Tagged articles

257 articles

Page 3 of 3

Apr 21, 2020 · Information Security

Integrating SAST Tools into a DevSecOps Pipeline: Five Key Checkpoints and Best Practices

This article explains how to embed static application security testing (SAST) into a DevSecOps CI/CD pipeline by defining five essential checkpoints—pre‑commit, commit‑time, build‑time, test‑time, and deployment—covering purpose, benefits, handling false positives, result merging, custom rule sets, and automation strategies.

DevSecOpsSASTci/cd

0 likes · 20 min read

Integrating SAST Tools into a DevSecOps Pipeline: Five Key Checkpoints and Best Practices

Youzan Coder

Mar 20, 2020 · Backend Development

Exploring Go Unit Test Coverage, Static Analysis, and Incremental Coverage Integration

The article details how a Go middleware QA team generates unit‑test coverage with go test and gocov, runs static analysis via golangci‑lint, integrates results into SonarQube, captures integration‑test coverage in Kubernetes, and applies diff‑cover for incremental coverage checks, all visualized through Jenkins.

GoKubernetesSonarQube

0 likes · 16 min read

Exploring Go Unit Test Coverage, Static Analysis, and Incremental Coverage Integration

DevOps Cloud Academy

Feb 3, 2020 · Operations

Integrating SonarQube into a DevOps Pipeline: Architecture, Docker Installation, and Configuration (LDAP & GitLab)

This guide explains SonarQube's architecture, shows how to deploy it with Docker, and details configuration steps including forced login, LDAP integration, and GitLab authentication, providing code snippets and screenshots for a complete DevOps quality‑management setup.

DevOpsGitLabLDAP

0 likes · 4 min read

Integrating SonarQube into a DevOps Pipeline: Architecture, Docker Installation, and Configuration (LDAP & GitLab)

Liangxu Linux

Jan 30, 2020 · Information Security

Top 11 Open-Source Code Quality and Security Tools Every Developer Should Know

An overview of eleven essential open-source and commercial tools—including SonarQube, Kritika, DeepScan, Klocwork, CodeSonar, JArchitect, Bandit, Code Climate, Crucible, Fortify, and Codecov—that help developers analyze code quality, detect security vulnerabilities, and integrate seamlessly into CI/CD pipelines across multiple programming languages.

ci/cdcode qualityopen-source tools

0 likes · 8 min read

Top 11 Open-Source Code Quality and Security Tools Every Developer Should Know

Zhenai.com Front-end Tech Team

Jan 12, 2020 · Mobile Development

How to Build a Real‑Time Kotlin Lint IDE Plugin for Android Development

This article explains the motivation, design, implementation, and deployment of a Kotlin static‑analysis IDE plugin that provides real‑time code‑style checks for Android developers, covering tool exploration, AST/PSI parsing, rule creation, architecture layers, and practical installation steps.

ASTAndroidIDE plugin

0 likes · 18 min read

How to Build a Real‑Time Kotlin Lint IDE Plugin for Android Development

Continuous Delivery 2.0

Nov 28, 2019 · Fundamentals

Understanding Cyclomatic Complexity and How to Apply Excessive Cyclomatic Complexity

This article explains the McCabe metric, the definition and calculation of cyclomatic complexity, its relationship to code quality, and introduces the concept of excessive cyclomatic complexity as a more meaningful indicator for managing software maintainability.

McCabe metriccode qualitycyclomatic complexity

0 likes · 7 min read

Understanding Cyclomatic Complexity and How to Apply Excessive Cyclomatic Complexity

360 Tech Engineering

Nov 12, 2019 · Information Security

Improving Product Quality through Code Vulnerability Scanning and Deep Code Search

The article explains why and when to scan product code for vulnerabilities, describes static source‑code and binary scanning methods, introduces deep code‑search techniques, outlines the system architecture and incremental indexing pipeline, and shows how these practices can substantially raise overall product quality.

Code ScanningCode searchInformation Security

0 likes · 13 min read

Improving Product Quality through Code Vulnerability Scanning and Deep Code Search

Meituan Technology Team

Nov 7, 2019 · Mobile Development

Optimizing Static Code Scanning for Android Projects: Full and Incremental Scan Strategies

The article outlines how integrating CheckStyle, Lint, and FindBugs with a custom Gradle plugin, applying full‑scan optimizations to collect only necessary source and class files and implementing incremental scans that target only files changed in a PR, cuts Android CI static‑analysis time by over 50 %, dropping full scans from nine to five minutes and enabling sub‑minute incremental checks.

