I have just installed PMD to analyze my Java project. Really nice tool, highly recommended. Anyways, I got a few errors saying: "An empty method in an abstract class should be abstract instead" I checked out PMD documentation and the explanation says: as developer may rely on this empty implementation rather than code the app...
I am working on a library where we want to determine how much of our library is being used. I.E. we want to know how many methods in our library are public, but never being called. Goal: Static Analysis Determine how many lines of code call each public method in package A in the current project. If the number of calls is zero, the metho...
Are there any automated code review tools for Java? Especially plugins for Eclipse? The tool I expect is an automated code review plugin or tool that can automatically detect the problems in Code. ( Microsoft does this using OACR ).Plugins like Jupiter won't help because they are just peer review tools for eclipse. ...
Hi all. I'm given a string which contains an arbitrary amount of code. I want to calculate a number which represents the code complexity of that string. Something like: int complexity = Lib.FindComplexity(someString); I realize there are a lot of tools out there that will do this for you. These tools will not work for me, because...
We have been going through a big memory leak analysis and have found one of the contributing factors has been the non removal of delegates on events causing objects to not be GCed quickly enough (or sometimes forever). Would anyone have any ideas as to how to write a rule in FXCop to ensure that we have delegates are removed from handl...
I am looking for a static analyser of Oracle queries and PL/SQL procedures (triggers, constrains, ...) - a tool that will pass on our DB scheme and point to potential deadlocks. Just like FindBugs for Java. If such a tool does not exist, would you like to have it ? ...
I'm using a closed-source application that loads Lua scripts and allows some customization through modifying these scripts. Unfortunately that application is not very good at generating useful log output (all I get is 'script failed') if something goes wrong in one of the Lua scripts. I realize that dynamic languages are pretty much res...
Anyone knows about an open source project (or maybe just free to use in commercial projects) that is an alternative to Mathworks Polyspace? I'm searching for tools for code checking and found some good alternatives for static checks, but PolySpace seems to offer so much more power. I think there's no real alternative out there, but may...
Does anyone know how to change the stylecop rule (sa1600 if it helps) that says that elements must be documented so that it only applies to properties and not to private members? Our ORM (DevExpress XPO) requires that you have private members for all public properties (because you have to call a function in the setter to persist it as w...
I'm looking for a good introductory text on the theory of static analysis for bug finding. Any recommendations? ...
Is this something you do already or do you know of a good tool? GOAL: Help team understand how recent source changes impact risk so they know where to focus testing efforts. Provide data over time and feed it back into planning and scoping phases of the dev cycle. PLAN: Combine svn change data with clover complexity data in a report s...
I am looking for a static analysis tool for Python, Ruby, Sql, Cobol, Perl, PL/SQL, SQL similar to find bugs and check style. I am looking for calculating the line count, identify bugs during the development, and enforcing coding standard. ...
I'm looking for a tool that can collect quality metrics for C#/.NET code. I'm aware of NDepend - are there any other tools that I should look into? Ideally, I'd like to find something that could be integrated with an automated build process - something that could export a text-based report (I'd like to be able to easily email and archive...
Hi, Please help me to get a coding constraints for action script and flex 3. Regards, Lalji ...
I'd like to find out about the size of an array being allocated by looking at the bytecode, if that information is known at compile time, of course. Background: I want to write a FindBugs detector (which looks at the compiled bytecode) and report certain occurences of array allocations. In order to filter out false positives I am not in...
Which static analysis tools for Java has easiest extension mechanism. I checked PMD But the process of writing custom rules appears to be very involved. Specifically, I want to know whether there is any tools that offers AspectJ like syntax for picking out interesting areas of code? I am aware of AspectJ's declare warning but it appear...
I'm using the Enerjy (http://www.enerjy.com/) static code analyzer tool on my Java code. It tells me that the following line: System.err.println("Ignored that database"); is bad because it uses System.err. The exact error is: "JAVA0267 Use of System.err" What is wrong with using System.err? ...
I would like to know how a JML expression of the form \old(Expression[Id]) is evaluated, i.e. if I have the \old(vector[value-1]) expression, does the \old also refer to "value" or just the to the value of the vector[value-1]. Thanks in advance! ...
I'm working with C# and I was hoping to find some tools akin to those I'm used to in Ruby and Ruby on Rails for detecting code smells. I'm referring to things like Roodi, Flay, Flog, Reek, Rcov, and Saikuro. It would be nice if the tool(s) integrated with Visual Studio 2008. I have ReSharper and it's nice for alerting me when I'm not ...
When I run static analysis on the following code: public ExtractDBScripts(String resBundleName) { super(); m_mainBundle = ResourceBundle.getBundle(resBundleName); } I get the following error: "JAVA 0058 Constructor 'ExtractDBScripts' calls super()". What is wrong with calling super() from a constructor?...