Process / pipelineCode quality inspection
静态代码分析
静态代码分析在不执行的情况下自动检查源代码,可检测潜在的错误、安全漏洞、代码坏味道和风格违规。由 Engler 和 Pugh (2001) 开创,自动化分析工具可大规模扫描代码库,比手动审查更快地识别缺陷模式。组织将静态分析集成到持续集成管道中,以尽早预防缺陷。
阅读完整方法
仅限会员
登录使用免费账户登录即可阅读本节。
Method map
The neighbourhood of related methods — select a node to explore.
来源
- Chess, B., & West, J. (2007). Secure Programming with Static Analysis. Addison-Wesley Professional. link ↗
- Engler, D., Chen, D. Y., Hallem, S., Chou, A., & Chelf, B. (2001). Bugs as deviant behavior: A general approach to inferring errors in systems code. In Proceedings of the 18th ACM Symposium on Operating Systems Principles (pp. 57–72). DOI: 10.1145/502034.502041 ↗
- Hovemeyer, D., & Pugh, W. (2004). Finding bugs is easy. ACM SIGSOFT Software Engineering Notes, 29(6), 1–8. DOI: 10.1145/1052883.1052895 ↗
如何引用本页
ScholarGate. (2026, June 3). Static Code Analysis and Automated Inspection. ScholarGate. https://scholargate.app/zh/software-engineering/static-code-analysis
Which method?
Set this method beside its closest kin and read them side by side — the library lays the books on the table; the choice is yours.
Compare side by side →