InfoQ Homepage Static Analysis Content on InfoQ
-
CppDepend now Supports C and C++14
CppDepend is a primarily a source code analyzer, with features geared towards making it easier to understand large code bases with complex interdependencies. In addition, it can integrate with static analyzers. With the introduction of version 5, CppDepend now supports C and C++14.
-
Guido van Rossum Wants to Bring Type Annotations to Python
Guido van Rossum, best known as designer of the Python programming language, recently sent out a proposal on the python-ideas mailing list for adding type annotations to Python function declarations. The proposal aims at bringing to Python the benefits provided by static typing without changing Python's dynamic typing nature and interpreter behaviour.
-
ThreadSafe Concurrency Static Analysis Tool Announces First Public Release
UK based Contemplate Ltd. has announced the first public release of their flagship product ThreadSafe, a static analysis tool for locating concurrency bugs and inefficiencies in Java code. InfoQ applied ThreadSafe and FindBugs to a multithreaded project and reports the results.
-
Coverity 2012: How to Get a Low Defect Density
This article contains the testimonies of several project leaders detailing the process used to achieve a low Coverity Scan defect density.
-
CAST: Adding Spring Lowers the Quality of JEE Applications
A CAST report discloses that JEE enterprise software has lower quality when using Spring or Struts than using just Hibernate. Also, the quality degrades when Java is mixed with C or C++.
-
An Errors List Underscores the Need for Static Code Analysis
Program Verification Systems, the creator of PVS-Studio, a static code analyzer for C and C++, has published a list of programming errors, some of them being found in popular open source projects such as Chromium, TortoiseSVN, Apache HTTP Server, MySQL, and others.
-
Spring Migration Analyzer: An Assistant For JavaEE To Spring Conversion
Spring Migration Analyzer is a command line utility, that takes as input the binary archive of a JavaEE application (e.g. an EAR file) and creates a report, containing JavaEE technologies used, along with advice on effort required to migrate them to Spring/Tomcat. It attempts to create an easier migration path for those who wish to migrate an existing JavaEE application to the Spring framework.
-
CppDepend is Now Available for Linux
CppDepend is a tool for analyzing complex C++ applications. Using the Clang parser and a custom query language based on LINQ, developers can write scripts that examine complex relationships between classes and methods. These can be used for general exploration or to build up static code analysis rules. CppDepend is licensed for both Windows and Linux.
-
Coverity: Open Source Code Has Fewer Defects than Commercial One
A Coverity study concludes that open source code using static analysis has on average a lower number of defects than commercial code, but they are on par when it comes to code of similar sizes.
-
Ruby IDE Roundup: JetBrains Releases Rubymine 4.0, Ruby for NetBeans 7.1 in the Works
JetBrains released version 4 of their Ruby IDE RubyMine. This release focuses on better performance, and contains incremental improvements and polishing in many areas. For NetBeans 7.1, a preview release of the community Ruby support is now available.
-
Microsoft Unveils its Compiler as a Service
Early reports suggested that the Rosyln project would just be a better runtime-accessible compiler and REPL-style interpreter, but it turns out that it is much more ambitious. By opening up the entire compiler pipeline Microsoft hopes that developers will create a wide variety of tools at many levels.
-
JRuby Roundup: JRuby on EY AppCloud, JRuby-Lint, JRuby Delegates
JRuby is now available on EngineYard's AppCloud Beta program, set up to run with the Trinidad server. Nick Sieger has released jruby-lint, a static analysis tool that checks Ruby code bases for patterns that are either discouraged or perform badly on JRuby vs. MRI. Also: JRuby 1.6.2 is out.
-
Code Contracts are Making Slow Progress
Code Contracts are making slow progress towards being ready for production use. While the technology still shows a lot of initial promise, it doesn’t take long to run into a road block or six that makes them unusable in their current form.
-
Metrics for Ruby With Caliper
Caliper calculates various metrics – for example code duplication and complexity – for your Ruby code; all you need is a public Git repository.
-
Spec# and Boogie Released on CodePlex
The source code for Spec# is now available on CodePlex under the Microsoft Research Shared Source License Agreement (non-commercial use only). It’s code verification tools, named Boogie, has been released under the Microsoft Public License, which conforms to Free/Open Source standards.