AndroidCIGradle

0 likes · 30 min read

Optimizing Static Code Scanning for Android Projects: Full and Incremental Scan Strategies

dbaplus Community

Oct 19, 2019 · Information Security

Mastering Enterprise Code Auditing: Strategies, Tools, and Best Practices

This comprehensive guide explains why code auditing is essential for modern enterprises, compares enterprise and white‑hat audits, outlines a seven‑step methodology, and reviews both open‑source and commercial SAST tools with practical case studies across PHP, Node.js, Python, and Go.

DevSecOpsDynamic AnalysisSAST

0 likes · 24 min read

Mastering Enterprise Code Auditing: Strategies, Tools, and Best Practices

DevOps Cloud Academy

Sep 17, 2019 · Operations

Configuring SonarQube Scan Parameters to Include Branch and Commit Information

This guide explains how to configure SonarQube scan parameters to automatically include the current GitLab branch name and commit SHA, enabling detailed code‑quality reporting within CI pipelines; it also shows the required command‑line flags and how to set up the Reporting section with GitLab credentials.

CIDevOpsGitLab

0 likes · 1 min read

Configuring SonarQube Scan Parameters to Include Branch and Commit Information

Didi Tech

Sep 3, 2019 · Fundamentals

General Deadlock Prediction Algorithm for Linux Kernel Read‑Write Locks

The paper reverse‑engineers Linux’s Lockdep and introduces a universal deadlock prediction algorithm that treats mutexes as write‑locks of read‑write locks, using a two‑thread model and indirect‑dependency analysis to accurately detect potential deadlocks in complex rwlock scenarios.

ConcurrencyLockdepdeadlock

0 likes · 18 min read

General Deadlock Prediction Algorithm for Linux Kernel Read‑Write Locks

Meituan Technology Team

Aug 1, 2019 · Frontend Development

Scalable ESLint-Based JavaScript Code Standardization for Large Front‑end Teams

The article presents a scalable ESLint‑based framework for large front‑end teams that combines a layered, unified rule configuration, CI/CD and pre‑commit lint checks, a one‑click onboarding CLI, and automated metrics collection with dashboards, enabling consistent code standards across diverse projects while reducing maintenance overhead.

AutomationESLintFront-end

0 likes · 20 min read

Scalable ESLint-Based JavaScript Code Standardization for Large Front‑end Teams

Java Captain

Jul 2, 2019 · Backend Development

How to Install and Use Common IntelliJ IDEA Plugins for Java Development

This guide explains how to install a set of useful IntelliJ IDEA plugins—including FindBugs‑IDEA, Maven Helper, VisualVM Launcher, GenerateAllSetter, Rainbow Brackets, Translation, and Alibaba Java Coding Guidelines—by configuring the IDE, restarting it, and verifying successful loading through visual cues and practical usage examples.

IDE pluginsIntelliJ IDEAJava

0 likes · 11 min read

How to Install and Use Common IntelliJ IDEA Plugins for Java Development

Python Crawling & Data Mining

Jun 21, 2019 · Backend Development

Boost Your Python Productivity: 5 Essential PyCharm Tips You Must Know

This article presents five practical PyCharm shortcuts—including error navigation, recent change view, static analysis, precise keyboard navigation, and TODO management—to help Python developers work faster and more efficiently, even without version control or external plugins.

IDE shortcutsPythonnavigation

0 likes · 9 min read

Boost Your Python Productivity: 5 Essential PyCharm Tips You Must Know

DevOps Cloud Academy

Jun 19, 2019 · Backend Development

Researching Web APIs and Translating SonarQube Rules with Python

This article demonstrates how to query SonarQube web APIs for Java rule data, retrieve quality profile information, and use a Python script that leverages execjs to translate rule descriptions via Google Translate, providing examples of both API responses and translation code.

