|
Visual Expert
Visual Expert is a static code analysis tool, extracting design and technical information from software source code by reverse-engineering, used by programmers for software maintenance, modernization or optimization. It is designed to parse several programming languages at the same time (PL/SQL, Transact-SQL, PowerBuilder...) and analyze cross-language dependencies, in addition to each language's source code. Visual Expert checks source code against hundreds of code inspection rules for vulnerability assessment, bug fix, and maintenance issues. Features * Cross-references exploration: Impact Analysis, E/R diagrams, call graphs, CRUD matrix, dependency graphs. * Software documentation: a documentation generator produces technical documentation and low-level design descriptions. *Inspect the code to detect bugs, security vulnerabilities and maintainability issues. Native integration with Jenkins. *Reports on duplicate code, unused objects and methods and naming conventio ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Static Program Analysis
In computer science, static program analysis (or static analysis) is the analysis of computer programs performed without executing them, in contrast with dynamic program analysis, which is performed on programs during their execution. The term is usually applied to analysis performed by an automated tool, with human analysis typically being called "program understanding", program comprehension, or code review. In the last of these, software inspection and software walkthroughs are also used. In most cases the analysis is performed on some version of a program's source code, and, in other cases, on some form of its object code. Rationale The sophistication of the analysis performed by tools varies from those that only consider the behaviour of individual statements and declarations, to those that include the complete source code of a program in their analysis. The uses of the information obtained from the analysis vary from highlighting possible coding errors (e.g., the lint t ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Low-level Design
Low-level design (LLD) is a component-level design process that follows a step-by-step refinement process. This process can be used for designing data structures, required software architecture, source code and ultimately, performance algorithms. Overall, the data organization may be defined during requirement analysis and then refined during data design work. Post-build, each component is specified in detail. The LLD phase is the stage where the actual software components are designed. During the detailed phase the logical and functional design is done and the design of application structure is developed during the high-level design phase. Design phase A design is the order of a system that connects individual components. Often, it can interact with other systems. Design is important to achieve high reliability, low cost, and good maintain-ability. We can distinguish two types of program design phases: * Architectural or high-level design * Detailed or low-level design S ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Static Application Security Testing
Static application security testing (SAST) is used to secure software by reviewing the source code of the software to identify sources of vulnerabilities. Although the process of statically analyzing the source code has existed as long as computers have existed, the technique spread to security in the late 90s and the first public discussion of SQL injection in 1998 when Web applications integrated new technologies like JavaScript and Flash. Unlike dynamic application security testing (DAST) tools for black-box testing of application functionality, SAST tools focus on the code content of the application, white-box testing. A SAST tool scans the source code of applications and its components to identify potential security vulnerabilities in their software and architecture. Static analysis tools can detect an estimated 50% of existing security vulnerabilities. In SDLC, SAST is performed early in the development process and at code level, and also when all pieces of code and componen ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Profiling (computer Programming)
In software engineering, profiling ("program profiling", "software profiling") is a form of dynamic program analysis that measures, for example, the space (memory) or time complexity of a program, the usage of particular instructions, or the frequency and duration of function calls. Most commonly, profiling information serves to aid program optimization, and more specifically, performance engineering. Profiling is achieved by instrumenting either the program source code or its binary executable form using a tool called a ''profiler'' (or ''code profiler''). Profilers may use a number of different techniques, such as event-based, statistical, instrumented, and simulation methods. Gathering program events Profilers use a wide variety of techniques to collect data, including hardware interrupts, code instrumentation, instruction set simulation, operating system hooks, and performance counters. Use of profilers The output of a profiler may be: * A statistical ''sum ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
File Comparison
In computing, file comparison is the calculation and display of the differences and similarities between data objects, typically text files such as source code. The methods, implementations, and results are typically called a diff, after the Unix diff utility. The output may be presented in a graphical user interface or used as part of larger tasks in networks, file systems, or revision control. Some widely used file comparison programs are diff, cmp, FileMerge, WinMerge, Beyond Compare, and File Compare. Many text editors and word processors perform file comparison to highlight the changes to a file or document. Method types Most file comparison tools find the longest common subsequence between two files. Any data not in the longest common subsequence is presented as a change or an insertion or a deletion. In 1978, Paul Heckel published an algorithm that identifies most moved blocks of text. This is used in the IBM History Flow tool. Other file comparison programs f ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Source Lines Of Code
