Get the full release notes, download instructions, and upgraded licenses.
- Helix QAC 2024.3October 2024
- Helix QAC 2024.2July 2024
- Helix QAC 2024.1April 2024
- Helix QAC 2023.4January 2024
- Helix QAC 2023.3September 2023
- Helix QAC 2023.2July 2023
- Helix QAC 2023.1April 2023
- Helix QAC 2022.4January 2023
- Helix QAC 2022.3October 2022
- Helix QAC 2022.2July 2022
- Helix QAC 2022.1April 2022
- Helix QAC 2021.3November 2021
- Helix QAC 2021.2July 2021
- Helix QAC 2021.1March 2021
- Helix QAC 2020.2November 2020
- Helix QAC 2020.1May 2020
- Helix QAC 2019.2November 2019
- Helix QAC 2019.1May 2019
- Helix QAC 2.4November 2018
What's New in Helix QAC 2024.3
Helix QAC 2024.3 ships with new Qt-based installers for Windows and Linux and enhanced support for Validate SAML/OIDC authentication. This release also includes improvements to Dataflow robustness for certain environments, and many Quality of Life enhancements throughout the product.
C++ Analysis Enhancements
This release improves the efficiency of analysis related to pointer arithmetic, resulting in reduced analysis time for selected projects with certain files that contain a very large number of functions.
Validate Platform Improvements and Functionality
Enhanced support for Validate SAML/OIDC authentication in the Helix QAC GUI and IDE plugins.
Dataflow
Improved Dataflow robustness in memory-constrained environments.
Installers
Installers have been updated to a Qt installer framework-based packages improved user experience.
- The legacy installer (with .run extension) for Linux is still provided and required for headless installers (i.e., a Linux installation that lacks graphic libraries, or on older operating systems such as RHEL 7).
- The command line options for unattended/silent installations have changed and additional details can be found in the documentation.
Quality of Life Enhancements
Settings
- Common settings specified when installed as an administrator are propagated to all users.
Auto CCT Generation
- The source language (C or C++) for Auto CCT projects is pre-selected based on the project configuration.
- Auto CCT corrections and additions.
Eclipse IDE Plugins
- Support for newer Eclipse version with Eclipse IDE plugin.
GUI
- Support for the latest C++ keywords/types in GUI syntax highlighter.
Reports
- Function names included in Helix QAC reports have the complete function signature for improved readability and consistency.
Documentation
- Various enhancements to analysis message documentation.
Validate
- The speed of build uploads to Validate has been improved.
Important Changes in Helix QAC 2024.3
End-of-Life Announcements
End of Support for CentOS Linux 7 and RHEL 7
As of Helix QAC 2024.3, support for CentOS Linux 7 and RHEL 7 has been deprecated. The legacy installer is required to install on CentOS Linux 7/RHEL 7.
Jenkins Plugin End-of-Life
As of Helix QAC 2024.3, the Jenkins plugin has been deprecated. The plugin will remain in the Jenkins plugin directory but the corresponding page will be updated to indicate the deprecated status.
Deprecation of Structure 101 Integration
As of 2024.3, the integration between Helix QAC and Structure 101 is deprecated and no longer supported.
Installer Changes
Qt Installer Framework
As of 2024.3, the installers have been updated to Qt Installer Framework based packages. As a result, the commands for installation and removal for silent/unattended installs have changed and any scripts used for automation would need to be updated.
What's New in Helix 2024.2
Helix QAC 2024.2 brings new features and functionality that add flexible options to the development process. Users get full CI/CD integration support with Validate via the new Delta Analysis — providing easy management of change-based analysis results for merge requests and pull requests. Additional improvements include new functionality for analyzing projects that use multiple compilers within the build process, better support for C++20 and C23 language features, and Helix QAC severities support in Validate (including user messages).
New Analysis Options
CI Analysis License
From 2024.2, Helix QAC provides integration with Validate for managing results from CI/CD analysis to identify potential defects introduced by new changes relative to the last full analysis. Helix QAC’s analysis for CI/CD pipelines capability enables your organization to identify and communicate errors faster, without waiting for nightly builds.
Flexible Server Analysis License
Helix QAC 2024.2 introduces a new Server Analysis license that provides maximum deployment and analysis flexibility when used in conjunction with Validate. Work beyond the desktop: results are integrated and published to Validate in a centralized store of analysis data, trends, metrics, and more for users to access across the organization.
Contact sales for details regarding the new licenses required for the CI builds functionality and flexible server analysis options with Helix QAC/Validate.
Validate Platform Improvements and Functionality
The Continuous Security and Code Compliance Platform provides functional safety, security, reliability, and quality assurance for embedded and mission-critical applications. In this release, Validate integration enhancements include:
- Support for CI builds with Validate
- Updated licensing for analysis on a server and uploading results to Validate
- Added initial support for modern authentication with Validate with the QAC command line tools
- Improved handling of QAC message severities in Validate
Language Feature Support
C++20
This release adds improved language feature support for:
- Allow requires-clause-opt for the member function of a lambda-expr
- ‘typename’ optional in several commonplace contexts
- Template parameter lists for generic lambda
- Char8_t type
C23
This release adds initial language feature support for:
- C23 enhanced enumerations
- constexpr aggregates
Multi-Compiler Project Support
Helix QAC now provides the ability to configure analysis settings for projects that use multiple compilers.
- Added support for projects with multiple CCTs in the Visual Studio and Eclipse plugins
Support Multiple Project Creation from a Build
Automated creation of Helix QAC projects to split complex projects with multiple linkable entities.
Dataflow
Added Dataflow modeling of floating-point values for selected analysis.
Coding Standards Coverage (CWE, MISRA C++:2023®)
Improved enforcement of rules and directives for the following compliance modules:
CWE for C and C++ Related to NIST 500-268 Requirements
- CWE-80, CWE-89
- Improved analysis for CWE-321
MISRA C++:2023
- Enforced Dir 0.3.1 to complete 100% coverage of all rules and directives
- Improved analysis for Rule 6.2.3
Quality of Life Enhancements
Improved Support for Additional Compilers
- Microchip xc8/xc8cc version 2.4x
- Green Hills cxtri
- Improved support for Clang 15-17 with C++ 17/20
- Improved handling of standard library headers with gcc and C++20
Rocky Linux 9
- Added support for Rocky Linux 9
Plugins
- Improved support for the latest Eclipse versions (2024-03) with the Eclipse plugin
CLI
- New CLI commands including:
- qacli project roots
- qacli validate build (require p4baseline license feature)
- qacli validate cibuild (require p4ci license feature)
- Modified CLI commands including:
- qacli project create –auto-cct
- qacli config license-server –check -P
- Dataflow feedback via CLI
GUI
- Streamlined/easier creation of Auto CCT projects
Important Changes in Helix QAC 2024.2
End-of-Life Announcements
QACLI Admin Command Deprecation
The following commands have been deprecated for 'qacli admin' and will be removed in a future release:
--set-project-root, --unset-project-root, -- list-project-roots, --set-source-code-root
Pre-Announcements
End of Support for CentOS Linux 7 and RHEL 7 - Helix QAC 2024.3
CentOS Linux 7 is end-of-life and RHEL 7 is end-of-maintenance as of June 30, 2024 and support for the operating systems will be deprecated in 2024.3.
