-
Running a static analysis tool and reviewing the reported problems (SonarQube, FindBugs, VS Code Analyzer, Codacy, Coverity Scan...). As static analysis tools could find numerous problems, it is enoug…
-
Story Point: **1**
-
### What happened?
Hello there!
To start off, I want to say that this "bug" isn't that big of a deal. I believe it to be more relevant when using static analysis tools such as PHPStan and Psalm, …
-
I would like to ask whether it is feasible to use the functionality of the Checker Framework within another static analysis tool.
For example, suppose a static analysis tool performs a number of pa…
-
-
Nice generator.
i think, source generator must add static analysis attributes on generated code.
https://learn.microsoft.com/en-us/dotnet/csharp/language-reference/attributes/nullable-analysis
…
-
#### Goal
Statically compute the costs of a given snippet in a contract.
The idea is to be able to display the cost a function directly in the code editor.
#### Notes
- This idea has already…
-
As an alternative to Sonar we should try out/introduce Spotbugs, which also works offline and without a secret.
See also: https://github.com/xdev-software/standard-maven-template/issues/57
-
-
I ran a static analyzer on tophat sources. For me, nothing criminal was found, but I wasn't very careful, so you can also take a look at the report.
I see a lot of `malloc()` results not checked f…