Are there any static code analysis tools for stored procedures written particularly in PL/SQL and T-SQL?
A:
The nearest thing that I know of are the estimated and actual query plan functions available in SQL Server Management Studio but I'd guess there's similar for other SQL engines.
Garry Shutler
2009-02-10 08:18:02
A:
Not that I'm aware of. Regardng PL/SQL, since Oracle doesn't expose much of their PL/SQL compilation engine its hard to find tool support.
The most I've been able to do is to query the data dictionary to do things like map the package dependencies.
darreljnz
2009-02-10 09:34:33
So one has to have another engine that can handle PL/SQL. See http://www.semanticdesigns.com/Products/LanguageTools/PLSQLTools.html
Ira Baxter
2010-10-06 15:36:03
+5
A:
For T-SQL, Microsoft has the database edition of VS Team Suite (although, I believe its now in the dev SKU). This link talks about writing your own static code analysis rule for T-SQL: http://blogs.msdn.com/gertd/archive/2009/01/01/creating-t-sql-static-code-analysis-rules.aspx
MichaelGG
2009-02-10 15:14:03
Related reading http://msdn.microsoft.com/en-us/library/dd172133.aspx, http://msdn.microsoft.com/en-us/library/dd193244.aspx
suyasha
2009-02-11 08:15:26
I would accept this answer as well. Its just that becuase my question has two parts (one for PLSQL and other for TSQL) there are two separate answers but stackoverflow allows only one to be accepted.
suyasha
2009-02-17 07:50:01
+2
A:
I came across Tool called SQL Enlight. It has Analysis Script feature to identify common performance,design and database objects naming problems in the T-SQL code.
Does any one has experience in using this tool? How does it compare to VS Team Suite Data Base Edition for static analysis?
suyasha
2009-02-11 08:22:03
A:
Oracle has some little-known stuff built in.
Try this in 10g Release 2 or above:
ALTER SESSION PLSQL_WARNINGS = 'ENABLE:ALL';
Then compile your PL/SQL package (not an anonymous block).
WW
2009-02-12 11:27:54
A:
For PL/SQL, Toad CodeXpert can be extended with Sonar, an open source tool to manage code quality through a plugin.
I guess it would be possible to write a plugin for T-SQL as well.
A:
Our SD Source Code Search Engine is a tool for interactively searching large source code bases in many computer languages (including PL/SQL) efficiently, by preindexing the source code files by their tokens (identifiers, numbers, etc). As a side effect of the preindexing step, it computes standard metrics: SLOC, Cyclomatic, Halstead, ... for each file and produces a report. See the site for an example.
Our SD CloneDR is a tool for analyzing large code bases for redundant code. We've applied it to PL/SQL, and have seen something like 45% of the code involved in clones. YMMV. The CloneDR works with a large variet of langauges; see the site for sample clone detection runs on some of those other langauges.
EDIT 10/4/2010:
Our Source Code Search Engine is designed to enable very fast searches across large codes of mixed languages. It succeeds by preindexing the source code. As a side effect of the indexing step, it compute a variety of metrics including Cyclomatic and Halstead measures of complexity.
Just added: not a static analysis tool, but one generally of interest to people interested software quality: our TestCoverage for PLSQL stored procedures.
Ira Baxter
2010-03-06 19:30:20