Jenkins Plugin End-of-Life - Helix QAC 2024.3
This is a pre-announcement to inform customers of our plans to deprecate the Helix QAC custom Jenkins plugin in 2024.2 and discontinue shipping it with releases from 2024.3.
Windows Installer Changes - Helix QAC 2024.3
From 2024.3, the Windows installer will be updated from an InstallShield based package to a Qt Installer Framework based package. As a result, the commands for installation and removal for silent/unattended installs will change and any scripts used for automation would need to be updated.
What's New in Helix QAC 2024.1
Helix QAC 2024.1 ships with improved support for C++20 & C23 language features and new functionality for analyzing projects that use multiple compilers. Additionally, Validate provides user experience enhancements to search functionality, role permissions, and includes a new issue list CSV download option.
This release also includes expanded enforcement of CWE for C/C++, HKMC for C, and MISRA C++:2023® compliance modules, and many general Quality-of-Life enhancements.
Language Enhancements
C++20
This release adds improved language features support for:
- C++20 concepts
- C++20 abbreviated function templates
C23
This release adds initial language feature support for:
- C23 constexpr when -c23constexpr is set
In addition to expanded language feature support, improvements have been made to enhance the user experience with GCC versions 12 & 13 and MSVC 2022.
Multi-Compiler Project Support
Helix QAC now provides the ability to configure analysis settings for projects that use multiple compilers.
- Supports multiple CCTs per-language in a project.
- Provides consistent analysis results, reducing the likelihood of false positives or negatives across various compiler environments.
- Allows for greater flexibility of cross-platform development projects needing static analysis.
- Helps to identify compiler specific issues.
- Allows developers greater toolchain flexibility in compiler selection for projects.
New Validate Platform Improvements and Functionality
Download Issue List as CSV
The new CSV download button available at the top of the Issues page will download a list of defects based on the current search query in Validate. For additonal issue information such as line number, comment, and justification, you require a subscription to the Validate Advanced Compliance Reporting package.
Expanded Search
Regular Expression (RegEx) search capabilities for Validate Modules provides increased support for the use of * and ** wildcard characters when specifying paths to your file system. See modules documentation for more information.
New Role Permission
Added change issue owner permission that provides the ability to allow users to change issue owner without being able to change issue status.
Preserve License Logs for Audit Purposes
You can now keep logs for auditing purposes, by appending the logs to your license server license.report.log file instead of overwriting the file after the server restarts. To learn about the append.license.logging setting, see validate service.
Coding Standards Coverage (CWE, HKMC, MISRA C++:2023®)
Improved enforcement of rules and directives for the following compliance modules:
CWE for C and C++ related to NIST 500-268 Requirements
- CWE-259, CWE-412, CWE-367, CWE-99, CWE-321
HKMC for C
- C-MSC-011
MISRA C++:2023
- Dir 0.3.2
Quality of Life Enhancements
Improved Support for Additional Compilers with Auto CCT Generation
- Keil armcc
- Improved support for Clang 12
- GCC 12/13
- MSVC 2022
- 'qainject' is now the default sync method
Performance
- General reduction in analysis time for constructs that involve large amounts of branching.
libc++
Enhancements made to improve support for libc++ standard library.
- Added -iso646keywords option matching -fno-operator-names behavior.
- When enabled, the alternative keyword names for operators are not used.
Compiler Extensions
- The C "compound literal" feature is now supported as an extension by QAC++.
Symbolic References
- Improved support for VCS and non-VCS created symlinks.
Visual Studio and Eclipse IDE Plugins
- General stability improvements
CLI
- New commands for ‘qacli project’;
- create, modify, upgrade, config-file
Operating Systems
- Support for Ubuntu Linux 22.04
Important Changes in Helix QAC 2024.1
QACLI Admin Command Deprecation
The following commands have been deprecated for 'qacli admin' and will be removed in a future release:
- --qaf-project-config, --upgrade, --create-config-file, --edit-config-file, --list-config-files
Compliance Module Directory Change
Reminder: As of Helix QAC 2023.4, the tool no longer reads Compliance Modules from the old "PRQA" directories. Compliance Modules will only be read from “Perforce” file directory equivalents.
The following are the now obsolete file directories:
- %LOCALAPPDATA%\PRQA\installed_components.ini
- %PROGRAMDATA%\PRQA\installed_components.ini
- ${HOME}/.config/PRQA/installed_components.ini
- /etc/prqa.d/installed_components.ini
License Management Changes
A new installer for a RLM v15.1 server is made available together with the Helix QAC 2024.1 release. This server version is mandatory if using Helix QAC with Validate 2024.1 and optional otherwise.
What's New in Helix QAC 2023.4
Helix QAC 2023.4 launches 100% MISRA C++:2023® rule coverage for the new MISRA C++:2023 guidelines. This release also includes extended C++20 language support, performance improvements to Dataflow analysis, and many Quality-of-Life enhancements throughout the product.
Enhanced C++20 Support
This release adds language feature support for:
- requires-clause constraints for template parameter lists and function declarations
- Non-type-constrained abbreviated-function-template declarations
Improved Dataflow Performance with Caching
- Reduced Dataflow analysis time for incremental analysis with solver caching
- Testing of selected projects showed reduction in analysis time of more than 50% from the second analysis run
- Dataflow is also able to complete more analysis within the function timeout period with caching
Enhanced GNU and ISO C Arithmetic Type Support
- Improvements made to QAC's handling of literals and arithmetic types to significantly improve support for the under-used areas of the language around complex types, vendor extension types, and complex expressions with unusual operators
Coding Standards Coverage (MISRA C++:2023®, HKMC, CERT)
MISRA C++:2023
Helix QAC releases 100% enforcement coverage for MISRA C++:2023 rules with the new MCPP Compliance Module available for 2023.3 and 2023.4.
Updated Compliance Modules
- HKMC mapping updates
- CERT categories for severity, priority, and levels have been added
- Improvements for the Japanese translations of rules for MISRA C:2023 Compliance Module
- Improved enforcement of selected standards:
- MISRA C:2023 rules 9.3, 10.3, 10.5
- AUTOSAR rules A3-8-1. AV-1-2
- MISRA C++ rule 6-2-2
Framework
- Improved tracking of macro expansion and template instantiation history to assist diagnosis of issues
- Enhanced comment-based suppressions engine to allow multiple deviation reasons per line
Quality of Life Enhancements
Support for Additional Compilers with Auto CCT Generation
- Synopsys Metaware
- Cadence Tensilica
- TI C6000
- Qualcomm Hexagon
- Clang 15
- Embarcadero BCC64
Visual Studio Code IDE Plugin
- Improvements to VS Code plugin for supporting remote analyzer execution
Visual Studio and Eclipse IDE Plugins
- General stability improvements
Validate
- Support to create Validate projects from CLI and GUI
CLI
- New qacli view option to output rule violation details
- Enhanced %K category specifier to allow easier mapping to rule
- Graceful failure where no HOME environment variable is present
GUI
- New context menu item in projects list to open project location
- Filename search in tree view panel
- New context menu item to open preprocessed source for selected file
- Jump to preprocessed source file from the source code
Important Changes in Helix QAC 2023.4
Compliance Module Directory Change
As of Helix QAC 2023.4, the tool no longer reads Compliance Modules from the old "PRQA" directories. Compliance Modules will only be read from “Perforce” file directory equivalents.
