TIOBE releases TiCS 2023.1, which includes support for the Software Composition Analysis (SCA) tool BlackDuck and a newer TQI version that introduces stricter Security scoring.
Until TQI 4.12, the TQI score definition for Security is quite relaxed: the average Security score of all TIOBE customers is almost 98%. This is in contrast with the fact that Security is getting more and more important and Security code checkers are getting better (less false positives and false negatives). Hence, the need for a stricter score. The strict TQI formula for Compiler Warnings has been adopted for Security now as well. You can read the full TQI definition here.
You can now import your Black Duck Security findings into TiCS as part of the Security Metric. Black Duck is a compositional analysis tool that collects findings of open source, third-party, and proprietary software components used to build applications and containers.
The upgraded code checker from Parasoft comes with support for more compilers, bugfixes and new rules. See C++Test 2022.2 Updates for more information.