Source lines of code (SLOC), also known as lines of code (LOC), is a software metric used to measure the size of a computer program by counting the number of lines in the text of the program's source code. SLOC is typically used to predict the amount of effort that will be required to develop a program, as well as to estimate programming productivity or maintainability once the software is produced. Measurement methods Many useful comparisons involve only the order of magnitude of lines of code in a project. Using lines of code to compare a 10,000-line project to a 100,000-line project is far more useful than when comparing a 20,000-line project with a 21,000-line project. While it is debatable exactly how to measure lines of code, discrepancies of an order of magnitude can be clear indicators of software complexity or man-hours. There are two major types of SLOC measures: physical SLOC (LOC) and logical SLOC (LLOC). Specific definitions of these two measures vary, but the most c ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Software Metric
In software engineering and development, a software metric is a standard of measure of a degree to which a software system or process possesses some property. Even if a metric is not a measurement (metrics are functions, while measurements are the numbers obtained by the application of metrics), often the two terms are used as synonyms. Since quantitative measurements are essential in all sciences, there is a continuous effort by computer science practitioners and theoreticians to bring similar approaches to software development. The goal is obtaining objective, reproducible and quantifiable measurements, which may have numerous valuable applications in schedule and budget planning, cost estimation, quality assurance, testing, software debugging, software performance optimization, and optimal personnel task assignments. Common software measurements Common software measurements include: * ABC Software Metric * Balanced scorecard * Bugs per line of code * Code coverage * Cohe ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Naming Convention (programming)
In computer programming, a naming convention is a set of rules for choosing the character sequence to be used for identifiers which denote variables, types, functions, and other entities in source code and documentation. Reasons for using a naming convention (as opposed to allowing programmers to choose any character sequence) include the following: * To reduce the effort needed to read and understand source code; * To enable code reviews to focus on issues more important than syntax and naming standards. * To enable code quality review tools to focus their reporting mainly on significant issues other than syntax and style preferences. The choice of naming conventions can be an enormously controversial issue, with partisans of each holding theirs to be the best and others to be inferior. Colloquially, this is said to be a matter of dogma. Many companies have also established their own set of conventions. Potential benefits Some of the potential benefits that can be obtained b ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Unreachable Code
In computer programming, unreachable code is part of the source code of a program which can never be executed because there exists no control flow path to the code from the rest of the program. Unreachable code is sometimes also called ''dead code'', although dead code may also refer to code that is executed but has no effect on the output of a program. Unreachable code is generally considered undesirable for several reasons: * It uses memory unnecessarily * It can cause unnecessary use of the CPU's instruction cache ** This can also decrease data locality * Time and effort may be spent testing, maintaining and documenting code which is never used ** Sometimes an automated test is the only thing using the code. However, unreachable code can have some legitimate uses, like providing a library of functions for calling or jumping to manually via a debugger while the program is halted after a breakpoint. This is particularly useful for examining and pretty-printing the internal state ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Duplicate Code
In computer programming, duplicate code is a sequence of source code that occurs more than once, either within a program or across different programs owned or maintained by the same entity. Duplicate code is generally considered undesirable for a number of reasons. A minimum requirement is usually applied to the quantity of code that must appear in a sequence for it to be considered duplicate rather than coincidentally similar. Sequences of duplicate code are sometimes known as code clones or just clones, the automated process of finding duplications in source code is called clone detection. Two code sequences may be duplicates of each other without being character-for-character identical, for example by being character-for-character identical only when white space characters and comments are ignored, or by being token-for-token identical, or token-for-token identical with occasional variation. Even code sequences that are only functionally identical may be considered duplicate cod ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Jenkins (software)
Jenkins is an open source automation server. It helps automate the parts of software development related to building, testing, and deploying, facilitating continuous integration and continuous delivery. It is a server-based system that runs in servlet containers such as Apache Tomcat. It supports version control tools, including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, ClearCase and RTC, and can execute Apache Ant, Apache Maven and sbt based projects as well as arbitrary shell scripts and Windows batch commands. History The Jenkins project was originally named ''Hudson'', and was renamed in 2011 after a dispute with Oracle, which had forked the project and claimed rights to the project name. The Oracle fork, ''Hudson'', continued to be developed for a time before being donated to the Eclipse Foundation. Oracle's Hudson is no longer maintained and was announced as obsolete in February 2017. Around 2007 Hudson became known as a better alternative to Cruise Control ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