The following are the now obsolete file directories:
- %LOCALAPPDATA%\PRQA\installed_components.ini
- %PROGRAMDATA%\PRQA\installed_components.ini
- ${HOME}/.config/PRQA/installed_components.ini
- /etc/prqa.d/installed_components.ini
What's New in Helix QAC 2023.3
Helix QAC 2023.3 anticipates 100% MISRA C++:2023® rule coverage for the new MISRA C++® guidelines expected to be published in Q4 2023.
In addition, this release includes extended C++20 language support and makes improvements to the Perforce Validate platform and integration of Helix QAC with Validate, including other quality of life and performance enhancements.
Coding Standards Coverage (MISRA C++:2023®, MISRA C:2023®)
MISRA C++:2023®
Helix QAC anticipates 100% enforcement coverage for MISRA C++:2023.3 guidelines, which are expected to be published in Q4 2023.
- The new M2CPP compliance module, which will enforce MISRA C++:2023, for use with Helix QAC 2023.3, will be available when the new standard is published.
MISRA C:2023®
Helix QAC provides 100% enforcement coverage for MISRA C:2023, which consolidates MISRA C:2012 with all four amendments and two technical corrigenda into a single, comprehensive edition.
- The M3CM compliance module has improved enforcement for Rule 8.3.
C++20 Language Support
This release adds language feature support for:
- requires-expressions — Introduced with C++20 Concepts and can be used to determine the validity of a construct without resulting in a compiler error.
Perforce Validate
The Continuous Security & Code Compliance Platform provides functional safety, security, reliability, and quality assurance for embedded and mission-critical applications.
The Validate platform provides a centralized store of analysis data, trends, and configurations for codebases across the organization, providing a single pane of glass for all Perforce Static Analysis products.
2023.3 provides:
- Support for projects using multiple compliance modules — improved analysis results when a project is enforcing additional coding standards, rules, or vulnerability types.
- Validate, Reports, Plugins, and GUIs also include changes to reflect the new support for multiple compliance modules within a project.
Quality of Life Enhancements
Installers
- Zip/tar archives are provided for Helix QAC and compliance modules which can be used as an alternative to the installers, providing further product deployment, maintenance, and upgrade flexibility.
Auto CCT Generator
- Added support for automatic CCT generation when using sync types: INJECT, MONITOR, and MSVS.
- Resolved issues with several existing supported compilers.
Dataflow
- Improved dataflow processing to use less memory and improve stability on machines with limited memory or swap storage.
- GUI
- Improved support for 4K displays when using the GUI
Plugins
VS Code
- Run analysis on file save
- Enhancements to access help with QAC running remotely*
- *Note: a diaglist license is required
Visual Studio
- Improvements to align to GUI elements for continued integration with Validate
Eclipse
- Improvements to align GUI elements for continued integration with Validate
Operating Systems
- Support for Windows 11
What's New in Helix QAC 2023.2
Helix QAC 2023.2 delivers 100% MISRA C:2012 and MISRA C:2023 rule coverage, and updates the corresponding compliance module to refer to MISRA C:2023.
In addition, this release includes improved C23 language support, improvements to the Validate platform and integration of Helix QAC and Validate, and other quality of life enhancements.
Coding Standards Coverage (MISRA C:2012, MISRA C:2023, and CWE)
MISRA C:2012, 2023
Helix QAC provides 100% enforcement coverage for MISRA C:2012 AMD 4 and MISRA C:2023, which consolidates previous revisions, amendments, and technical corrigenda of the guidelines into a single, comprehensive edition. MISRA C:2023 was recently published this year.
- The M3CM compliance module has been updated to refer to MISRA C:2023.
CWE
CWE C and C++ Compliance Modules align with the latest version of CWE 4.11.
Perforce Validate
The continuous Security and Code Compliance Platform provides functional safety, security, reliability, and quality assurance for embedded and mission-critical applications.
Validate is the replacement for our "Dashboard" product and has also been known as QAC-Verify in the past. This new platform allows customers to have a single source of results for Helix QAC and Klocwork.
The Validate platform provides a centralized store of analysis data, trends, and configurations for codebases across the organization, providing a single pane of glass for all Perforce Static Analysis products.
2023.2 provides:
- Support for Helix QAC metrics in Validate.
- Updated Helix QAC Visual Studio plugin supporting integration with Validate.
- Full support for Helix QAC custom messages in Validate.
C23 / C++23 Language Support
This release adds language feature support for:
- C23 digit separators
- C23 / C++23 #elifdef, #enlifndef and #warning directives
Quality of Life Enhancements
CLI
- Allow sync of diagnostics and suppressions to be enabled/disabled
- New format specifier %M to output Rule Group Name and Rule ID
GUI
- Allow customization of RCF name and version
- Allow sync of diagnostics and suppressions to be enabled/disabled
HIS Metrics
- This release features a Helix QAC enhancement to directly generate compound HIS metrics (which were previously calculated in the report scripting).
Important Changes in Helix QAC 2023.2
License Management Changes
A new installer for a RLM v15 server is made available together with the Helix QAC 2023.2 release. This server version is mandatory if using Helix QAC with Validate 2023.2 and optional otherwise.
MISRA C++ 2023 — Early Release of New Compliance Module Available for Preview
The MISRA consortium is expected to publish MISRA C++ 2023 coding guidelines later this year. A new compliance module will be introduced to enforce the new standard once it is published. With 2023.2, an early release of the compliance module, which provides 98% enforcement of rules that have been finalized so far, is available for preview upon request. Please contact your Perforce account representative to find out more.
What's New in Helix QAC 2023.1
Helix QAC 2023.1 ships with 100% rule coverage for MISRA C:2012 AMD4 and MISRA C:2023, and 96% coverage for AUTOSAR C++ 14. It also updates compliance modules for the latest version v4.10 of CWE.
In this release there are also major improvements to the integration of Helix QAC and the Validate Platform providing software insight across projects and Perforce Static Analysis products.
Coding Standard Coverage (MISRA C:2012 AMD4, MISRA C:2023, AUTOSAR, and CWE)
Enforce the Motor Industry Software Reliability Association (MISRA) software development guidelines for the C programming language. These guidelines aim to facilitate code safety, security, portability, and reliability in the context of embedded systems.
- 100% MISRA C:2012 enforcement coverage of Amendment 4 including new rules and 3 directives plus updates for existing guidelines.
