StaticTracker: A Diff Tool for Static Code Warnings

被引:0
|
作者
Li, Junjie [1 ]
Yang, Jinqiu [1 ]
机构
[1] Concordia Univ, Montreal, PQ, Canada
来源
2023 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE MAINTENANCE AND EVOLUTION, ICSME | 2023年
关键词
static analysis; empirical study; code refactoring; software evolution; ALGORITHM;
D O I
10.1109/ICSME58846.2023.00074
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Static bug detectors help improve software quality by detecting code issues (e.g., code smells or bugs). However, static bug detectors are underutilized in practice due to various reasons. One primary reason is that static bug detectors often report an overwhelming number of static warnings for one software revision. To facilitate better adoption of static bug detectors in software development, we propose a tool, namely StaticTracker, that specializes in tracking the evolution of static code warnings. StaticTracker analyzes each commit and produces the changes of static code warnings caused by the commit, i.e., a diff for static code warnings. We integrate StaticTracker in continuous integration through Git Hooks. Whenever developers push code to a git repository, StaticTracker is automatically activated to identify disappeared and newly-introduced warnings by the commit. We implement StaticTracker for two static bug detectors (Spotbugs and PMD) and evaluate StaticTracker on the recent commits of two open-source projects (Druid and Jedis). Our evaluation shows that StaticTracker is effective in reducing the overwhelming static code warnings that developers need to investigate and achieves an accuracy of 89.8%, which outperforms the state-of-the-art tracking approach with an accuracy of 68.5%. We open source the tool at https://github.com/ljj430/tracking-static-warnings tool demo, and the demo video is at https://www.youtube.com/watch?v=2WMOjoq1Nbs.
引用
收藏
页码:568 / 573
页数:6
相关论文
共 50 条
  • [41] Benchmarking static code analyzers
    Herter, Joerg
    Kaestner, Daniel
    Mallon, Christoph
    Wilhelm, Reinhard
    RELIABILITY ENGINEERING & SYSTEM SAFETY, 2019, 188 : 336 - 346
  • [42] Static analysis for Guarded code
    Hu, P
    LANGUAGES, COMPILERS, AND RUN-TIME SYSTEMS FOR SCALABLE COMPUTERS, 2000, 1915 : 44 - 56
  • [43] Static disassembly and code analysis
    Vigna, Giovanni
    MALWARE DETECTION, 2007, : 19 - 41
  • [44] STATIC ANALYSIS OF POSTSCRIPT CODE
    HORSPOOL, RN
    VITEK, J
    COMPUTER LANGUAGES, 1993, 19 (02): : 65 - 78
  • [45] Static Verification for Code Contracts
    Faehndrich, Manuel
    STATIC ANALYSIS, 2010, 6337 : 2 - 5
  • [46] Predicting Accurate and Actionable Static Analysis Warnings: An Experimental Approach
    Ruthruff, Joseph R.
    Penix, John
    Morgenthaler, J. David
    Elbaum, Sebastian
    Rothermel, Gregg
    ICSE'08 PROCEEDINGS OF THE THIRTIETH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, 2008, : 341 - 350
  • [47] Ranking Warnings of Static Analysis Tools Using Representation Learning
    Kien-Tuan Ngo
    Dinh-Truong Do
    Thu-Trang Nguyen
    Hieu Dinh Vo
    2021 28TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE (APSEC 2021), 2021, : 327 - 337
  • [48] How different are different diff algorithms in Git?Use --histogram for code changes
    Yusuf Sulistyo Nugroho
    Hideaki Hata
    Kenichi Matsumoto
    Empirical Software Engineering, 2020, 25 : 790 - 823
  • [49] Benchmarking Static Code Analyzers
    Herter, Joerg
    Kaestner, Daniel
    Mallon, Christoph
    Wilhelm, Reinhard
    COMPUTER SAFETY, RELIABILITY, AND SECURITY, SAFECOMP 2017, 2017, 10488 : 197 - 212
  • [50] Diff/TS: A Tool for Fine-Grained Structural Change Analysis
    Hashimoto, Masatomo
    Mori, Akira
    FIFTEENTH WORKING CONFERENCE ON REVERSE ENGINEERING, PROCEEDINGS, 2008, : 279 - 288