{"id":13418779,"url":"https://github.com/Tencent/TscanCode","last_synced_at":"2025-03-15T04:30:35.010Z","repository":{"id":29315975,"uuid":"32849372","full_name":"Tencent/TscanCode","owner":"Tencent","description":"A static code analyzer for C++, C#, Lua","archived":false,"fork":false,"pushed_at":"2023-12-25T08:33:11.000Z","size":39356,"stargazers_count":1998,"open_issues_count":55,"forks_count":589,"subscribers_count":127,"default_branch":"master","last_synced_at":"2024-10-29T17:57:55.210Z","etag":null,"topics":["cpp","csharp","lua","static-code-analysis"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Tencent.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2015-03-25T07:30:50.000Z","updated_at":"2024-10-27T16:22:00.000Z","dependencies_parsed_at":"2022-07-14T07:20:38.932Z","dependency_job_id":"ddb6a39e-7d36-4ca5-bff2-12484a83f8ab","html_url":"https://github.com/Tencent/TscanCode","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tencent%2FTscanCode","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tencent%2FTscanCode/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tencent%2FTscanCode/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tencent%2FTscanCode/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Tencent","download_url":"https://codeload.github.com/Tencent/TscanCode/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243685503,"owners_count":20330980,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cpp","csharp","lua","static-code-analysis"],"created_at":"2024-07-30T22:01:06.960Z","updated_at":"2025-03-15T04:30:35.004Z","avatar_url":"https://github.com/Tencent.png","language":"C++","readme":"# **TscanCode** \r\n\r\n![Release version](https://img.shields.io/badge/version-2.15.02-blue.svg)\r\n\r\n## A fast and accurate static analysis solution for C/C++, C#, Lua codes\r\n\r\nTencent is pleased to support the open source community by making TscanCode available.\r\n\r\nCopyright (C) 2017-2022 Tencent company and TscanCode Team. All rights reserved.\r\n\r\n## Introduction\r\n\r\nTscanCode is devoted to help programmers to find out code defects at the very beginning.  \r\n* TscanCode supports multi-language: `C/C++`, `C#` and `Lua` codes;\r\n* TscanCode is `fast` and `accurate`, The performance can be 200K lines per minute and  the accuracy rate is about 90%;   \r\n* TscanCode is `easy to use`, It doesn't require strict compiling enviroment and one single command can make it work; \r\n* TscanCode is `extensible`, you can implement your own checks with TscanCode.\r\n\r\n## Highlights in v2.15.02 (2022-04-28)\r\n* lua crash fix and more useful checkers\r\n\r\n## Highlights in v2.15.01 (2022-01-19)\r\n* lua5.4 support\r\n* a lot of bugfixes and new features\r\n\r\n## Highlights in v2.14.24 (2018-02-24)\r\n* `Rule Package` was released on GUI, easier for rule customization;\r\n* GUI supports `marking false-positive errors` now.\r\n\r\nFor other changes please refer to [change log](CHANGELOG.md).\r\n\r\nQQ group1(已满):  \r\n![TscanCode交流群群二维码](https://user-images.githubusercontent.com/2759146/165882694-5318874d-fb3d-4974-8b14-02c6beed6ffb.png)  \r\nQQ group2:  \r\n![QQ图片20231225162750](https://github.com/Tencent/TscanCode/assets/2759146/f7d3ada1-e262-4d5d-940a-f85e30b301b3)  \r\n\r\n\r\n## Compiling\r\n\r\n\r\nAny C++11 compiler should work. For compilers with partial C++11 support it may work. If your compiler has the C++11 features that are available in Visual Studio 2015 then it will work. If nullptr is not supported by your compiler then this can be emulated using the header lib/cxx11emu.h.\r\n\r\nThere are multiple compilation choices:\r\n* Windows: Visual Studio (Visual Studio 2015 and above)\r\n* Linux: g++ 4.6 (or later)\r\n* Mac: clang++\r\n\r\n### Visual Studio\r\n\r\nUse the tsancode.sln file. The file is configured for Visual Studio 2015, but the platform toolset can be changed easily to older or newer versions. The solution contains platform targets for both x86 and x64.\r\n\r\nSelect option `Release` to build release version.\r\n\r\n### g++ or clang++\r\n\r\nSimple build (no dependencies):\r\n\r\n```shell\r\nmake\r\n```\r\n\r\n## Usage at a glance\r\n\r\nThis simple example contains a potential null pointer defect. Checking if p is null indicates that p might be null, so dereferencing p `*p` is not safe outside the `if-scope`.\r\n\r\n~~~~~~~~~~cpp\r\n// func.cpp\r\nvoid func(int* p) {\r\n    if(p == NULL) {\r\n        printf(\"p is null!\");\r\n    }\r\n\r\n    printf(\"p is %d\", *p);\r\n}\r\n~~~~~~~~~~\r\n\r\nRun TscanCode:\r\n```shell\r\n./tscancode --xml func.cpp 2\u003eresult.xml\r\n```\r\nError list, result.xml:\r\n\r\n~~~~~~~~~~xml\r\n\u003c?xml version=\"1.0\" encoding=\"UTF-8\"?\u003e\r\n\u003cresults\u003e\r\n    \u003cerror file=\"func.cpp\" line=\"7\" id=\"nullpointer\" subid=\"dereferenceAfterCheck\" severity=\"error\" \r\n           msg=\"Comparing [p] to null at line 3 implies [p] might be null. Dereferencing null pointer [p].\" /\u003e\r\n\u003c/results\u003e\r\n~~~~~~~~~~\r\n\r\nThere are more examples:\r\n* [CPP samples](samples/cpp);\r\n* [C# samples](samples/csharp);\r\n* [Lua samples](samples/lua);\r\n\r\nFor now, codes under [trunk](trunk) are only for TscanCode `CPP` version, `C#` and `Lua` version are in the internal review process. Sorry for the inconvenience.\r\n\r\n","funding_links":[],"categories":["TODO scan for Android support in followings","C++","Multiple languages"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTencent%2FTscanCode","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FTencent%2FTscanCode","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTencent%2FTscanCode/lists"}