- The new guidelines cover additional C11/18 features including use of the standard library for Threads and Atomics plus new rules for existing features.
Helix QAC also has 100% coverage for MISRA C: 2023, which consolidates previous revisions, amendments, and technical corrigenda of the guidelines into a single, comprehensive edition. MISRA C: 2023 will be published later in the year.
AUTOSAR
AUTOSAR C++ 14 coverage has been increased to 96%.
CWE
Updated CWE C and C++ Compliance Modules to align with latest version of CWE 4.10.
Perforce Validate
The Continuous Security & Code Compliance Platform provides functional safety, security, reliability, and quality assurance for embedded and mission-critical applications.
The Validate platform provides a centralized store of analysis data, trends, and configurations for codebases across the organization providing a single pane of glass for all Perforce Static Analysis products.
2023.1 provides improved integration between Helix QAC and Validate Platform.
- Synchronized issue suppression statuses with Validate connected projects
- Desktop GUI and Eclipse IDE plugin
- Project Baseline Support for latest build
- Streams functionality provides management and efficient reporting of variants, branches, and releases for a single code base.
- Improved MISRA compliance reports generated using Validate and QAC GUI/CLI Diagnostic consistency between Helix QAC desktop tools and Validate
- Upload performance improvements
- WebAPI functionality for integration with other tools and processes across the SDLC
Quality of Life Enhancements
CLI
- Validate Baseline support for latest build (qacli baseline)
- Validate dependency checking and the ability to ignore (qacli upload)
- Synchronization of suppressions
GUI
- Validate dependency checking and the ability to ignore
- Synchronization of suppressions to the desktop
- Improvements to MISRA Compliance Report and Standards Compliance Report
Eclipse IDE Plugin
- Validate connectivity support within the IDE plugin
RCMA
- Analysis memory use and efficiency improvement
Important Changes in Helix QAC 2023.1
End of Life Announcements
CCT Generator End-of-Life in 2023
Helix QAC 2023.1 will no longer support the legacy standalone CCT Generator.
The ‘qainject’ tool introduced in Helix QAC 2021.3 will replace the current CCT Generator. As a result, CCTs generated using the legacy tool will be deprecated and no longer supported.
Removal of Unsupported Static CCTs from the QAC Package
With improved build monitoring for a wide range of compilers using auto CCT generation with ‘qainject’, the majority of static CCTs that have previously been included in the Helix QAC package will be removed by 2023.1. The auto generated CCTs are expected to provide more accurate analysis results compared to using a static default CCT. All static CCTs have been removed apart from those for the GNU GCC, Visual Studio, and generic compilers.
What's New in Helix QAC 2022.4
Helix QAC 2022.4 ships 100% rule coverage for MISRA C:2012 AMD3, dataflow separated into a new component providing improved analysis performance, and upgraded language support for C++20 and C23.
In addition, this release includes Japanese localization for the TS 17961 C Secure Compliance module, improved compiler support, and general quality of life improvements for various Helix QAC components.
Dataflow Component
In 2022.4, Dataflow has been separated from the QAC/QAC++ engine into its own component. This change provides:
- Improved performance of Dataflow analysis for large projects.
- Inter-TU analysis is internalized in dataflow, and two analysis passes are no longer necessary.
- Functions defined in header files are analyzed once per project.
- Dataflow diagnostics are reported against the 'dataflow' component instead of 'qac' or 'qacpp'.
- Dataflow is a separate component in the analysis toolchain with its own configuration options.
Coding Standard Coverage (MISRA C:2012 AMD3, TS 17961 C Secure)
New MISRA C:2012 Amendment 3 Compliance Module for C with 100% rule coverage
- Enforce the Motor Industry Software Reliability Association (MISRA) software development guidelines for the C programming language. These guidelines aim to facilitate code safety, security, portability, and reliability in the context of embedded systems.
- Additional rules related to the new C11/C18 features.
TS 17961 C Secure
The TS 17961 C Secure Compliance Module (SECCCM) now has a full Japanese translation.
C++20 Language Support
This release adds improved compatibility with C++20 language feature usage including handling of GCC headers in C++20 mode.
C23 Language Support
This release adds C23 language feature support for:
- Relax requirements for variadic parameter lists, paper N2975.
Improved Build Process Monitoring
This release features improvements to the automated CCT generation using ‘qainject’, which streamlines build comprehension and compiler setup, and additional guidance has been provided in the manual for creating custom filters to use with new compilers based on supported compilers e.g. GNU-based compilers.
Quality of Life Enhancements
CLI
- Added the ability to view diagnostics since baseline (qacli view).
- Filter diagnostics by suppression type (qacli view --suppression-filter <type>).
- Output CMA diagnostics in several formats: NONE, MULTIPLE, SINGLE (qacli view --multi-homed-format).
- Enable users to upgrade existing projects to be compatible with separated Dataflow component (qacli admin --upgrade).
GUI
- Dataflow component support.
Dashboard
- Dataflow component support.
Microsoft Visual Studio 2022 IDE Plugin
- Support for multiple Helix QAC installs with VS 2022 extension.
Important Changes in Helix QAC 2022.4
Pre-Announcements
CCT Generator End-of-Life in 2023
Helix QAC 2023.1 will no longer support the legacy standalone CCT Generator.
The ‘qainject’ tool introduced in Helix QAC 2021.3 will replace the current CCT Generator. As a result, CCTs generated using the legacy tool will be deprecated and no longer supported.
Removal of unsupported static CCTs from the QAC package
With improved build monitoring for a wide range of compilers using auto CCT generation with ‘qainject’, the majority of static CCTs that have previously been included in the Helix QAC package will be removed by 2023.1. The auto generated CCTs are expected to provide more accurate analysis results compared to using a static default CCT. The intention is to remove all CCTs apart from those for the GNU gcc, Visual Studio, and generic compilers.
What’s New in Helix QAC 2022.3
Helix QAC 2022.3 introduces support for Microsoft Visual Studio 2022, a new compliance module for BARR-C:2018, and upgraded language support for C++20 and C23.
In addition, this release includes broader compiler support and general quality of life improvements for various CLI commands.
Microsoft Visual Studio 2022 IDE Plugin
Use the new Visual Studio 2022 desktop analysis plugin to quickly and easily detect and then fix issues before check-in.
This new IDE extension supports desktop analysis of Helix QAC within MS Visual Studio for C/C++:
- Analyze code, view, and filter results.
- Localization for English and Japanese.
- Support for cross-module analysis and suppressed messages.
- Diagnostic message help.
- Logging and output messages.
Coding Standard Coverage (BARR-C:2018, MISRA C:2012 AMD3)
New BARR-C:2018 Compliance Module for C with 83% automated rule coverage.
Enforce Barr Group’s Embedded C Coding Standard to minimize bugs in firmware while improving the maintainability and portability of embedded software.
New MISRA C:2012 Amendment 3 Compliance Module with 100% rule coverage.
Upgraded C++20 Language Support
This release adds C++20 language feature support for:
- Default member initializers for bit-fields.
