An account (or also user) is either a GitHub user or a GitHub organization. You can only log-in in TrustInSoft CI as a GitHub user, then your organization will automatically be shown in menus if the correct permissions have been granted.
An analysis is a verification of a program with TrustInSoft CI Analyzer. This verification is quite similar to a symbolic execution of the program, starting from a given entry point, to ensures to detect all undefined behaviors by using formal methods.
In TrustInSoft CI, an analysis is a part of a build. It is recommended to add as many analyses as possible to cover all possible behaviors of the analyzed program.
The Analyses configuration is a piece of JSON information describing how to perform analyses. Each build require to have an Analysis configuration. The Analyses configuration is a part of the Configuration files to configure a project inside TrustInSoft CI.
See also how to write an Analysis configuration.
To run analyses, a build uses the Committed configuration associated to the build's commit if it exist, or the Global configuration otherwise. If no configuration is available for the build, analyses will not be run.
The Build preparation is an optional stage executed for each build before running the analyses. The Build preparation is a part of the Configuration files to configure a project inside TrustInSoft CI.
Learn more about the Build preparation stage.
A Committed configuration is one of the two kinds of configuration. This Committed configuration allows to write the configuration of the project inside a
.trustinsoft directory in the GitHub repository.
The entry point of an analysis is the function where the analysis begins. Usually, the entry point of programs is the
mainfunction. With TrustInSoft CI Analyzer, any function can be used as the entry point of the analysis as soon as its inputs can be specified.
A Global configuration is one of the two kinds of configuration. The Global configuration allows to write the configuration directly in TrustInSoft CI in the project's settings page without modifying the associated GitHub repository.
A project is a GitHub repository registered in TrustInSoft CI. A project can only be registered by an owner of the associated GitHub repository.
A reference is either a branch, a tag or a pull request associated to a project or GitHub repository.
TrustInSoft CI Analyzer is a version of TrustInSoft Analyzer dedicated to the TrustInsoft CI online service to analyze GitHub repositories.
Undefined behaviors are defined by the C and C++ standards. They usually correspond to illegal operations and may lead to crashes and security vulnerabilities. Their effects are also highly dependent on the interactions with the compilers and their optimizations.
TrustInSoft CI Analyzer detects all major families of undefined behaviors including but not restricted to buffer overflow, dangling pointer, invalid pointer operation, division by zero, uninitialized memory read and arithmetic overflow.