The C++ static analysis team is committed to making your C++ coding experience as safe as possible. We are adding richer code safety checks and addressing high impact customer feedback bugs posted on the C++ Developer Community page. Thank you for engaging with us and giving us great feedback on the past releases and early previews leading to this point. Below is the compilation of improvements and bug fixes that were made from Visual Studio 2019 versions 16.9 to 16.10 for code analysis and CppCoreCheck.

New features:

• C26479 is a new warning that supports F.48, don’t return a local variable with std::move.
• C26458 is a new warning that serves as a path-sensitive version of C26446. C26458 had a dedicated blog post in mid-May. In case you missed it, you can read more about the new warning here.
• C26800, which is used to detect if a variable is used after it has been moved from, is no longer an experimental rule and is now a part of the default rule set.
• The lifetime warnings C26810 and C26811, originally introduced in 16.2 and discussed here, are no longer experimental and can be used by selecting the default ruleset or “CppCoreCheckLifetimeRules”.
• Sarif suppression properties will only be populated when /analyze:log:includesuppressed is specified. This can be useful for auditing the rules that are suppressed in a codebase.

#c++ #cppcorecheck #static analysis