Topic: static analysis

The Importance of Prevention: How Shifting Left, Static Analysis and Unit Testing Create Better Code Quality

Developers are constantly balancing demands to provide quality features of the highest standard at a fast pace. Every aspect of business now relies on software, which means developers are constantly working to write and produce the best software they can. Continuous Integration (CI) and Continuous Delivery (CD) help facilitate the creation of that software, but … continue reading

Guest View: Use static analysis to secure open source

Sonatype’s 2020 State of the Software Supply Chain Report found that next generation cyber-attacks actively targeting open-source soft- ware projects increased 430% over the past 12 months. Industry and the Open Source communities recognize heightened security risks and are working to solve these. For example, in August 2020 the Linux Foundation launched the Open Source … continue reading

5 ways static code analysis can save you

If you’re not doing static code analysis (aka static analysis), now is the time to start. Delivering code faster has dubious value if the quality degrades as development cycles shrink. On the other hand, if you’re not doing static code analysis, you’re not alone. Despite the mature age of the tool category, not a lot … continue reading

GrammaTech releases CodeSonar 5

Software security tool provider GrammaTech has announced the latest release of its static analysis tool CodeSonar. According to the company, CodeSonar 5 is “the next step in usability and extensibility for users of static analysis.” This release adds support for C# and the Visual Studio IDE. It also adds support for importing results with the … continue reading

Scala static analysis comes to Checkmarx

Checkmarx has expanded support for Scala into its static code-analysis tool. Checkmarx now supports 20 programming languages in its security-scanning product. Scala joins a host of other popular languages, such as C#, Java, PHP, Python, and even Perl. Checkmarx Static Code Analysis, as of today, can be run against a Scala codebase to find common … continue reading

Slack introduces Threads, Realm Mobile Platform reaches v1.0, and CA Technologies officially acquires Automic—SD Times news digest: Jan. 19, 2017

Slack has introduced a much-sought-after feature today called Threads, which lets users reply to messages, organize discussions and manage their conversations. According to Paul Rosania, a member of the core product team at Slack, the company was trying to implement a feature that would group conversations in a channel to make it clear which message … continue reading

Microsoft previews new JavaScript language service, Salsa

Microsoft is introducing a new JavaScript language service in Visual Studio 15. The service, codenamed Salsa, is designed to improve the existing JavaScript language and provide enhancements to JSX support, module support, and ES6/ES7 syntax coverage. According to Microsoft, language services are meant to provide completion lists, signature help, syntax highlighting and other helpful features … continue reading

SD Times GitHub Proposal of the Week: A .NET Core image-processing library

We usually spend Friday mornings telling you about a new or unique open-source project gaining steam on GitHub, but this week we came across a fascinating proposal from Microsoft for a cross-platform server-side image manipulation library in .NET Core—and it’s all being prototyped by interns. The proposal, posted by Microsoft intern Kendra Havens (along with … continue reading

DMCA.com Protection Status