APICode TranslationJava

0 likes · 13 min read

Researching Web APIs and Translating SonarQube Rules with Python

DevOps Cloud Academy

Jun 7, 2019 · Operations

SonarQube Architecture and Integration Overview

This article explains SonarQube’s architecture, detailing its server, database, plugin library, and scanner components, and describes the typical development workflow from IDE integration and code commit through CI‑triggered analysis, result submission, and code review, including deployment considerations for machines and network placement.

DevOpsSonarQubearchitecture

0 likes · 3 min read

SonarQube Architecture and Integration Overview

Java Architecture Diary

Apr 14, 2019 · Backend Development

How JSR‑305 Annotations Boost Null‑Safety in Spring 5 and Mica Core

This article explains how Spring 5’s spring‑core jar incorporates JSR‑305 annotations, introduces the JSR‑305 standard for static analysis, and demonstrates practical usage—including package‑level rules and @Nullable/@NonNull examples—in Spring Boot microservice projects.

JSR-305JavaNullability

0 likes · 6 min read

How JSR‑305 Annotations Boost Null‑Safety in Spring 5 and Mica Core

360 Tech Engineering

Mar 21, 2019 · Fundamentals

Memory Leak Bugs in a 6000‑Line C Module: Lessons from Unit Testing

This article shares practical experiences from unit testing a 6000‑line C module, detailing static code review and dynamic gtest testing, uncovering common defects such as memory leaks, and presenting two memory‑leak case studies with root‑cause analysis and cleanup recommendations.

C ProgrammingDynamic TestingMemory Leak

0 likes · 7 min read

Memory Leak Bugs in a 6000‑Line C Module: Lessons from Unit Testing

MaGe Linux Operations

Feb 18, 2019 · Fundamentals

Boost Your Python Productivity: 5 Essential Setup Tips Every Developer Needs

Learn how to dramatically improve your Python development workflow by adopting static analysis tools, enforcing a consistent code style, optimizing tool responsiveness, choosing a comfortable editor, and wisely investing in essential software, with practical advice that transforms everyday coding into a faster, more enjoyable experience.

Developmentcode styleproductivity

0 likes · 12 min read

Boost Your Python Productivity: 5 Essential Setup Tips Every Developer Needs

Programmer DD

Jan 23, 2019 · Operations

How to Build a Full CI/CD Pipeline for Python with GitLab, Docker, and SonarQube

This article walks through creating a complete CI/CD workflow for a Python service using GitLab CI, Docker‑based gitlab‑runner, unit testing, static code analysis with SonarQube, service containers for Redis and MongoDB, and deployment steps, providing all necessary configuration files and commands.

GitLab CIPythonSonarQube

0 likes · 9 min read

How to Build a Full CI/CD Pipeline for Python with GitLab, Docker, and SonarQube

Meituan Technology Team

Jan 17, 2019 · Mobile Development

Mastering TSLint for React Native: Setup, Configuration, and Custom Rules

This article explains why TSLint is essential for React Native projects, walks through installing and configuring TSLint, demonstrates local and CI checks, and provides a step‑by‑step guide to creating and deploying custom TSLint rules for improved code quality.

Custom RulesReact NativeTSLint

0 likes · 16 min read

Mastering TSLint for React Native: Setup, Configuration, and Custom Rules

360 Quality & Efficiency

Dec 26, 2018 · Backend Development

Introducing Error Prone: Google’s Open‑Source Java Static Analysis Tool and How to Use It

Error Prone is a Google‑released open‑source Java static analysis tool that integrates into build pipelines to catch code defects early, offering non‑intrusive checks, configurable severity levels, and extensibility, making it valuable for Java and Android development.

AndroidError ProneGradle

0 likes · 5 min read

Introducing Error Prone: Google’s Open‑Source Java Static Analysis Tool and How to Use It

Tongcheng Travel Technology Center

Jul 12, 2018 · Fundamentals

Applying White-Box Testing in Agile Hotel Projects: Process, Cases, and Results

This article describes how a hotel testing team integrated white‑box testing—code review and static analysis—into fast‑paced agile workflows, detailing the exploration timeline, typical functional testing challenges, three concrete bug‑finding case studies, measurable quality improvements, and practical promotion guidelines.

