IBM ZCodeScan Overview

IBM® Developer z/OS® Enterprise Edition enhances the existing code scanning capabilities with the introduction of IBM ZCodeScan.

IBM ZCodeScan is a code analysis tool designed specifically for mainframe developers to scan COBOL and PL/I applications. It helps you identify security vulnerabilities and code quality issues directly within your development environment, which enables you to deliver more secure and maintainable z/OS applications.

IBM ZCodeScan can be used in VS Code and Eclipse IDEs, or from the command line. It integrates seamlessly into your workflow to provide real-time feedback on your code quality.

IBM ZCodeScan includes the following features:

• Provides an IBM security vulnerabilities scanner to find any potential issues in COBOL and PL/I source code.
• Delivers a built-in rules file to easily set up the code reviews. These rules covers the typical best practices in COBOL and PL/I coding.
• Provides real time code review with linting in IBM Developer on VS Code to provide faster feedback on code quality.
• Includes a Command Line Interface (CLI) to run code review from anywhere for increased flexibility. For example, the CLI can be invoked from a developer’s workstation, from a pipeline orchestrator, or from any build framework.

For more information, watch this video, Scan your code with IBM ZCodeScan.