Kinook Software Forum

Go Back   Kinook Software Forum > Visual Build Professional > [VBP] Third Party Tools
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools Rating: Thread Rating: 2 votes, 5.00 average. Display Modes
  #1  
Old 08-14-2013, 03:27 PM
James.Mathews James.Mathews is online now
Registered User
 
Join Date: 08-14-2013
Posts: 4
VBP and HP Fortify

I am using VBP 7.7a

Is there a way to turn off quotation marks around the default location of the Devenv / MSBuild / VCBuild?

Is there a way to turn off escape characters around the same? similar to:{Tools\Application Options\Logging(More)\"Escape special characters in step output macros"}

Alternatively is there a way to keep VBP from inserting "&&" after "Command to run before main command"?

Also how does VBP determine the default location of devenv?

Thank you,
James Mathews
Reply With Quote
  #2  
Old 08-14-2013, 04:05 PM
kinook kinook is online now
Administrator
 
Join Date: 03-06-2001
Location: Colorado
Posts: 6,034
Quote:
Originally Posted by James.Mathews View Post
I am using VBP 7.7a

Is there a way to turn off quotation marks around the default location of the Devenv / MSBuild / VCBuild?
If the executable path+filename contains spaces, quotes are required and will be included. If the filename doesn't contain spaces, quotes are not required and will not be included.

Quote:
Is there a way to turn off escape characters around the same? similar to:{Tools\Application Options\Logging(More)\"Escape special characters in step output macros"}
What escape characters? Please provide more info.
http://www.kinook.com/Forum/showthread.php?t=3044

Quote:
Alternatively is there a way to keep VBP from inserting "&&" after "Command to run before main command"?
No -- that is required syntax for executing multiple commands at once.
http://www.microsoft.com/resources/d....mspx?mfr=true

Quote:
Also how does VBP determine the default location of devenv?
The Make VS* actions determine the version of the solution/project being built and attempt to locate the corresponding version of devenv.com.
Reply With Quote
  #3  
Old 08-14-2013, 04:47 PM
James.Mathews James.Mathews is online now
Registered User
 
Join Date: 08-14-2013
Posts: 4
Quote:
Originally Posted by kinook View Post
If the executable path+filename contains spaces, quotes are required and will be included. If the filename doesn't contain spaces, quotes are not required and will not be included.
I need to override this behavior. I need to end up with something like this:
{[1]"}sourceanalyzer{[1]"} -b %someBuildID% {[2]"}%devenv%{[2]"} {[3]"}%solutionToCompile%{[3]"} %anyBuildVariables%
where {[x]"} indicate quotes that follow the behavior you outlined and x indicates a set (both must be either present or absent.)


Quote:
Originally Posted by kinook View Post
What escape characters?
I include a quote in the override devenv path, something like this:
"sourceanalyzer -b %buildID% "%devenv%
hoping for:
""sourceanalyzer -b someBuildID "pathtodevenv\devenv.com" ....
but getting:
"\"sourceanalyzer -b someBuildID \"pathtodevenv\devenv.com" ....

Quote:
Originally Posted by kinook View Post
No -- that is required syntax for executing multiple commands at once.
http://www.microsoft.com/resources/d....mspx?mfr=true
I understand, but I need to pass:
%devenv% %solutionToCompile% %anyBuildVariables%
as parameters to sourceanalyzer -b %buildID%



Quote:
Originally Posted by kinook View Post
The Make VS* actions determine the version of the solution/project being built and attempt to locate the corresponding version of devenv.com.
yes, but where does Make VS* get the information? If it is the registry I can set a Write Registry at the beginning of each section of the script to change it to:
sourceanalyzer -b %buildID% %correctDEVENV%
and reset it afterwards. Using this solution I would still need to overcome the quotation issue from above, but would save me a lot of time modifying each step by hand.



Also before you sugest using something like "Run Script" let me explain my situation...

To give you a idea of the size of the project, using VBP it takes over 14 hours to compile, one of the 2 current versions of this software utilize VB6 and VS2010, the other version uses VS2010, vs2008, VS2005, and VB6 (it is the older version). The older version has over 2000 steps, the newer is segmented across ~40 build files.

In addition, we are not the developers, we provide software assurance on these products for the US Govt. Every time the developer drops new software, we provide static code analysis and regression testing on it. They use VBP 7.7a, and every time there is a new drop we get a new set of build files.

Thank you for your assistance,
James Mathews
Reply With Quote
  #4  
Old 08-14-2013, 05:25 PM
kinook kinook is online now
Administrator
 
Join Date: 03-06-2001
Location: Colorado
Posts: 6,034
There isn't a way to prevent quoting of the devenv command or escaping of additional extra quote characters added to a command.

Locating devenv.com does use registry lookups, but it's fairly involved for the various versions, bitness of Windows, fallback to App Paths, etc.

I think you might need to use a Run Program action and call sourceanalyzer directly. You could use the object model to iterate over all Make VS steps in the projects and create matching Run Program steps calling sourceanalyzer.
http://www.kinook.com/VisBuildPro/Ma...bjectmodel.htm
http://www.kinook.com/VisBuildPro/Ma...riptsample.htm

Another possibility might be to create your own custom executable that calls sourceanalyzer, and specify that executable in the Override field on the Options tab of the Make VS action.
http://www.kinook.com/VisBuildPro/Ma...optionstab.htm
Reply With Quote
  #5  
Old 08-14-2013, 05:32 PM
James.Mathews James.Mathews is online now
Registered User
 
Join Date: 08-14-2013
Posts: 4
Quote:
Originally Posted by kinook View Post
I think you might need to use a Run Program action and call sourceanalyzer directly. You could use the object model to iterate over all Make VS steps in the projects and create matching Run Program steps calling sourceanalyzer
I will look into this.

Quote:
Another possibility might be to create your own custom executable that calls sourceanalyzer, and specify that executable in the Override field on the Options tab of the Make VS action.
http://www.kinook.com/VisBuildPro/Ma...optionstab.htm
I have considered this approach, was hoping to avoid it.

Is there any possibility of integrating Fortify into future versions of VBP? Say a check box in the to turn it on and a textbox to enter a build id in the various Make VS* actions?

It won't help me now but down the road it probably will (up to the developer)

Thank you,

James Mathews

Last edited by James.Mathews; 08-14-2013 at 05:33 PM. Reason: afterthough
Reply With Quote
  #6  
Old 08-14-2013, 09:09 PM
kinook kinook is online now
Administrator
 
Join Date: 03-06-2001
Location: Colorado
Posts: 6,034
Possibly. Does the vendor provide a trial download or online documentation for the product?
Reply With Quote
  #7  
Old 08-15-2013, 07:40 AM
James.Mathews James.Mathews is online now
Registered User
 
Join Date: 08-14-2013
Posts: 4
Quote:
Originally Posted by kinook View Post
Possibly. Does the vendor provide a trial download or online documentation for the product?
I just sent a email to my HP contact, we'll see what he says.
Reply With Quote
  #8  
Old 10-25-2013, 04:13 PM
kinook kinook is online now
Administrator
 
Join Date: 03-06-2001
Location: Colorado
Posts: 6,034
In the latest build (8.5.0.1), there is a new Prefix main command option on the Advanced tab of Run Program and derived actions to prefix the main command instead of running as a separate command (&&), which should allow you to call sourceanalyzer from a Make VS* action.
Reply With Quote
Reply

Tags
hp fortify


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -5. The time now is 04:48 PM.


Copyright © 1999-2023 Kinook Software, Inc.