BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ
News Articles Presentations Podcasts Guides

Topics

Choose your language

InfoQ Dev Summit Boston

Discover transformative insights to level up your software development decisions. Use code LIMITEDOFFERIDSBOSTON24 for an exclusive offer.
InfoQ Dev Summit Munich

Get practical advice from senior developers to navigate your current dev challenges. Use code LIMITEDOFFERIDSMUNICH24 for an exclusive offer.
QCon San Francisco

Level up your software skills by uncovering the emerging trends you should focus on. Register now.
The Software Architects' Newsletter

Your monthly guide to all the topics, technologies and techniques that every professional needs to know about. Subscribe for free.

InfoQ Homepage Static Analysis Content on InfoQ

News

RSS Feed
Newer Older

  • The Future of ParseTree

    The current Ruby 1.9.1 doesn't have the required features to allow ParseTree's runtime features to work - which means some libraries that depend on those features won't work. Examples are Merb's action arguments or heckle. We take a look at the state of ParseTree - and how ruby_parser is a possible way out.

    Werner Schuster
    on Apr 22, 2009

  • Static Analysis Tools Roundup: Roodi, Rufus, Reek, Flay

    Ruby_parser, ParseTree, and it's cleaned up output UnifiedRuby, provide access to Ruby source code ASTs. We take a look at four static analysis tools built in plain Ruby: Flay, Roodi, Rufus, Reek.

    Werner Schuster
    on Nov 07, 2008

  • ParseTree 3.0 Released, Many Related Libraries Updated

    Ryan Davis announced the release of ParseTree 3.0, as well as an update to related libraries: Ruby2Ruby and Flog. Sexp_processor, the library to write visitors for analyzing parse tree s-exprs was split out as a gem. Also: ruby_parser 2.0, a Ruby parser written in Ruby, was released with many improvements.

    Werner Schuster
    on Oct 23, 2008

  • FxCop 1.36 Released

    Microsoft has released a new version of FxCop, the popular static code analyzer and policy enforcement utility. This release fixes numerous bugs and adds support .NET Framework 3.5 language features. This release updates FxCop to have the same engine enhancements provided to VSTS Code Analysis in VS 2008 SP1.

    Al Tenhundfeld
    on Aug 22, 2008

  • Presentation: Secure Programming with Static Analysis

    Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis can uncover the kinds of errors that lead directly to vulnerabilities and in this talk, Brian Chess frames the software security problem and shows how static analysis is part of the solution.

    Niclas Nilsson
    on Aug 06, 2008

  • Debate and more Insights on Dynamic vs. Static Languages

    The transcript of Steve Yegge’s presentation on dynamic languages in Stanford University, which he posted on his blog, triggered many reactions in the blog sphere. Cedric Beust, Ted Neward, Ola Beni and Greg Young provided their viewpoints and arguments on different tradeoffs involved in dynamic vs. static debate.

    Sadek Drobi
    on May 23, 2008

  • Review: Exception Hunter

    Unhandled exceptions are the bane of any application, especially those that run without user interaction. Red Gate has developed a product to detect and alert developers to these potential issues, but does it measure up?

    Jonathan Allen
    on Apr 14, 2008

  • Try to get the best of your Statically Typed Language

    The use of dynamic type-checking in static languages is often perceived as unavoidable on complex projects, even though workarounds necessary to enforce it tend to negatively impact the quality of code. According to Debasish Ghosh, features in static languages, i.e. Java generics, offer an opportunity to avoid runtime type checking and optimize the advantages of static typing.

    Sadek Drobi
    on Apr 11, 2008

  • QCon Panel: What will the Future of Java Development Be?

    In this panel from QCon San Francisco, Joshua Bloch, Chet Haase, Rod Johnson, Erik Meijer and Charles Nutter discussed and debated the future of the Java language and APIs based upon the lessons we have learned from the past. Topics included static versus dynamic languages, removing code from Java, forking the JVM, and the next big programming language.

    Ryan Slobojan
    on Feb 20, 2008

  • Static Code Analysis can Highlight Deeper Flaws

    Static code analysis (SCA) tools like those offered by FindBugs, PMD, CheckStyle, IntelliJ IDEA can help a development team track down problems and keep quality high. But when an SCA tool flags a problem, how should a team react? Vikas Hazrati's Static Code Analysis is just the Tip of the Iceberg suggested: look deeper.

    Geoffrey Wiseman
    on Dec 12, 2007

  • Google SoC Series: dcov - Ruby documentation coverage analyzer

    Ruby gains another tool to ensure code quality: dcov analyses Ruby code and determines the documentation coverage. We caught up with dcov developer Jeremy McAnally to talk about his plans.

    Werner Schuster
    on Jun 21, 2007

  • Coverity Prevent SQS: Java Static Analysis Defect Detection

    The Java static-analysis defect detection space got a new entrant this week with Coverity's release of Prevent SQS, a code analysis tool that analyzes byte code, and builds an interal map of all possible execution paths upon which interprocedural defect analysis is done to find problems that lead to runtime exceptions, security vulnerabilities, unpredictable behavior, and performance degradation.

    Floyd Marinescu
    on May 06, 2007
Newer News
Older News
BT