- Layout-compatibility and pointer-interconvertibility traits.
- Supports g++ 11 and Visual Studio 2022.1 in C++ 20 mode.
Upgraded C23 Language Support
This release adds C23 language feature support for:
- Unicode identifiers in source code, both directly specified as characters and via Universal Character Names, and accompanied by checking for UAX#31 valid identifier rules.
- Type inference for object definitions. A new option enables C23 semantics for the auto storage class specifier to infer the type of an object from its initializer (this may change behavior of existing code, so C17 semantics remain the default), while the GNU C __auto_type specifier remains unconditionally available.
- typeof_unqual (via __typeof_unqualified__).
Improved Build Process Monitoring
This release features automated CCT generation using ‘qainject’, which streamlines build comprehension and compiler setup.
In addition, functionality has been improved to provide a user-friendly project and compiler setup for the following common compilers:
- Green Hills 2018-2022
- Visual Studio 2022
- Wind River Diab v7
- TI tiarmclang (C++98/03)
- GNU assembler cc1/cc1plus
Quality of Life Enhancements
CLI
Separation of qacli admin commands to new standalone qacli config commands:
- component path commands into "qacli config component-path".
- cpu command into "qacli config cpu".
- language commands into "qacli config language".
- license server commands into "qacli config license-server".
Additionally, the Dashboard token commands have been separated into “qacli auth.
Important Changes in Helix QAC 2022.3
Ongoing ‘qacli admin’ Changes
There are a large number of options associated with the ‘qacli admin’ sub-command, and these have been separated into new config and auth sub-commands covering the configuration of the system and projects.
The corresponding ‘qacli admin’ options will be deprecated as new sub-commands are added and removed in a future release. These changes will improve the usability of the CLI, enable more consistent use of short options and default values, and enhance the readability of the associated help pages.
Included in the release notes are details for the ‘qacli admin' options that have been deprecated in 2022.3, and the full list of previously deprecated commands is included in the Helix QAC manual.
Pre-Announcements
CCT Generator End-of-Life in 2023
Helix QAC 2023.1 will no longer support the legacy standalone CCT Generator.
The ‘qainject’ tool introduced in Helix QAC 2021.3 will replace the current CCT Generator. As a result, CCTs generated using the legacy tool will be deprecated and no longer supported.
Removal of Unsupported Static CCTs from the QAC Package
With improved build monitoring for a wide range of compilers using auto CCT generation with ‘qainject’, the majority of static CCTs that have previously been included in the Helix QAC package will be removed by 2023.1. The auto generated CCTs are expected to provide more accurate analysis results compared to using a static default CCT. The intention is to remove all CCTs apart from those for the GNU gcc, Visual Studio, and generic compilers.
Upcoming Separation of Dataflow in 2022.4
In 2022.4, Dataflow is planned to be separated from the QAC/QAC++ engine into its own component. The main differences are:
- Improved performance of Dataflow analysis for large projects.
- Dataflow will become a separate component in the analysis toolchain with associated configuration options.
- Dataflow diagnostics will be reported against their own component instead of 'qac' or 'qacpp'.
- Inter-TU analysis will be internalized in dataflow, and two analysis passes will no longer be necessary.
What’s New in Helix QAC 2022.2
Helix QAC 2022.2 delivers greater C++ 20 language feature support, updated compliance modules for MISRA and HKMC, along with new configuration options for improved analysis results when dealing with STL headers, third-party/external source code, and more.
In addition, this release includes broader compiler support and general quality of life improvements for various plugins, CLI commands, and the QAC GUI.
Upgraded C++20 Language Support
This release adds C++20 language feature support for:
- Consteval
- Constinit
- Explicit(bool)
- Three-way comparison operator
- Using enum
Coding Standard Coverage
Improved MISRA C:2012 AMD2 Coverage
MISRA C:2012 compliance module mapping and categorization have been improved.
Updated HKMC Compliance Module for C/C++
HKMC compliance module has been updated to reflect HKMC v4.1 category and wording changes.
Improved Build Process Monitoring
This release features automated CCT generation using ‘qainject’ streamlines build comprehension and compiler setup.
In addition, functionality has been improved to provide a user-friendly project and compiler setup for the following common compilers:
- Texas Instruments Code Composer – v11, ArmClang
- IAR Embedded Workbench
- TASKING
- Renesas
- ARM – ArmClang
- Wind River Diab (C++11/14)
Partial Quieting of Headers for Improved Analysis
The features improvements to Dataflow analysis. For example, code that uses types defined in the STL headers to reduce potential false positives/negatives. This is enabled through the use of a new analysis option, QuietExtended, which provides greater control over analysis of function definitions appearing in header files.
If a file is:
- Quieted, the contents will be analyzed for parser errors, and any function definitions will be ignored.
- QuietExtended, function definitions will be parsed if they are used from a non-quieted location.
- Non-quieted, all definitions will be analyzed.
Framework Improvements
Improved Handling of Third-Party/External Source Code
- Provides a means to specify elements of a code base that are from third parties and would not be modified directly, to allow results to be filtered from reporting.
- Files/folders marked as third-party are highlighted in the desktop GUI.
- The results of an analysis can be filtered to only show cross-module analysis.
- Compliance reports can highlight results for third-party code.
- Third-party source code is not uploaded to Dashboard.
Improvements for Setting Additional Component Options on a per File/Directory Basis
- Settings will be retained after a sync.
- Eclipse and Visual Studio plugins were updated to provide the same functionality as desktop GUI to enable additional options to be set.
- Per file message enabling/disabling.
Quality of Life Enhancements
GUI
- Sorting of Messages and Files in GUI.
- Improved feedback for read-only files.
CLI
- Additional qacli report output on success or failure.
Plugins
- Microsoft Visual Studio
- Analysis Options per folder/file.
- CLI installation/removal for the plugin.
- Disable Dashboard/S101 menus if a component is not installed.
- Eclipse
- Sorting of Messages and Files in Eclipse.
- Analysis Options per folder/file.
- CLI installation/removal for the plugin.
- Disable Dashboard/S101 menus if a component is not installed.
Important Changes in Helix QAC 2022.2
Ongoing ‘qacli admin’ Changes
There are a large number of options associated with the ‘qacli admin’ sub-command and these will be separated into several new sub-commands covering the configuration of the system and projects.
The corresponding ‘qacli admin’ options will be deprecated as new sub-commands are added and removed in a future release. These changes will improve the usability of the CLI, enable more consistent use of short options and default values, and enhance the readability of the associated help pages.
Included in the release notes are details for the ‘qacli admin' options that have been deprecated in 2022.2 and the full list of previously deprecated commands is included in the Helix QAC manual.
Pre-Announcements
CCT Generator End-of-Life in 2023
Helix QAC 2023.1 will no longer support the legacy standalone CCT Generator.
The ‘qainject’ tool introduced in Helix QAC 2021.3 will replace the current CCT Generator. As a result, CCT’s generated using the legacy tool will be deprecated and no longer supported.
