Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Reviewing your results

Comparing Analyses

PreviousCases needing manual attentionNextCapturing results for printing or sharing

Last updated 4 months ago

When making changes to a branch, it can be valuable to compare the impact of those changes relative to earlier versions of the branch, or of other branches. The Show Comparisons feature helps you to do that.

To show how this works, we will analyze the mainnet branch for the Thunder project. Once that analysis completes we click on the Review icon on the Navigator page to open the Summary page as described in .

This is the result of the analysis of the mainnet branch. We can now compare this with the results on the master branch done previously. This feature is handy when there are multiple branches in development and a developer may wish to compare their changes with some baseline or another developing branch. Note the button labeled Show Comparisons. This allows you to compare this analysis with another one done previously.

Click on the Show Comparisons button to bring up the list of other possible branches against which to compare. For our example here, we see only one other option, the master branch. In more advanced cases, the list would display many other branch analyses for comparison.

NOTE: The branch from which the comparison is being initiated, mainnet, is not displayed as an option for comparison. This is either because there are no other analyses to compare with or any previous analyses are from the same version of the code (same commit hash). In these cases, since there is nothing to compare, they are not offered.

To choose the alternate branch for comparison, click on the desired branch entry. Since there may have been more than one previous analysis performed on a particular branch, the next step is to choose which analysis session from that branch is desired. Typically, the most recent analysis is offered by default, but you can scroll down through the list to see the various sessions. In our example, we see the 2 previous analyses on the master branch.

If there are many possible choices, you can narrow the selection using the Default pull-down menu. Clicking on it reveals the search options.

We'll choose the Search by session id to show how this works. We enter 2 in the search field and click Submit. Now, only Session ID 2 shows up.

Then we click on Apply to reveal the comparison.

Using the Show Comparisons feature may prove useful to a developer by comparing results from earlier versions of the same branch that were done at earlier points in the development. This allows the devleloper to determine if recent code changes have either fixed older bugs or introduced new ones.

The comparison view is the same as for viewing the results of a complete analysis as shown in . However, in this case, only the bugs that are disjoint from the alternate analysis are displayed. In our example, we can see the 3 bugs that were detected in the mainnet branch that were NOT in the master branch's second analysis.

Reviewer Summary and Filters
Reviewing Your Results