# Glossary

### Account

An *account* (or also *user*) is either a GitHub user or a [GitHub organization](https://docs.ci.trust-in-soft.com/reference/github-organizations). You can only log-in in TrustInSoft CI as a GitHub user, then your organization will automatically be shown in menus if the correct permissions have been granted.

### Analysis

An analysis is a verification of a program with [TrustInSoft CI Analyzer](#trustinsoft-ci-analyzer). This verification is quite similar to a symbolic execution of the program, starting from a given [entry point](#entry-point), to ensures to detect all [undefined behaviors](#undefined-behavior) by using formal methods.

In TrustInSoft CI, an analysis is a part of a [build](#build). It is recommended to add as many analyses as possible to cover all possible behaviors of the analyzed program.&#x20;

### Analyses configuration

The Analyses configuration is a piece of JSON information describing how to perform [analyses](#analysis). Each [build](#build) require to have an Analysis configuration. The Analyses configuration is a part of the [Configuration files](https://docs.ci.trust-in-soft.com/configuration-file) to configure a [project](#project) inside TrustInSoft CI.

See also [how to write an Analysis configuration](https://docs.ci.trust-in-soft.com/configuration-file/analyses-configuration-file).

### Build

A build is a set of [analyses](#analysis) associated to a particular commit of a [project](#project).

To run analyses, a build uses the [Committed configuration](#committed-configuration) associated to the build's commit if it exist, or the [Global configuration](#global-configuration) otherwise. If no configuration is available for the build, analyses will not be run.

### Build preparation

The Build preparation is an optional stage executed for each [build](#build) before running the [analyses](#analysis). The Build preparation is a part of the [Configuration files](https://docs.ci.trust-in-soft.com/configuration-file) to configure a [project](#project) inside TrustInSoft CI.

Learn more about the [Build preparation stage](https://docs.ci.trust-in-soft.com/configuration-file/build-preparation-script).&#x20;

### Committed configuration

A Committed configuration is one of the [two kinds of configuration](https://docs.ci.trust-in-soft.com/configuration-file). This Committed configuration allows to write the configuration of the [project](#project) inside a `.trustinsoft` directory in the GitHub repository.

Unlike the [Global configuration](#global-configuration), the Committed configuration allows to have a different configuration for each [reference](#reference) and [build](#build) of the project.

### Entry point

The entry point of an analysis is the function where the [analysis](#analysis) begins. Usually, the entry point of programs is the `main`function. With [TrustInSoft CI Analyzer](#trustinsoft-ci-analyzer), any function can be used as the entry point of the analysis as soon as its inputs can be [specified](https://docs.ci.trust-in-soft.com/configuration-file/analyses-configuration-file#adding-inputs-for-the-entry-point-function).

### Global configuration

A Global configuration is one of the [two kinds of configuration](https://docs.ci.trust-in-soft.com/configuration-file). The Global configuration allows to write the configuration directly in TrustInSoft CI in the [project](#project)'s settings page without modifying the associated GitHub repository.

Unlike the [Committed configuration](#committed-configuration), the Global configuration is common to all [references](#reference) and [builds](#build) of the project (except if a Committed configuration is detected for the reference or build).

### Project

A project is a GitHub repository registered in TrustInSoft CI. A project can only be registered by an owner of the associated GitHub repository.

Once a project registered, one or several [references](#reference) should be added in order to run [analyses](#analysis) for the respective reference.

### Reference

A reference is either a branch, a tag or a pull request associated to a [project](#project) or GitHub repository.

### TrustInSoft CI Analyzer

TrustInSoft CI Analyzer is a version of [TrustInSoft Analyzer](https://trust-in-soft.com/product-c-and-c-source-code-analyzer/) dedicated to the TrustInsoft CI online service to analyze GitHub repositories.

TrustInSoft CI Analyzer is run during [builds](#build) for each [analysis](#analysis). Then, its Graphical User Interface can be used to [inspect](https://docs.ci.trust-in-soft.com/tutorial/find-the-root-cause-of-the-undefined-behaviors#launch-trustinsoft-ci-analyzer) in details the result of a single analysis.

### Undefined behavior

Undefined behaviors are defined by the C and C++ standards. They usually correspond to illegal operations and may lead to crashes and security vulnerabilities. Their effects are also highly dependent on the interactions with the compilers and their optimizations.

[TrustInSoft CI Analyzer](#trustinsoft-ci-analyzer) detects all major families of undefined behaviors including but not restricted to buffer overflow, dangling pointer, invalid pointer operation, division by zero, uninitialized memory read and arithmetic overflow.