Upcoming Separation of Dataflow in H2 2022
In H2 2022, Dataflow is planned to be separated from the QAC/QAC++ engine into its own component. The main differences are:
- Improved performance of Dataflow analysis for large projects.
- Dataflow will become a separate component in the analysis toolchain with associated configuration options.
- Dataflow diagnostics will be reported against their own component instead of 'qac' or 'qacpp'.
- Inter-TU analysis will be internalized in dataflow, and two analysis passes will no longer be necessary.
What’s New in Helix QAC 2022.1
Helix QAC 2022.1 delivers improved compliance module coverage for AUTOSAR, MISRA, and CWE with greater C++ 20 language feature support.
In addition, this release includes greater control over analysis configuration and message suppressions; provides broader compiler support; and general quality of life improvements for performance and various plugins.
Coding Standard Coverage (AUTOSAR, MISRA, CWE)
Improved AUTOSAR Coverage
AUTOSAR coverage has been increased to 95%.
Improved MISRA C:2012 (TC2) Coverage
MISRA C:2012 compliance module has been updated to reflect Technical Corrigendum 2 category and wording changes.
Improved CWE Coverage
CWE coverage for C has been expanded to include new messages for Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') to cover CWE-362.
Upgraded C++20 Language Support
This release adds C++20 language feature support for:
- feature testing macros
- std::is_constant_evaluated()
Framework Improvements
- Project level options are now available on a per file/folder basis, providing more control over analysis configuration.
- Comment based suppressions now support multi-homed messages.
Dataflow Improvements
Reduced memory usage for:
- Large switch statements.
- Pointers with a large number of aliased objects.
Improved Build Process Monitoring
Automated CCT generation using ‘qainject’ streamlines build comprehension and compiler setup.
In this release, functionality has been improved to provide a user-friendly project and compiler setup for the following common compilers.
- Microchip XC8, XC8-CC
- Wind River Diab
- Texas Instruments Code Composer
Quality of Life Enhancements
GUI
- Additional component options on a per file/directory basis.
CLI
- Additional component options on a per file/directory basis.
- Improved feedback when qacli report fails.
Performance
- Reduced analysis memory usage for some projects.
- Improved feedback from the CLI for certain configuration errors.
Plugins
- Streamlined Jenkins plugin.
- General improvements for Eclipse, Visual Studio, and Visual Studio Code.
Important Changes in Helix QAC 2022.1
End-of-Life for ‘Met’ Output Format
Helix QAC 2022.1 will no longer support the ‘met’ output format.
The binary ‘arc’ file output format introduced in Helix QAC 2019.2, which replaced the ‘met’ file output format, is the default as of Helix QAC 2020.2. As a result, the ‘met’ file format will be deprecated and no longer supported from Helix QAC 2022.1 onward.
Pre-Announcements
CCT Generator End-of-Life in 2023
Helix QAC 2023.1 will no longer support the legacy standalone CCT Generator.
The ‘qainject’ tool introduced in Helix QAC 2021.3 will replace the current CCT Generator. As a result, CCT’s generated using the legacy tool will be deprecated and no longer supported.
Upcoming ‘qacli admin’ changes
There are a large number of options associated with the ‘qacli admin’ sub-command and these will be separated out into several new sub-commands covering configuration of the system and projects.
The corresponding ‘qacli admin’ options will be deprecated as new sub-commands are added and removed in a future release. These changes will improve the usability of the CLI, enable more consistent use of short options and default values, and enhance the readability of the associated help pages.
Included in the release notes are details for the ‘qacli admin' options that have been deprecated in 2022.1 and the full list of previously deprecated commands is included in the Helix QAC manual.
What’s New in Helix QAC 2021.3
Helix QAC 2021.3 introduces support for Visual Studio Code, new compliance modules for Hyundai Motor Group, and improved dataflow analysis capabilities with additional C++ 20 language support.
In addition, this version includes accuracy and coverage improvements for important automotive and secure coding standards, streamlined build process monitoring, and general quality of life improvements that provide better usability, security, and project setup/management options.
Visual Studio Code IDE Plugin
Use our new Visual Studio Code desktop analysis plugin to detect and fix issues quickly and easily before code check-in.
This new IDE extension supports desktop analysis of Helix QAC within Visual Studio Code for C/C++:
- Analyze code, view, and filter results.
- Localization for English and Japanese.
- Support for multi-homed and suppressed messages.
- Diagnostic message help.
- Logging and output messages
Coding Standard Coverage (AUTOSAR, MISRA, CERT, CWE, HKMC)
Improved AUTOSAR Coverage
AUTOSAR coverage has been increased to 94% to make compliance easier along with the industry-leading precision and accuracy that Helix QAC is known for.
Improved MISRA C:2012 Coverage
MISRA C:2012 depth and accuracy have been improved.
Improved CERT Coverage
CERT C/C++ coverage has been improved to enhance depth and accuracy.
Improved CWE Coverage
CWE coverage has been expanded to include new messages related to encryption and variable use rule violations.
New HKMC Compliance Module for C/C++
Enforce Secure C/C++ Coding Guide for Automotive Embedded Systems with Helix QAC’s new compliance modules for Hyundai Motor Group and their suppliers.
Dataflow Improvements
- Modeling of individual elements within an array provides greater analysis capabilities to find dataflow/path defects with improved accuracy.
- Improved detection of pointer de-reference defects by additional propagation of the results of pointer arithmetic expressions.
Upgraded C++20 Language Support
This release adds C++20 language feature support for:
- __VA_OPT__ elision operator in variadic macros
Improved Build Process Monitoring
Automated CCT generation using ‘qainject’ streamlines build comprehension and compiler setup.
This new functionality provides a user-friendly project and compiler setup for the following common compilers.
- GNU C/C++
- Clang
- MS Visual Studio
- Microchip MPLAB pic24
- xc32
- xc16
- Hightec Tricore
- QNX
Quality of Life Enhancements
Dashboard
- Localization improvements
- New LDAP configuration and authentication options
- Improved SSL Certificate support
QACGUI
- Change default view settings within the GUI
- Automatic analysis when header files change
Framework
- Project Roots now supported for incremental analysis
- Dynamic analysis threads based on available resources
QACLI
- CI/Docker install without GUI/Doc
- Japanese translation and path fixes
Important Changes in Helix QAC 2021.3
Helix QAC 2021.3 has upgraded to use Python 3 and removed Python 2 which has reached End-Of-Life.
- User action is needed to upgrade existing projects. To upgrade your projects run “qacli admin --upgrade". See product documentation for more information.
- Note this upgrade process also applies when creating a new project but reusing a CCT created using a previous version of QAC.
- If creating a new project with the CCTs included in the Helix QAC 2021.3 package, they have been converted and tested to work under Python 3.
End of Support
The following Visual Studio artifacts have been removed from the installation packages.
- Visual Studio 2010, 2012, and 2013
What’s New in Helix QAC 2021.2
Helix QAC 2021.2 introduces new compliance reports for MISRA Compliance 2020 and general coding standards, complete support of the C++17 language specification, and plugin enhancements for faster analysis feedback.
