static-analysis
Can Klocwork (or other tools) be aware of types, typedefs and #define directives?
I have been looking for tools to help detect errors that prevent a program from running properly as 64-bit code. Most recently, I\'ve been toying with Klocwork and its custom checkers feature, which l[详细]
2023-03-14 13:49 分类:问答Marking primitive types with phantom types in Scala
In Scala I can use the concept of phantom types (as described e.g. here) to mark types and have 开发者_运维问答this information erased at runtime. I wonder whether it is possible to mark primitive typ[详细]
2023-03-13 08:18 分类:问答Type safety in Clojure
I want to ask what sort of type safety languages constructs are there on Clojure? I\'ve read \'Practical Clojure\' from Luke VanderHart and Stuart Sierra several times now, but i still have the disti[详细]
2023-03-12 03:28 分类:问答Should annotations in jar305.jar be preferred over similar annotations in annotation.jar for FindBugs?
In the FindBugs distribution, annotations.jar is not a subset of jsr305.jar. However, several annotations seem to be duplicated (either 开发者_如何学Goexactly, or very closely). Should I prefer an ann[详细]
2023-03-12 02:57 分类:问答Is there a static analysis tool to compute use-define chains?
I\'m looking for a s开发者_JAVA百科tatic analysis tool for C that performs dataflow analysis and computes use-define chains (preferably a command line tool). So far I have tried CIL, clang, lint, goan[详细]
2023-03-11 12:42 分类:问答How to statically analyze reference types passed to each bytecode instruction?
I have rewritten the question (the question remains the same, just with less background noise) in hopes of creating less confusion directed at all the wrong things - due to this, some of the comments[详细]
2023-03-10 14:31 分类:问答Is there a way to use static code analysis to determine if all fields of a certain type have an annotation?
I have some POJOs that are used to shuffle data around in my application and its webservices. We have just introduced an annotation to help us verify that String fields in those POJOs are of a certain[详细]
2023-03-10 09:38 分类:问答Is there a static analysis tool for identifying sql injection for php/mysql
Is there a static analysis tool 开发者_开发问答for identifying sql injection for php/mysql. A tool which run on a php script would analyze the sql statements and find if there are any possible sql in[详细]
2023-03-07 12:46 分类:问答PHP_CodeSniffer, PHPMD or PHP Depend
I am looking at doing some static code analysis of an exisiting PHP proje开发者_如何学Goct, and I\'m having trouble understanding the distinctions between PHP_CodeSniffer, PHPMD, and PHP Depend. Are t[详细]
2023-03-06 13:35 分类:问答Parasoft rulewizard
I\'m trying to create a static rule to check the token passing for defensive programming in a SIL4 application.[详细]
2023-03-06 08:29 分类:问答