![]() Steve McConnell in "Code Complete" introduces the following data: correcting an error at the system test stage will cost ten times more than at the construction stage: The earlier the error is detected, the lower the cost of fixing it. The main advantage of static analysis - it reduces the cost of fixing program defects. Of course, this article is only about the PVS-Studio analyzer. The list of languages available for static code analysis is also long - C, C++, C#, Java, Ada, Fortran, Perl, Ruby, etc. Their list is available on Wikipedia: List of tools for static code analysis. There are lots of paid and free static code analyzers. If you are interested in numbers, you can read the " PVS-Studio ROI" article. However, the price/benefit ratio makes static analyzers a very effective practice used by many companies. ![]() Of course, the tool won't replace a real code review with a team of developers. They process the program's source code non-stop and recommend the developer to pay special attention to certain code fragments. A compromise solution is static code analysis tools. On the other hand, they're too expensive. ![]() On the one hand, regular code reviews are necessary. Developers have to regularly gather to inspect new code or re-inspect the changed one. But it also has a drawback - it costs too much. ![]() A joint code review is a wonderful methodology. In general, static analysis is an automated code review process. Static code analysis is a process of detecting errors and flaws in the program's source code. What is static code analysis and why do we need it?
0 Comments
Leave a Reply. |