In addition, this version includes increased MISRA and AUTOSAR coverage with improved accuracy, faster analysis, and quality of life improvements that provide better usability, security, and data management options.
Compliance Reports
These new reports help you determine the health of your code base and supply the information necessary to claim compliance against a coding standard. Generate reports for:
- MISRA Compliance 2020
- General standards compliance
New Plugin Features
New optional features for the Visual Studio and Eclipse Plugins are introduced in this release for faster analysis feedback. Along with support for projects with multiple configurations.
Continuous Incremental Analysis
Enables analysis to be performed automatically when saving a file or after a predefined time of inactivity in a modified file.
Interactive Asynchronous Feedback
Enables diagnostic results to stream in as analysis progresses, so you can remediate issues while analysis is running.
Multi-Configuration Project Support
Projects with multiple configurations are now supported with Helix QAC IDE Plugins to provide easier project context switching.
Improved Coding Standard Coverage (AUTOSAR and MISRA)
Improved AUTOSAR Coverage
AUTOSAR coverage has been increased up to 93% to make compliance easier along with the industry-leading precision and accuracy that Helix QAC is known for.
Improved MISRA C:2012 Coverage
MISRA C:2012 compliance has been updated to include features of MISRA C:2012 TC1.
Complete C++17 Language Support
Helix QAC 2021.2 fully supports the C++17 language specification. This release adds language feature support for:
- Extended new
- Guaranteed copy elision
Dataflow Improvements
Improved tracking of variable usage and handling of struct/union function arguments for greater accuracy and precision of analysis results.
General performance improvements resulting in faster analysis speed by up to ~5%*.
(*based on internally benchmarked OSS projects)
Integrate Helix QAC Diagnostic Results with Klocwork
With 2021.2 we introduce the ability to export Helix QAC findings into Klocwork’s Compliance and Application Security Testing (CAST) Portal. This enables you to:
- Use Helix QAC and Klocwork together to provide industry-leading compliance coverage across the major embedded and automotive programming languages.
- Export and integrate Helix QAC diagnostic results with Klocwork.
- Review and manage security and compliance issues in one place.
- Generate compliance reports natively with Helix QAC or from the Klocwork SAC portal.
Quality of Life Enhancements
QAGUI and QACLI
- Compliance report generation
- Improved sync method for easier configuration
QAGUI
- Upgraded look and feel
- External file modification can trigger automatic analysis
QACLI
- Option to output data in SARIF format
- Export Helix QAC data to Klocwork portal providing a single destination to view results from both tools
Dashboard
- LDAP Implementation
- SSL Certificates
Important Changes in Helix QAC 2021.2
End of Support
- Red Hat Enterprise Linux 6
- Visual Studio 2010, 2012, and 2013
The Visual Studio artifacts listed above will remain in the installation packages but will be removed in the next release.
What's New in Helix QAC 2021.1?
Helix QAC 2021.1 delivers complete support for CERT C++ rules, expands AUTOSAR coverage, and adds new language support for C++17.
Improved Compliance Coverage for CERT and AUTOSAR
Full CERT C++ Coverage
Helix QAC now covers 100% of the CERT C++ rules to provide unparalleled coding standard coverage.
Improved AUTOSAR Coverage
This release increases AUTOSAR coverage to 91% with Helix QAC’s industry-leading precision and accuracy — making compliance easier.
New C++17 Language Support
Expanded support for C++17 language specification. New language features include:
- Lambda Capture of *this by Value as [=,*this]
- constexpr lambda
- Allow const eval for all non-type template arguments
- Aggregate initialization of classes with base classes
Important Upcoming Changes in Helix QAC 2022.1
Pre-Announcement: ‘Met’ Output Format End-of-Life in 2022
Helix QAC 2022.1 will no longer support the ‘met’ output format.
The binary ‘arc’ file output format introduced in Helix QAC 2019.2, which replaced the ‘met’ file output format, is the default as of Helix QAC 2020.2. As a result, the ‘met’ file format will be deprecated and no longer supported from Helix QAC 2022.1 onward.
If the legacy 'met' format is required, then that information can either be extracted from the 'arc' files using an appropriate 'lua' script. See: Helix QAC user manuals for more detail.
What's New in Helix QAC 2020.2?
Helix QAC 2020.2 delivers complete support for CERT C POSIX rules, adds new language support for C++ 17/20, and introduces a new compliance module for ISO/IEC TS 17961.
In addition, the latest version expands compliance coverage and features quality of life improvements that provide increased productivity and usability for Jenkins and QAGUI.
Improved Compliance Coverage (CERT, AUTOSAR, ISO/IEC TS 17961)
CERT C POSIX Rule Support
Helix QAC now covers 100% of the CERT C POSIX Rules — providing unparalleled coding standard coverage.
Improved CERT C++ Coverage
Coverage for CERT C++ has increased to 95% with this release.
New ISO/IEC TS 17961 Compliance Module
Ensure your projects are C Secure with Helix QAC’s new compliance module for ISO/IEC TS 17961. Helix QAC now provides 98% coverage for C Secure.
Improved AUTOSAR Coverage
Make compliance easier — this release increases AUTOSAR coverage up to 91% with the industry-leading precision and accuracy that Helix QAC is known for.
New C++17/20 Language Support
Helix QAC 2020.2 adds C++17 language feature support for:
- Pack expansions and declarator lists in using declarations.
- Typename keyword in template template parameters.
- Non-type template parameters declared with a placeholder type.
- UTF-8 character literals.
- In-class definition of explicit template specializations.
- Enumeration direct-list initialization.
- Structured bindings.
Helix QAC 2020.2 adds C++ 20 language feature support for:
- Storage class specifiers in structured bindings.
QAGUI New Features
Two new optional features for QAGUI are introduced in this release of Helix QAC for faster analysis feedback.
Continuous Incremental Analysis
Enables analysis to be performed automatically when saving a file or after a pre-defined time of inactivity in a modified file.
Interactive Asynchronous Feedback
Enables diagnostic results to stream in as analysis progresses so you can begin remediating issues while analysis is running.
Jenkins Pipelines
Support for Jenkins Pipelines provides an easy way to automate static analysis as part of your application lifecycle within your Continuous Integration (CI) or Continuous Delivery (CD) workflows.
Important Changes in Helix QAC 2020.2
End of Support for Red Hat Enterprise Linux 6
Beginning with Helix QAC 2020.2, the following operating system will not be supported:
- RHEL 6
Important Change to Default Format for Semantic Output
Helix QAC 2020.2 will use the binary 'arc' file output format by default. If the legacy 'met' format is required, then that information can either be extracted from the 'arc' files using an appropriate 'lua' script (See: Helix QAC user manuals for more detail.), or the legacy output format can be enabled with "-metfile+".
(Note: Features that are dependent on the 'arc' format will not work with "-metfile+". For more information please refer to the Helix QAC 2020.2 release notes.)
If you have any questions or concerns, please contact our support team.
What’s New in Helix QAC 2020.1?