Agile TestingCode ReviewSoftware quality

0 likes · 6 min read

Applying White-Box Testing in Agile Hotel Projects: Process, Cases, and Results

360 Tech Engineering

Jul 11, 2018 · Fundamentals

Static Program Analysis, Gödel’s Incompleteness, and the Halting Problem: Foundations of Software Reliability

This article explains how redundancy and voting schemes improve system reliability, introduces Gödel’s incompleteness and consistency concepts, describes the undecidable halting problem, and outlines static program analysis techniques—including data‑flow, inter‑procedural, pointer analysis, and constraint solving—while discussing practical heuristic rules and tools.

Gödeldecision problemshalting problem

0 likes · 8 min read

Static Program Analysis, Gödel’s Incompleteness, and the Halting Problem: Foundations of Software Reliability

360 Quality & Efficiency

Jul 9, 2018 · Fundamentals

Reliability Redundancy, Gödel’s Incompleteness, and the Halting Problem: Foundations of Program Analysis

The article explores reliability engineering with redundant systems, explains Gödel’s incompleteness theorem and the halting problem, and introduces program static analysis techniques, illustrating how theoretical foundations guide practical approaches to detecting software defects through approximations and abstract interpretation.

ComputabilityGödelReliability

0 likes · 8 min read

Reliability Redundancy, Gödel’s Incompleteness, and the Halting Problem: Foundations of Program Analysis

Meituan Technology Team

Jul 5, 2018 · Mobile Development

Analyzing Kotlin Hidden Costs and Building a Custom Lint Tool

The article examines Kotlin’s hidden runtime overheads—such as companion‑object constants, default synchronized lazy delegates, boxing‑prone array types, and temporary progression objects in loops—and describes how the author built a custom Android Lint plugin (KLint) that parses Kotlin files, defines detectors, integrates with Gradle and IDE, and enforces performance‑aware coding standards through CI checks.

AndroidCode OptimizationKotlin

0 likes · 14 min read

Analyzing Kotlin Hidden Costs and Building a Custom Lint Tool

360 Tech Engineering

Jun 19, 2018 · Backend Development

Improving PHP Code Quality with PHING, PHPCS, PHPCPD, and Phan

This article explains how to set up a PHP project with Composer, PHING, and a suite of quality‑checking tools—including PHPCS for coding standards, PHPCPD for duplicate detection, and Phan for deep static analysis—to automatically enforce code quality and reduce manual review effort.

PHINGPHPPHPCPD

0 likes · 7 min read

Improving PHP Code Quality with PHING, PHPCS, PHPCPD, and Phan

转转QA

Jun 5, 2018 · Operations

Static Code Scanning Workflow and Tool Selection for Mobile Projects

This article outlines the motivation, tool comparison, and detailed step‑by‑step process for implementing static code scanning across Android and iOS codebases, emphasizing the selection of Infer and the integration of scanning results into CI pipelines and issue‑tracking workflows.

AndroidInferMobile Development

0 likes · 8 min read

Static Code Scanning Workflow and Tool Selection for Mobile Projects

360 Zhihui Cloud Developer

May 29, 2018 · Backend Development

Boost PHP Code Quality: Essential Tools and Automated Testing Setup

Learn how to dramatically improve PHP code quality by setting up automated testing, static analysis, code style enforcement, duplicate detection, and advanced analysis tools using Composer, PHING, PHP_CodeSniffer, PHPCPD, and Phan, with step‑by‑step configuration examples and sample outputs.

PHINGPHPPHPCPD

0 likes · 8 min read

Boost PHP Code Quality: Essential Tools and Automated Testing Setup

Baidu Intelligent Testing

May 24, 2018 · Fundamentals

Static Analysis with Cppcheck: Custom Rule Development and Practical Experience

This article explains static analysis concepts, why cppcheck was chosen for Baidu's testing workflow, details its architecture, and walks through the creation of custom rules—including a printf misuse detector and a dynamic switch misuse rule—while sharing practical challenges and results.

Custom Rulesbug detectioncode quality

0 likes · 11 min read

Static Analysis with Cppcheck: Custom Rule Development and Practical Experience

JD Tech

May 21, 2018 · Fundamentals

Defect Prevention and Test Mindset: Using Static Code Analysis with SonarQube and Git Hooks

The article explains how early defect prevention through a strong test mindset, exploratory testing, and automated static code analysis with tools like SonarQube and Git hooks can dramatically reduce bug‑fix costs, improve software quality, and streamline development workflows.

