How to choose a static analysis tool

Tools to improve and control code quality can be a keyΒ success factor in a complex software project implementation. Static analyzers belong to such tools. Nowadays, you can find various static analyzers: from free open-source to cross-functional commercial solutions. On the one hand, it’s great – you can choose from many options. On the other hand – you have to perform advanced research to find the right tool for your team.

Continue reading

Protocol Buffers, a brutal protocol from Google, vs. PVS-Studio, a static code analyzer

Protocol Buffers is a very popular, cool, and high-quality product that is mostly developed by Google. This is a good challenge for the PVS-Studio static code analyzer. Finding at least something is already an achievement. Let’s give it a shot.

Continue reading

Tutorial: how to port a project from Interop Word API to Open XML SDK

With the .NET5 release further development of some projects was questionable due to the complexity of porting. One can abandon small outdated libraries or find a replacement. But it’s hard to throw away Microsoft.Office.Interop.Word.dll. Microsoft doesn’t plan to add compatibility with .NET Core/5+, so in this article we focus on creating Word files with Open XML SDK.

Continue reading

Using Static Analysis Online [Compiler Explorer]

Do you want to try a static analyzer but you don’t feel like installing it and figuring the things out? That’s OK 😊

This video will tell you how to do it online and most importantly for free. By the way, this website allows you to check if your code compiles πŸ˜‰

Code from video.

Have fun watching this video and coding πŸ™‚

Optimization of .NET applications: a big result of small edits

Today we’re going to discuss how small optimizations in the right places of the application can improve its performance. Imagine: we remove the creation of an extra iterator in one place, get rid of boxing in the other. As a result, we get drastic improvements because of such small edits.

Continue reading

VSCode: how to view reports of static analyzers that support SARIF

People increasingly start optimizing the process of finding code errors using static analyzers. Nowadays, we can choose from a variety of products to view analysis results. This post covers the ways how to view an analyzer report in the most stylish and feature-rich IDE among multifunctional ones – VSCode. The SARIF format and a special plugin for it allow us to perform our task. Keep reading to find out about this. Let’s get going!

Continue reading

How to Use Mass Suppression in PVS-Studio for C#?

Have you just run the analyzer and now you have no idea what to do with all this abundance of warnings? πŸ“œ Nothing to worry about – we made a special mechanism that can help you deal with them πŸ’ͺ🏻

In this video, you’ll learn about the inner workings of mass warnings suppression mechanism in PVS-Studio for Π‘#. If you’re interested in other programming language, follow the links bellow πŸ™‚

Mass Suppression in PVS-Studio for C++

Mass Suppression in PVS-Studio for Java

Conclusion Have fun watching this video and coding πŸ™‚

A beautiful error in the implementation of the string concatenation function

We, the PVS-Studio static code analyzer developers, have a peculiar view on beauty. On the beauty of bugs. We like to find grace in errors, examine them, try to guess how they appeared. Today we have an interesting case when the concepts of length and size got mixed up in the code.

Continue reading