BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Topics

Choose your language

InfoQ Homepage Code Analysis Content on InfoQ

  • An Errors List Underscores the Need for Static Code Analysis

    Program Verification Systems, the creator of PVS-Studio, a static code analyzer for C and C++, has published a list of programming errors, some of them being found in popular open source projects such as Chromium, TortoiseSVN, Apache HTTP Server, MySQL, and others.

  • JustCode Q3 - Improve Productivity by Reducing Keystrokes

    JustCode Q3 ships with several new features which enables developers to minimize coding by automating frequently used tasks and thereby improving productivity.

  • Using NDepend and LINQ to Examine Code

    NDepend has released a new version of their flagship static code analysis product. NDepend 4 introductes Code Query LINQ, NDepend.API, and VS 2012 support.

  • What’s new with Roslyn, Microsoft’s Compiler APIs

    Roslyn is a set of libraries for handling compilation, scripting, workspaces, and IDE services. It is an extensible model with VB and C# being the first two target languages. While still far from completion, Roslyn is targeting VB 12/C# 6, this release marks a major milestone for the project.

  • Sonar Quality Dashboard 3.0: New Commercial Editions And The Developer's Cockpit

    Sonar Quality Dashboard version 3.0 has recently been released including separate commercial editions and a new plugin allowing developers to see how their individual commits affect project quality.

  • Coverity: Open Source Code Has Fewer Defects than Commercial One

    A Coverity study concludes that open source code using static analysis has on average a lower number of defects than commercial code, but they are on par when it comes to code of similar sizes.

  • Jolt Award 2011 for Design, Planning, and Architecture Tools

    On October 26th, The Jolt Judges announced the awards for 2011 in the category “Design, Planning, and Architecture Tools”. In detail, the Jolt hall of fame now includes the products Paradigm for UML, Restructure 101, and Requirements Center 2010.

  • MIT introduces Oracle for Object-Oriented Programmers

    In a recent news article the Massachusetts Institute of Technology has introduced a technology for automatically remembering connections between objects. The provided system determines how objects in a large software project interact, so it can inform latecomers which objects they will need to design certain types of functions.

  • Coverity releases new tool for Code Governance

    The privately owned US company Coverity claims that its newly released and browser-based software tool Coverity Integrity Control supports development organizations to set standard policies for code quality and security, and then manage, monitor and report on these policies as code is tested.

  • Thoughtworks is using Structure101 for Analyzing Code Bases

    ThoughtWorks, a global IT consultancy that focuses on agile development, recently announced they will leverage the software architecture management tool Structure101 for assessing the quality of code bases. Structure101 is the main product that Headway Software provides for advanced code analysis.

  • Sonar 2.4: Architecture Constraint Rules and Maven 3 Support

    The latest version of open source code quality management tool Sonar supports architecture constraint rules and custom dashboards. SonarSource team recently released Sonar 2.4 version which also includes Maven 3 support and an update center to install and upgrade Sonar plugins.

  • Code is the Culprit! Always?

    Multiple reasons can be quoted for the failure of software projects. Some projects fail because of bad requirements, others due to cost and schedule overrun and few simply due to bad management. If we do a root cause analysis, would all of the failed projects lead to bad code as the main culprit? Always?

  • Security Assessment Techniques: Code Review v Pen Testing

    Web application security testing and assessment should include both security code review and penetration testing techniques. Dave Wichers, an OWASP Board Member, spoke at the recent AppSec DC 2010 Conference about the pros and cons of code reviews and penetration testing approaches in finding security vulnerabilities in web applications.

  • FXCop 10 was Shipped with Windows 7.1 SDK

    For .NET developers who want the rigor of code analysis without the expense of Visual Studio Premium, FXCop is the tool for choice. But with FXCop 1.36 pulled from Microsoft Downloads without warning, many developers were left wondering what happened. Fortunately this tool is still available if you know where to look.

  • Architexa aims to make UML quick and easy

    Architexa is a new Eclipse-based UML modeling tool that allows developers to quickly gain insight into code relationships through UML diagrams, and share what they find with others.

BT