Articles, tutorials, videos and tools to perform software source code analysis in software testing.

Static Analysis for C++

May 30, 2016 0

Static analysis tools have the potential to significantly improve programmer productivity as well as the safety, reliability and efficiency of the code they write. Modern static analysis has moved well beyond the mental model people often have based on “lint”: just finding simple typos. Static analysis can find subtle, complex bugs early, identify opportunities to improve performance, encourage consistent style and appropriate usage of libraries and APIs.

PHP Static Code Analysis

August 10, 2015 1

PHP is not the best language to catch errors in code, like mistyped names of variables. This is what static code analysis tools (named linters or lints) can do: find bugs in code before it ever get executed. Linters don’t replace unit tests, but generally they are faster and cheaper to set up. I’ll talk about my XRef lint project (http://xref-lint.net/) as well as other helpful open source alternatives: phplint (http://www.icosaedro.it/phplint/), arcanist (http://phabricator.org/) and scrutinizer (https://scrutinizer-ci.com/).

Chasing Code Quality in a Distributed Team

December 20, 2012 0

This presentation discusses problems and solutions that were made in solving problems such as size (about 100 people in total, more than 5 years long), multi-location (Vilnius, China, US), remote PO (teams in Eastern Europe, PO in US), ~550 000 LOC’s, multiple customers. It will present techniques used to maintain the project quality in shape: Continuous Integration, Code Review, Static Code Quality.

Integrating an External Code Checker in Eclipse

September 11, 2012 0

Codan is a code analysis framework that performs code checks on C/C++ projects. It is part of the Eclipse CDT (C/C++ Development Tooling) suite since 2011. Codan was updated with the Eclipse Juno release in June 2012 to enable developers to automatically execute external code analysis tools within Eclipse. In this article, Alex Ruiz explains why the update is good news for users of Eclipse CDT, then shows you how to use Java code and a little bit of XML to quickly integrate your favorite code checker into your Eclipse C/C++ development environment, using Cppcheck as an example. The article provides a detailed step by step process to achieve this goal that requires just about 100 lines of simple Java code and 30 lines of XML.

Do Unit Tests Obviate Static Typing for Error Detection?

June 25, 2012 0

Evan Farrer to test the frequently cited claim by proponents of dynamically typed programming languages that static typing was not needed for detecting bugs in programs. In his blog post, he explains why unit testing isn’t enough and you need static typing too.

CRAP (Change Risk Anti-Patterns) Code Metric

February 23, 2011 0

In this blog post, Alberto Savoia discusses the CRAP (Change Risk Anti-Patterns) code metric. The CRAP metric combines cyclomatic complexity and code coverage by automated tests to help identify code that might be particularly difficult to understand, test or maintain.

Managing Branches in Static Analysis

January 11, 2011 0

This blog post discuss the options of running static analysis when you use a branches strategy for configuration management. The conclusion is that doing some analysis on the development branches enables developers to fix problems sooner which pays off in higher quality software earlier and better productivity.

1 2