Git HooksSonarQubedefect prevention

0 likes · 14 min read

Defect Prevention and Test Mindset: Using Static Code Analysis with SonarQube and Git Hooks

Meituan Technology Team

Apr 12, 2018 · Mobile Development

Implementing and Managing Custom Android Lint Rules for Code Quality

The article explains how to create, configure, and integrate custom Android Lint rules—using Issue, Detector, Scope, and IssueRegistry APIs—to catch crashes, bugs, performance and security problems such as missing Toast.show() or unsafe Log usage, supports incremental git‑based scans, and demonstrates deployment in IDE, builds, pre‑commit hooks and CI for improved code quality.

AndroidCICustom Rules

0 likes · 23 min read

Implementing and Managing Custom Android Lint Rules for Code Quality

MaGe Linux Operations

Mar 31, 2018 · Fundamentals

5 Proven Hacks to Supercharge Your Python Development Environment

This article outlines five common pitfalls that slow down Python developers and provides practical, tool‑based solutions—like static analysis, consistent code style, fast editors, and smart tool investments—to dramatically boost productivity and create a comfortable coding setup.

Development Environmentcode styleeditor selection

0 likes · 12 min read

5 Proven Hacks to Supercharge Your Python Development Environment

360 Quality & Efficiency

Mar 22, 2018 · Fundamentals

Memory Leak Bugs in C Projects: Causes, Examples, and Solutions

This article shares practical experiences from unit testing a critical C module, describing common memory‑leak scenarios, their root causes, and concrete solutions while also offering a checklist of typical leak‑prone patterns for developers.

C ProgrammingDynamic TestingMemory Leak

0 likes · 8 min read

Memory Leak Bugs in C Projects: Causes, Examples, and Solutions

Architecture Digest

Jan 26, 2018 · Fundamentals

Overview of Java Code Quality and Eclipse Plugins

This article introduces five key aspects of Java code quality—coding standards, duplicate code, test coverage, dependency analysis, and complexity analysis—and explains how Eclipse plugins such as CheckStyle, PMD/CPD, EclEmma, JDepend, and Metrics can be configured and used to assess and improve each aspect.

EclEmmaJDependcheckstyle

0 likes · 11 min read

Overview of Java Code Quality and Eclipse Plugins

Programmer DD

Oct 15, 2017 · Backend Development

How to Install Alibaba’s Java Code Scan Plugin (p3c) in IDEA and Eclipse

This guide explains how to add Alibaba’s Java development handbook scanning plugin to IntelliJ IDEA and Eclipse, showing its Blocker/Critical/Major issue levels, real‑time inspection support, batch fixes for legacy code, and step‑by‑step installation procedures.

EclipseIDEAJava

0 likes · 4 min read

How to Install Alibaba’s Java Code Scan Plugin (p3c) in IDEA and Eclipse

Alibaba Cloud Developer

Oct 15, 2017 · Backend Development

Boost Java Code Quality with Alibaba’s New P3C Scanning Plugin – Features, Installation, and Vision

Alibaba unveiled its Alibaba Java Development Specification (P3C) scanning plugin at the Hangzhou Cloud Expo, detailing its automated IDE checks, multi‑level issue reporting, batch fixes, installation steps for IDEA and Eclipse, and its ambition to become a global open‑source coding‑standard.

IDE plugincode qualitycoding standards

0 likes · 5 min read

Boost Java Code Quality with Alibaba’s New P3C Scanning Plugin – Features, Installation, and Vision

Qunar Tech Salon

Sep 18, 2017 · Operations

Integrated Code Quality Monitoring and Crash Management Solution

This article describes an integrated solution that combines code quality monitoring during development with automated crash issue tracking after deployment, using a custom platform, Jenkins, Gradle plugins, static analysis tools, and rule-based filtering to continuously improve project reliability and performance.

code qualitycontinuous integrationcrash management

0 likes · 13 min read

Integrated Code Quality Monitoring and Crash Management Solution

MaGe Linux Operations

Aug 29, 2017 · Operations

Mastering Shell Script Style: Essential Guidelines for Clean, Efficient Bash Code

This article compiles comprehensive shell scripting best‑practice guidelines—including shebang usage, commenting, parameter validation, variable handling, indentation, naming conventions, encoding, permissions, logging, password safety, line continuation, efficiency tricks, quoting, function structuring, scope control, indirect references, heredocs, path resolution, parallel execution, modern syntax, and static analysis with ShellCheck—to help developers write readable, maintainable, and performant Bash scripts.

