Open VasilievSerg opened 7 years ago
Hey, thanks InkViziT0r. The report is informative, I am just unsure why the authors chose a particular mocking tone to show those problems in the framework. The truth is that the framework has been composed from the work of many people coming from the most varying backgrounds and with the most varying objectives across more than 7 years; even including a merge of two large codebases developed almost independently by distinct authors and teams. It is hard to keep track of every aspect of code quality under those circumstances, especially when most contributors have only a limited (free) time to work on everything.
Thanks a lot for sharing the link, I will keep this issue open to track the progress on solving their reporter issues!
Regards, Cesar
I am the author of the article and I apologize if the style of text seemed to be mocking in any way, I really didin’t mean anything like that. My aim was just to present the bugs found in this project.
I understand the peculiarities of this codebase. Static analysis tools are exactly those tools that allow tracking the code quality. The main thing – to use them regularly and correctly integrate into the analysis process (more details can be found by this link http://www.viva64.com/en/b/0309/).
Also, I would advise using PVS-Studio for fixing the errors, as a minimum, but the best is to use it on a regular basis (this scenario brings the most benefit from the analyzer). You can download the trial version (http://www.viva64.com/en/pvs-studio-download/) or e-mail us regarding a temporary key for it (support@viva64.com).
Best regards, Vasiliev Sergey
Well then thank you again for bringing up all those issues and for all the effort in analyzing the project! Actually I was truly impressed by the kinds of bugs it could catch. PVS-Studio seems like an amazingly useful tool and I will surely give it a try.
In the meantime, I will leave this issue open until I work on the issues reported on the article, or at least finish importing them in the issue tracker.
Thanks! Cesar
Developers of PVS-Studio C/C++/C# static analyzer present their check report of the source code of 'Accord.Net' in the article, containing the review of the most suspicious code fragments they discovered.
You can read article at the official site: http://www.viva64.com/en/b/0410/