL, IBM Enterprise COBOL, MicroFocus COBOL, AcuCobol-GT, Bull GCOS, HP Tandem and COBOL-IT.
- Analysis of DB2 SQL and CICS statements embedded inside COBOL.
- Ability to automatically flag code generated by COBOL code generators like CA-Telon.
- Microsoft Windows, Linux and Mac OS X for runtime environment
SonarCOBOL provides the ability to write custom rules.