Helix QAC 2020.1 adds support for commonly used C++17/20 language features, expands compliance coverage, accelerates performance, and enhances productivity.
Improved CERT C Coverage
Coverage of CERT C Rules has increased to 100%.
Improved CERT C++ Coverage
Coverage for CERT C++ has increased with this release.
Improved MISRA C:2012 Amendment 2 Coverage
MISRA C:2012 Amendment 2 is completely supported.
Improved AUTOSAR Coverage
Coverage for AUTOSAR has increased with this release.
New C++17/20 Language Support
Helix QAC 2020.1 adds C++17 language features support for inline variables, nested namespace definition, and selection statements with an initializer.
Helix QAC 2020.1 adds C++ 20 language features support for nested inline namespaces and range-based for statements with an initializer.
Improved Eclipse Plugin Performance
The Eclipse Plugin now features quick keyboard shortcuts for common commands and quality of life improvements for increased productivity and usability.
Improved Visual Studio Plugin Performance
The Visual Studio Plugin has quality of life improvements for increased productivity and usability.
Improved Helix QAC Dashboard
The Helix QAC Dashboard has improved upload performance, bug-fixes, and minor enhancements.
Important Changes in Helix QAC 2020.1
End of Windows 7 Support
Windows 7 will not be supported from 2020.1 onwards. The supported operating systems going forward will be:
- Windows 10 (64 bit)
- Linux: RHEL 6 and 7 (64 bit)
End of Support for Legacy Visual Studio Versions
Visual Studio 2010, 2012, and 2013 versions are no longer supported by Microsoft on Windows 10. For that reason, beginning with Helix QAC 2020.1, the Helix QAC Visual Studio plugin will not support these versions.
What’s New in Helix QAC 2019.2?
Helix QAC 2019.2 adds support for commonly used C++17 language features and Visual Studio 19. This release also expands compliance coverage, accelerates performance, and enhances productivity.
Improve CERT Coverage
Coverage for CERT C and CERT C++ has increased with this release.
Leverage C++17
Helix QAC 2019.2 includes support for C++17— including fold expressions; constexpr if; template argument deduction for class templates; and exception specifications as part of the type system.
Increase Productivity
There are several feature updates in Helix QAC 2019.2 that improve productivity. This includes support for Visual Studio 2019, and an updated and improved Eclipse plugin.
Easy selection of C90, C99 or C11 rules makes it is easier configure your MISRA projects. And, your logs can now be stored in a project-specific location.
Reduce Disk Usage
Particularly important for large projects, Helix QAC 2019.2 uses a more efficient internal storage format to significantly reduce the amount of disk space it uses.
Important Changes in Helix QAC 2019.2
Support for Legacy Hosting Operating Systems
Support for RHEL 5, and all 32-bit Windows and Linux platforms will be removed from 2019.2 onwards. Helix QAC 2019.2 will only be supported on the following operating systems:
- Windows: 7* and 10 (64 bit)
- Linux: RHEL 6 and 7 (64 bit)
*We are planning to remove Windows 7 support from the subsequent release (2020.1).
What’s New in Helix QAC 2019.1?
Helix QAC 2019.1 adds support for inter-thread defect detection. This release also expands compliance coverage, accelerates performance, and enhances productivity.
Watch this pre-recorded webinar to learn more about the new features.
Leverage Multithreading — Without Concurrency Defects
Helix QAC 2019.1 includes new dataflow features and enhancements — including inter-thread, intra-thread, and tainted variable analysis.
This update allows you to detect potential concurrency defects, such as deadlock and data race.
Improve Compliance Coverage (CERT, MISRA, AUTOSAR)
Helix QAC offers the best coverage of the MISRA C© and MISRA C++© coding standards. And the precision and accuracy of that coverage has increased with Helix QAC 2019.1.
Helix QAC now offers complete support for C++14. And the AUTOSAR compliance module has been updated for the October 2018 update to AUTOSAR coding guidelines.
Coverage for CERT C/C++ has also increased with this release.
Accelerate Performance (Analysis & Synchronization)
Helix QAC 2019.1 includes performance updates.
Cross-module analysis is faster with this release. Helix QAC 2019.1 also improves the desktop integration with the web dashboard (formerly QA Verify). This accelerates project synchronization.
Increase Productivity (Searchable Help)
There are several feature updates in Helix QAC 2019.1 that improve productivity. This includes a searchable help, as well as some command line (CLI) updates.
Important Changes in Helix QAC 2019.1
The latest release of Helix QAC (formerly QAC/QAC++/QA Verify) includes the following changes.
How Helix QAC Is Versioned
Helix QAC will no longer use a <major>.<minor>.<patch> format. The version will be based on year and the release within the year. So, the new release will be “Helix QAC 2019.1”. This will consist of:
- QAC 9.6
- QAC++ 4.4
- QA Verify (Helix QAC dashboard) 2.4
Where Helix QAC Will Be Installed
By default, Helix QAC 2019.1 will be installed into “C:\Perforce\Helix-QAC-2019.1” for Windows users or “/opt/Perforce/Helix-QAC-2019.1” for Linux users.
Where User Data Is Stored
The user data location is platform- and user privilege-specific. Here’s a table with further details:
Platform | Privilege | Location | Registry |
Windows | Non-admin | %LOCALAPPDATA%\Perforce\Helix-QAC-2019.1 | HKEY_CURRENT_USER\SOFTWARE\Perforce |
Windows | Admin | %LOCALAPPDATA%\Perforce\Helix-QAC-2019.1 | HKEY_LOCAL_MACHINE\SOFTWARE\Perforce |
Linux | Non-admin | ~/.config/Perforce/Helix-QAC-2019.1 | n/a |
Linux | Admin | /etc/Perforce.d/Helix-QAC-2019.1 | n/a |
Where Log Files Are Stored
By default they will be in “%LOCALAPPDATA%\Perforce\Helix-QAC-2019.1” for Windows users or “~/.config/Perforce/Helix-QAC-2019.1” for Linux users.
The log file name changes to Helix-QAC_<date>T<time>_<id>.log
How the Jenkins Plug-In Will Change
Jenkins users will need to update the PRQA plug-in to v3.0.2 (or above) for Helix QAC 2019.1.
Programs That Won’t Change
The qacli and qagui will retain their names. Key folders such as the “prqa” folder and the prqaproject.xml will also remain the same.
What’s New in Helix QAC 2.4?
Helix QAC 2.4 adds a CWE C++ compliance module. And it updates compliance coverage, performance, and productivity.
Add the New CWE C++ Compliance Module
Identify CWE C++ security weaknesses in your code. And map Helix QAC for C++ diagnostics to CWE list entries.
Additional Compliance Updates
Helix QAC 2.4 includes additional compliance updates:
- Better coverage for AUTOSAR C++, MISRA C, and CERT C/C++.
- Parser support for C11 and more modern C++ features.
Performance and Productivity Enhancements
Helix QAC 2.4 also includes updates for better performance and greater productivity, such as:
- IDE plug-in support for Eclipse Photon
- Report analysis times per file