Let op! Internet Explorer wordt niet meer ondersteund. Hierdoor kan de website mogelijk niet goed functioneren, gebruik een alternatieve browser om optimaal gebruik te maken van deze website. Klik hier om een alternatieve browser te downloaden.

TiCS 2025.1.1 released!

14 April 2025

TIOBE releases TiCS 2025.1.0, introducing support for Clang-Tidy, an overhaul of how we integrate with Coverity, and much more!

TiCS 2025.1.1 Highlights

Clang-Tidy Support

We have added support for Clang-Tidy, a clang-based C++ “linter” tool. Its purpose is to provide an extensible framework for diagnosing and fixing typical programming errors, like style violations, interface misuse, or bugs that can be deduced via static analysis.

We have derived a ruleset from a subset of the Clang-Tidy Checks, consisting of rules of the categories:

  • bugprone
  • cppcoreguidelines

Coverity Updates

Our Coverity integration has seen a major overhaul. Several topics have been addressed:

  • Compatibility: Added Coverity 2024.12.1 Support. In Coverity 2024.12, the old CLI interface was dropped and support needed to be added to account for this.
  • Improved Performance: To provide accurate results both TICS and Coverity perform build steps. This results in a build being performed twice. With the introduction of the compilation database, Coverity will reuse the build results from TICS.
  • Ease of Configuration: The compilation database also removes the need for specifying the build command in the TICS Configuration.

Global TICS Client Configuration

We have added a mechanism to globally specify configuration properties for the TICS Client, used by Software Developers. It is now possible to specify up to what severity level violations will be reported. More configuration properties will be added later.

Okta Identity Provisioning

Okta is another Identity Provider for which we added support. Like Google and Microsoft Entra ID, Okta allows you to centrally manage which users have access to TICS. Our Okta integration is based on OpenID Connect. OpenID Connect is the de facto standard for handling authentication in the modern world. From traditional web applications to single-page apps to native applications, OpenID Connect provides a template for interoperability that makes it easy to incorporate identity management seamlessly and securely.

Security updates

Tomcat upgrade to 9.0.100

From Apache, several security improvements have been made. Though none of the vulnerabilities apply to your TICS setup, security scanners might still trigger. To prevent alarming detections and of course real vulnerabilities, we have upgraded Tomcat.
The following vulnerabilities have been solved between Tomcat 9.0.97 and 9.0.100:

  • CVE-2024-50379: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation
  • CVE-2024-56337: Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apache Tomcat
  • CVE-2024-54677: Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service.

You can find the full release notes, here.

Want to know if TiCS can work for you as well?

Request a demo