Third-Party Software Integration

This article lists CodeSonar's third party software integrations, with links below.

  Manual Location


Built-In Integrations

The integrations in this section ship with CodeSonar.

Warning Detection

Integrations with the following warning detectors are built into CodeSonar.

  • Clang Static Analysis: (C, C++) CodeSonar projects can incorporate information obtained by observing the execution of the Clang Static Analysis and importing its SARIF output.
  • Pylint: (Python) CodeSonar projects can incorporate information obtained by observing the execution of Pylint 1.7 or later and importing information about the warnings it issues.


CodeSonar ships with integrations for the following Integrated Development Environments (IDEs). See the linked documentation sections for configuration and usage information.

  • Eclipse: See http://[hub_location]/install/codesonar/doc/html/Building/Eclipse/Overview.html
  • Microsoft Visual Studio: See http://[hub_location]/install/codesonar/doc/html/Building/VisualStudio/Overview.html
  • As part of CodeSonar 7.1p0, an extension for Microsoft Visual Studio Code (VS Code) is available from the Visual Studio Marketplace:, search for "codesonar". The extension will allow you to view the results of a single analysis or compare the results of two analyses in VS Code.

Project Management

CodeSonar ships with integrations for the following project management tools.


We provide instructions for integrating CodeSonar with the following SSO authentication platforms.

  • Keycloak: See http://[hub_location]/install/codesonar/doc/html/Tasks/HubWeb/ConfigureKeycloakAuth.html
  • Okta: See http://[hub_location]/install/codesonar/doc/html/Tasks/HubWeb/ConfigureOktaAuth.html

External Integration

The integrations in this section are provided on third-party sites: they do NOT ship with CodeSonar.

Continuous Integration (CI)

Customized integrations are available for the following CI tools. We also provide general-purpose instructions for integrating your CI tool with CodeSonar, see http://[hub_location]/install/codesonar/doc/html/CI/CI.html

  • AnthillPro: A community-developed plugin is available
  • Hudson: See http://[hub_location]/install/codesonar/doc/html/CI/Hudson.html 
  • Jenkins: See plugin which is available

Project Management 

  • GitHub:  See Documentation and links for downloading the integration kit
  • GitLab: See Documentation and links for downloading the integration kit
  • JIRA Server: See Documentation (available for versions 6.0-6.4.14 & 7.0.0-8.14.1) 
    • Please note: while CodeSonar continues to support Atlassian JIRA Cloud in version 7.2 and into the future, GrammaTech has decided to end support for the on-premises version, JIRA Server, starting with the 7.2 release of CodeSonar (previous versions of CodeSonar will continue to work with JIRA Server).
Was this article helpful?
1 out of 1 found this helpful

Articles in this section

GrammaTech Resource Library
Welcome to GrammaTech's resource library. Here you will find useful information about software development in the IoT era, where devices must not only function with impeccable quality and safety but also remain resilient to cyber attacks.
Shift Left Academy
Shift Left Academy is an educational resource to help implement a security first approach. Shift Left focuses on finding and preventing defects and security vulnerabilities early in the software development process
Posts by topic including static analysis, software assurance, and binary analysis