We often write articles about software errors that we detect with our PVS-Studio static code analyzer. These errors are different: simple and complex, obvious and difficult to find, understandable and such, which require a few minutes of explanation. All these errors have something in common - the cost. We often have some disagreements with our readers about how high the price can be. Some say - what's the big deal that it's an error? We'll find it, we'll fix it. If we don't, we don't. Or a bit differently. Well the app will crash because of this error, no big deal. Let's restart and that's it.
Read more →
Whatever anyone does, the PVS-Studio team is back at conferences. In this article, we would like to share our experience with you, tell you how we went through the second half of the 2019 year: how we prepared, made mistakes, put right the wrongs. As always, we are waiting for feedback.
Read more →
This article is a review of the bugs found in the Avalonia UI project with the static analyzer PVS-Studio. Avalonia UI is an open-source cross-platform XAML-based UI framework. This is one of the most technologically significant projects in the history of .NET as it enables developers to create cross-platform interfaces based on the WPF system. We hope the project's authors will find this article helpful in fixing some of the bugs, and convincing enough to make static analysis part of their development process.
Another year is drawing to an end, and it's a perfect time to make yourself a cup of coffee and reread the reviews of bugs collected across open-source projects over this year. This would take quite a while, of course, so we prepared this article to make it easier for you. Today we'll be recalling the most interesting dark spots that we came across in open-source C/C++ projects in 2019.
2019 is drawing to an end, and the PVS-Studio team is looking back at the accomplishments of this year. In the beginning of 2019, we enhanced our analyzer's diagnostic capabilities by adding Java support, which enabled us to check and review Java projects as well. We have found lots of bugs over this year, and here's our Top 10 bugs found in Java projects.
Hi to all fans of bugs! The New Year is coming soon, so it is time to take stock of the the outgoing year. By tradition, we're glad to present the top list of errors found by the PVS-Studio team in open C# projects in 2019. Ready? Then let's get going.
In order to get high quality production code, it's not enough just to ensure maximum coverage with tests. No doubts, great results require the main project code and tests to work efficiently together. Therefore, tests have to be paid as much attention as the main code. A decent test is a key success factor, as it will catch regression in production. Let's take a look at PVS-Studio static analyzer warnings to see the importance of the fact that errors in tests are no worse than the ones in production. Today's focus: Apache Hadoop.
Stewart Britt, a well-known American marketing specialist, once said: 'Doing business without advertising is like winking at a girl in the dark. You know what you are doing but nobody else does'. We can't agree more because it is not enough to just produce something – you need to tell people about it so that they can use it. So while the PVS-Studio developers are working hard on the analyzer's improvement and stable operation, marketing department takes responsibility for an equally important task – its promotion. We are planning to continue working in this direction and document the results. If you have your own YouTube channel and you feel that your audience would be interested and glad to learn about code quality improvement, we'll be happy to work with you! Feel free to contact us: we are looking for C, C++, C#, Java, DevOps, testing and quality code related blogs.
Today we have another high-quality Microsoft project to be checked, which we'll heroically delve into trying to find errors with PVS-Studio. SARIF, an acronym for Static Analysis Interchange Format, which is a standard (file format), designed to interact and share the results of static analyzers with other tools: IDEs, complex code verification and analysis tools (e.g. SonarQube), continuous integration systems, etc. SARIF SDK, respectively, contains .NET developer tools to support SARIF as well as additional files.