BashBest PracticesShell scripting

0 likes · 18 min read

Mastering Shell Script Style: Essential Guidelines for Clean, Efficient Bash Code

Meituan Technology Team

Aug 17, 2017 · Mobile Development

Real‑time Android Studio Source Code Security Scanning with FindBugs Extension (Code Arbiter)

Code Arbiter extends the FindBugs plugin to provide real‑time Android Studio source‑code security scanning, implementing line‑by‑line API misuse detection, empty TrustManager checks, taint‑analysis of sources and sinks, and custom bytecode checks for unprotected Intent/Bundle reads, all packaged as a JAR for instant developer feedback.

AndroidCode ArbiterIDE plugin

0 likes · 20 min read

Real‑time Android Studio Source Code Security Scanning with FindBugs Extension (Code Arbiter)

21CTO

Jul 26, 2017 · Fundamentals

Why Writing One Million Lines of Code Is a Myth—and How to Write Quality Code

This article debunks the myth of writing a million lines of code, explains why code quantity matters less than quality, and offers ten practical steps—including solid fundamentals, coding standards, design principles, refactoring, technical debt management, code reviews, static analysis, unit testing, self‑testing, and leveraging open source—to help developers produce high‑quality software efficiently.

Best PracticesCode ReviewTechnical debt

0 likes · 10 min read

Why Writing One Million Lines of Code Is a Myth—and How to Write Quality Code

21CTO

Jul 8, 2017 · Fundamentals

What Does Writing 1 Million Lines of Code Really Feel Like?

A humorous yet insightful look at the myths of massive codebases, featuring developer anecdotes, realistic productivity calculations, and practical advice on prioritizing code quality, solid fundamentals, and modern tooling over sheer line count.

Best Practicescode qualitycoding productivity

0 likes · 7 min read

What Does Writing 1 Million Lines of Code Really Feel Like?

360 Quality & Efficiency

Jun 5, 2017 · Information Security

Comparative Evaluation of 360 Fireline and Facebook Infer Static Code Analysis Tools

This article compares Facebook's open‑source static analyzer Infer with 360's Fireline, focusing on resource‑leak detection for Android, presenting test methodology, detailed results across 30 leak scenarios, and highlighting Fireline's higher detection rate and lower false‑positive ratio.

AndroidFirelineInfer

0 likes · 6 min read

Comparative Evaluation of 360 Fireline and Facebook Infer Static Code Analysis Tools

Java High-Performance Architecture

May 25, 2017 · Information Security

Detect Nginx Configuration Vulnerabilities with Gixy: A Practical Guide

This article introduces Gixy, a static analysis tool for Nginx configurations, demonstrates how to detect and fix HTTP header splitting and other security issues, explains its handling of included files, lists detectable vulnerabilities, and provides simple installation instructions.

Vulnerabilityconfigurationgixy

0 likes · 4 min read

Detect Nginx Configuration Vulnerabilities with Gixy: A Practical Guide

ITFLY8 Architecture Home

Nov 21, 2016 · Fundamentals

Boost Java Code Quality in Agile Projects: 5 Essential Steps & Tools

Learn how to ensure high‑quality Java code throughout agile development by standardizing coding conventions, applying static analysis, writing unit tests, implementing continuous integration, and conducting thorough code reviews and refactoring, with practical tool recommendations and best‑practice guidelines for each step.

Code Reviewagilecode quality

0 likes · 20 min read

Boost Java Code Quality in Agile Projects: 5 Essential Steps & Tools

Baidu Intelligent Testing

Nov 16, 2016 · Mobile Development

iOS Memory Performance Testing: Static and Dynamic Analysis Tools

This article explains iOS memory performance testing by covering static analysis via Xcode's Analyze feature and dynamic analysis tools such as Leaks, Activity Monitor, Allocations, and Zombies, illustrating how to detect memory leaks, unreasonable memory usage, and EXC_BAD_ACCESS errors with practical examples and step‑by‑step guidance.

