AppMap Analysis and Scanner Findings

In this video
AppMap Analysis scans your AppMaps to find software design flaws that impact performance, stability, security and maintainability. This runtime code analysis can find the problems that static code analyzers miss - and that cause 90% of today’s most serious production issues.

Links mentioned
Early Access to AppMap Analysis
AppMap Community Slack
Get AppMap for VSCode
Get AppMap for JetBrains

Follow along

AppMap Analysis is available for both JetBrains IDEs and Visual Studio Code. Follow the instructions below for your code editor of choice to enable AppMap Analysis.

Visual Studio Code

AppMap Analysis can be enabled by opening the “Runtime Analysis” instructions from the left side bar and signing in to AppMap. Alternatively, click the “Sign Up” button in the left side bar under the “Runtime Analysis” heading.

JetBrains IDEs

As of v0.16.0, AppMap Analysis is enabled by default in JetBrains IDEs. AppMaps will automatically be analyzed as they’re recorded.

Investigate findings

Let’s look at a sample Ruby on rails application, where AppMap has already been installed and AppMaps have been generated. From the test cases, you’ll see a new option for findings in the left-hand column or an option here for investigate findings.

You can see one of the issues we’ve found is that a log event contained secret data by clicking on the finding will be taken directly to the line of code where this event occurs by hovering over the pin.

Use labels to visually explore your code

You can open the AppMap and see exactly where the function wrote this secret to a log file. How does AppMap know that this was a secret? Unlike static analyzers and other tools that do pattern matching AppMap knows this function generates secrets because we have built in knowledge of common software libraries with pre-populated labels.

We know exactly where to look to avoid false positives. Developers can extend their labels, whether it’s a common library or not with simple code comments on their functions.

If you search for the secret label, you’ll see the location in the code where this event occurs by clicking on the function, you’ll be taken to the exact location of the AppMap, where the secret was generated. Additionally, you can open the code, combining a visual model alongside the code.

Next step: Join the AppMap Community

Was this page helpful? thumb_up Yes thumb_down No
Thank you for your feedback!