Parameters for running software analyses from a command line
Analysis command prerequisite tasks
- Use the software analysis UI to create a DAT rule file.
- Close Eclipse workspaces before you run an analysis scan from the command line.
- Close any open Eclipse command line instances before you run an analysis scan from the command line.
- Determine what analysis parameter values to provide for your analysis.
Analysis command usage
You use parameters to define the analysis scope, the source code location, the analysis rule set, and the report repository.
- Parameter options and values can be entered in any sequence.
- Enter parameters on a single line, without a line feed or carriage
return. Note: Parameters in the following syntax statement are shown on separate lines so that the syntax is easier to read.
- Use the -application parameter to supply the ID required to invoke the Software Analyzer application.
- Supply fully-qualified path information for parameters or use environment variables to define path information and shorten the length of the analysis command.
Analysis command syntax
At the command prompt for Windows or Linux, change directories to the Eclipse install directory.
<path to Eclipse executable>eclipse | eclipse.exe
-application com.ibm.rsaz.analysis.commandline.AnalyzeApplication
-data <fully-qualified path to Eclipse workspace>
-directory <fully-qualified path to source directory>
-includefile <files in directory to include in analysis>
-excludefile <files in directory to exclude from analysis>
-rulefile <fully-qualified path to rules file>
-reportdirectory <fully-qualified path to the HTML report repository>
-projectname <report group name for analysis reports>
-exportdirectory <fully-qualified path to XML export directory>
-bindirectory <fully qualified path to the binary directory that contains the .class files>
-javacp <fully qualified build classpath>
-verbose
-nosplash Analysis command parameters
| Parameter | Classification | Description |
|---|---|---|
| -application | Mandatory | com.ibm.rsaz.analysis.commandline.AnalyzeApplication Specify this ID to identify the software analysis application. The application ID identifies which application Eclipse invokes; you must specify the ID. |
| -data | Mandatory | Specify an Eclipse workspace for the software
analysis application to use to process the analysis. This might be the workspace where the source directories to be analyzed reside (-directory) or a different workspace. If you specify a workspace that does not exist, the workspace is created. Note: To analyze
all the source files in the workspace, specify the -data parameter
and do not specify the -directory parameter.
|
| -directory | Mandatory | Specify the fully qualified path for one or
more source directories as a comma-separated list. A source directory must include the top-level directory that contains the source files to analyze. |
| -includefile | Optional for the -directory option | Specify the fully qualified path to a text file
that contains a line-separated list of source files to include in
the analysis. Instead of analyzing all the source files in the source directory (-directory), this parameter enables you to analyze only those files that are listed in the text file. In the text file, the file name and path for each source file must be relative to the source directory (not fully qualified). Enter each source file name and path on a separate line in the file. |
| -excludefile | Optional for the -directory option | Specify the fully qualified path to a text file
that contains a line-separated list of source files to exclude from
the analysis. Instead of analyzing all the source files in the source directory (-directory), this parameter enables you to identify the files in the source directory that you do not want to analyze. In the text file, the file name and path for each source file must be relative to the source directory (not fully qualified). Enter each source file name and path on a separate line in the file. |
| -rulefile | Mandatory | Specify the fully qualified path to the DAT
rule file that contains the rule set to use to analyze the source
files. In the software analysis UI, you must create a rule set, save the rule set to a DAT file, and then export the DAT file. The DAT file must be accessible from the computer with the enterprise edition of the product that runs the analysis command line. |
| -reportdirectory | Mandatory | Specify the fully qualified path to the repository
on the Web server where the HTML analysis reports are saved. The
fixed value for the repository is as follows:
By saving analysis reports to the repository, you can store, access, and share analysis reports. |
| -projectname | Mandatory if the -reportdirectory parameter is the Web server | Specify a project name to group analysis reports
on the Web server. Each analysis report is saved under a -projectname;
report names are automatically assigned by using a fixed date-time
format:
Note: This project
name is not related to an Eclipse project.
|
| -exportdirectory | Optional | Specify the fully qualified path to a directory
to save the report output in XML format. This option saves the analysis report output to an XML file that can be used as input to a report application. |
| -verbose | Optional | Specify the -verbose parameter to display the
analysis rule results and the command-processing output, in addition
to the URL report link. On Windows, you must specify an output file name to redirect the output to a file. The analysis command does not return the URL link to the console display (standard out). On Windows:
|
| -nosplash | Optional | Specify this parameter to suppress the display of the Eclipse splash screen. |