InfoQ Homepage Code Analysis Content on InfoQ
-
Spell Checker Added to Visual Studio 2008
The Code Analysis team at Microsoft has decided to include FXCop's spell checker in Visual Studio 2008.
-
David M. Kean Reveals Microsoft's FXCop Ruleset
FXCop has a lot of code analysis rules, but does Microsoft actually use them all? Turns out the answer is no. David Kean lists which FXCop rules are considered mandatory by the Microsoft's Developer Division.
-
Review: Continous Performance Management
Steven Haines from Quest has published an article demonstrating the use of performance analysis tools in the continuous build cycle as best practice and makes some thought provoking points about the cost of not doing so.
-
Google Singleton Detector
Google has released a tool that performs bytecode analysis in order to locate and report on Singletons within bytecode. Although the tool has limitations, it is one way to detect a pattern that many see as controversial.
-
A case study of Apache peer/code review processes
Peter C. Rigby and Daniel M. German have released a case study of peer/code review processes used at Apache which looks at the types of reviews, frequency of them, and other characteristics. Although some question the data collection methodology, the papers offer an interesting set of discussions comparing and contrasting various review methodologies.
-
Article: Implementing Automated Governance for Coding Standards
Most development organizations of a significant size have some form of coding standards and best practices. Simply documenting these standards and keeping them up to date can be a significant challenge and enforcing them even harder. Our organization has found that enforcing coding standards and best practices in an automated fashion through our build process has been highly effective.
-
PMD: Automated source code analysis and bug detection
PMD, an open-source automated Java source code analysis and bug detection tool, recently reached version 4.0. InfoQ spoke with Tom Copeland, PMD project lead, to learn more about PMD and what capabilities it provides.
-
Google SoC Series: dcov - Ruby documentation coverage analyzer
Ruby gains another tool to ensure code quality: dcov analyses Ruby code and determines the documentation coverage. We caught up with dcov developer Jeremy McAnally to talk about his plans.
-
InfoQ Article: The MOle Plugin
The MOle, so named because it acts as the investigators agent, is a plugin that provides insight into the inner workings of Ruby on Rails in realtime, as requests come in and get processed. The author describes how the plugin came about and gives InfoQ readers a detailed introduction to his innovative plugin.
-
Coverity Prevent SQS: Java Static Analysis Defect Detection
The Java static-analysis defect detection space got a new entrant this week with Coverity's release of Prevent SQS, a code analysis tool that analyzes byte code, and builds an interal map of all possible execution paths upon which interprocedural defect analysis is done to find problems that lead to runtime exceptions, security vulnerabilities, unpredictable behavior, and performance degradation.
-
Using Dtrace to Improve Rails Performance
InfoQ investigates how three companies recently collaborated to use DTrace, a powerful open source process introspection tool, to find and fix a substantial Rails latency issue.
-
Google SoC Series: ANTLR v3 Ruby Parser
Writing a Ruby parser is a challenging task, yet the XRuby team wrote one from scratch. A Google Summer of Code project will update the current parser to use ANTLR v3, and plans to produce a Ruby parser in Ruby in the process. InfoQ caught up with Wang Haofei to ask about the problems in parsing Ruby and the plans for the project.
-
NStatic: Advanced Code Analysis for .NET
Code analysis tools like FXCop are often cited as ways to improve code quality. While they do check for a large number of potential faults, in theory there is a lot more that can be done. Wesner Moise intends to try out these theories with an advanced code analysis tool called NStatic.