In this video
AppMap Analysis scans your AppMaps to find software design flaws that impact performance, stability, security and maintainability. This runtime code analysis can find the problems that static code analyzers miss - and that cause 90% of today’s most serious production issues.
AppMap Analysis is currently available for early access for Ruby on Rails and Java Spring Applications. You can sign up and join the early access program to try it in your project.
Let’s look at a sample Ruby on rails application, where AppMap has already been installed and AppMaps have been generated. From the test cases, you’ll see a new option for findings in the left-hand column or an option here for investigate findings.
You can see one of the issues we’ve found is that a log event contained secret data by clicking on the finding will be taken directly to the line of code where this event occurs by hovering over the pin.
You can open the AppMap and see exactly where the function wrote this secret to a log file. How does AppMap know that this was a secret? Unlike static analyzers and other tools that do pattern matching AppMap knows this function generates secrets because we have built in knowledge of common software libraries with pre-populated labels.
We know exactly where to look to avoid false positives. Developers can extend their labels, whether it’s a common library or not with simple code comments on their functions.
If you search for the secret label, you’ll see the location in the code where this event occurs by clicking on the function, you’ll be taken to the exact location of the AppMap, where the secret was generated. Additionally, you can open the code, combining a visual model alongside the code.
Next step: Join the AppMap Community