2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering (SANER) 2016
DOI: 10.1109/saner.2016.105
|View full text |Cite
|
Sign up to set email alerts
|

Analyzing the State of Static Analysis: A Large-Scale Evaluation in Open Source Software

Abstract: Abstract-The use of automatic static analysis has been a software engineering best practice for decades. However, we still do not know a lot about its use in real-world software projects: How prevalent is the use of Automated Static Analysis Tools (ASATs) such as FindBugs and JSHint? How do developers use these tools, and how does their use evolve over time? We research these questions in two studies on nine different ASATs for Java, JavaScript, Ruby, and Python with a population of 122 and 168,214 open-source… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

7
144
1
3

Year Published

2016
2016
2024
2024

Publication Types

Select...
3
2
1
1

Relationship

3
4

Authors

Journals

citations
Cited by 155 publications
(155 citation statements)
references
References 32 publications
7
144
1
3
Order By: Relevance
“…Compared to about 60% of state-of-the-art GITHUB projects using ASATs [7] and some 50% of projects in general doing testing [16], a number of reasons might hinder an even more-widespread use of TRAVIS CI: Famous GITHUB projects such as SCALA/S-CALA 9 often run their own CI server (see Section 2.1). 10 This exemplifies that from the 30% adoption rate, it does not follow that 70% of projects do not use CI.…”
Section: Resultsmentioning
confidence: 99%
See 2 more Smart Citations
“…Compared to about 60% of state-of-the-art GITHUB projects using ASATs [7] and some 50% of projects in general doing testing [16], a number of reasons might hinder an even more-widespread use of TRAVIS CI: Famous GITHUB projects such as SCALA/S-CALA 9 often run their own CI server (see Section 2.1). 10 This exemplifies that from the 30% adoption rate, it does not follow that 70% of projects do not use CI.…”
Section: Resultsmentioning
confidence: 99%
“…While both TRAVISPOKER and TRAVISHARVESTER utilize TRAVIS CI's Ruby client for querying the API, 6 we cannot use its job log retrieval function (Job:log) due to a memory leak 7 and because it does not retrieve all build logs. We circumvented these problems by also querying an undocumented Amazon Cloud server we discovered that archives build logs.…”
Section: Toolsmentioning
confidence: 99%
See 1 more Smart Citation
“…Analysis Tools (ASATs) analyze source or binary code without observing its run time behavior [1]. ASATs have become an integral part of today's software quality assurance practices, reflected by the increased uptake of new ASATs such as Google's Error Prone 1 or Facebook's Infer.…”
Section: Introduction Automated Staticmentioning
confidence: 99%
“…ASATs have become an integral part of today's software quality assurance practices, reflected by the increased uptake of new ASATs such as Google's Error Prone 1 or Facebook's Infer. 2 In addition to the well-known standalone ASATs like FindBugs, Checkstyle, or PMD [1], recently, new cloud services like CodeClimate 3 have emerged. They try to provide a better integration of ASATs into the development process.…”
Section: Introduction Automated Staticmentioning
confidence: 99%