Hacker News new | comments | ask | show | jobs | submit login
Top 40 Static Code Analysis Tools (softwaretestinghelp.com)
27 points by DmitryNovikov 8 months ago | hide | past | web | favorite | 2 comments

PSA: I'm a fan of static analysis tools but if you are in the position of making decisions about technology at your organization, please be aware that they are NOT a substitute for nuanced and detailed design.

In my personal experience, combining strongly-typed compiled languages with extensive static analysis has helped "eliminate" bugs at the syntax level, and to some extent at the semantic level. But the stuff that really causes issues is often at the level of the pragmatics of your software. (Going vaguely off the definitions here http://www.cs.sfu.ca/~cameron/Teaching/383/syn-sem-prag-meta... )

I think given the overwhelmingly large number of frameworks around, people tend to make snap judgments around how to use these tools (and the names of these tools don't help - "Findbugs" is a bit overkill :).

Make sure your software has a real set of designs before you start writing code (i.e. block, sequence, control/data flow diagrams and use-cases) and it'll be worth more than any static analysis tool, and it takes far less time. Static analysis can be layered in later if you have time.

On that note, do you have any links with tutorials/guidance on (perhaps typical/common) designs, and their related diagrams? I haven't written proper design docs since school--perhaps it's time to revisit the idea :)

Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact