Andrey2008 Jan 16 2019 at 14:22PVS-Studio 7.00Reading time6 minViews3.9KPVS-Studio corporate blogJava*C++*DevOps*Total votes 52: ↑51 and ↓1+50Add to bookmarks6Comments3
Andrey2008 Jan 16 2019 at 17:55Show previous commentYes, the analyzer's reports are classified according to CWE. Not all but many of them. It's not always easy to find a match between defect and CWE identifier (this concerns not only Java but C++\C# as well).
Andrey2008 Jan 17 2019 at 15:50Here’s a first quick check of open projects (IntelliJ IDEA, SpotBugs, SonarQube): PVS-Studio for Java.
PVS-Studio 7.00