Dynamic AnalysisInstrumentsiOS

0 likes · 7 min read

iOS Memory Performance Testing: Static and Dynamic Analysis Tools

360 Quality & Efficiency

Jul 7, 2016 · Operations

Integrating cppcheck Static Analysis into Jenkins with Git Polling

This guide explains how to set up Jenkins to automatically poll a Git repository, run cppcheck static analysis, process the XML results, and email the findings, including detailed configuration steps, command examples, and troubleshooting tips.

AutomationJenkinsci/cd

0 likes · 4 min read

Integrating cppcheck Static Analysis into Jenkins with Git Polling

360 Quality & Efficiency

Jun 6, 2016 · Information Security

Software Security Testing: Objectives, Common Vulnerabilities, and Static/Dynamic Approaches

Security testing, performed from near completion to release, verifies that software meets security requirements and quality standards by identifying common vulnerabilities such as DLL hijacking, ASLR/DEP misuse, and heap overflows, and employs static scanning and dynamic testing methods to detect and remediate these issues.

DLL hijackingDynamic AnalysisSoftware Security

0 likes · 5 min read

Software Security Testing: Objectives, Common Vulnerabilities, and Static/Dynamic Approaches

Baidu Intelligent Testing

Jun 2, 2016 · Mobile Development

Introducing Godeyes: A Static Analysis Tool for Detecting Android App Crashes

Godeyes is a cross‑platform static analysis tool that scans Android applications for crash‑related issues such as API incompatibilities, OOM risks, and uncaught exceptions, offering Eclipse, Android Studio, and Jenkins integrations along with customizable rules and detailed HTML reports.

AndroidCrash DetectionGodeyes

0 likes · 5 min read

Introducing Godeyes: A Static Analysis Tool for Detecting Android App Crashes

360 Quality & Efficiency

May 16, 2016 · Fundamentals

Creating Custom PMD Rules with Java and XPath

This tutorial walks through preparing the PMD environment, exploring its directory structure, and step‑by‑step instructions for implementing a custom rule—such as enforcing braces on while loops—using both Java code and XPath expressions, including packaging and execution details.

JavaXPathcode quality

0 likes · 10 min read

Creating Custom PMD Rules with Java and XPath

Meituan Technology Team

Mar 25, 2016 · Mobile Development

Introduction to Android Lint and Its Role in Code Quality Assurance

Android Lint, Google’s static analysis tool, scans Android code for potential bugs and style violations, enabling developers to fix problems early, and Meituan enforces its use in the development pipeline so that any Lint-detected issues block merges into the main branch, ensuring higher code quality.

Androidcode qualitylint

0 likes · 1 min read

Introduction to Android Lint and Its Role in Code Quality Assurance

Baidu Intelligent Testing

Mar 9, 2016 · Mobile Development

Using FindBugs for Android Code Analysis and Automated Testing

The article introduces FindBugs, an open‑source Java static analysis tool, explains how it inspects Android bytecode to detect bugs such as null pointers, multithreading issues, and performance problems, and describes its integration with IDEs, command‑line builds, and its severity ranking system.

AndroidCode InspectionMobile Development

0 likes · 3 min read

Using FindBugs for Android Code Analysis and Automated Testing

Baidu Intelligent Testing

Mar 4, 2016 · Mobile Development

Understanding Android Lint: Features, Checks, and Usage

Android Lint is a static code analysis tool for Android that detects potential defects and optimization opportunities across correctness, security, performance, usability, accessibility, and internationalization, offering command‑line and IDE integration, customizable rules, and detailed HTML reports to improve code quality.

AndroidMobile Developmentcode quality

0 likes · 3 min read

Understanding Android Lint: Features, Checks, and Usage

21CTO

Dec 22, 2015 · Fundamentals

12 Proven Practices to Dramatically Boost Code Quality

This article outlines twelve practical techniques—including TDD, ATDD, CI, pair programming, code reviews, static analysis, coding standards, automation, refactoring, early demos, user testing, and team cohesion—that collectively raise software quality while reducing bugs and development costs.

AutomationCode ReviewTest‑Driven Development

0 likes · 8 min read

12 Proven Practices to Dramatically Boost Code Quality

ITPUB

Nov 3, 2015 · Fundamentals

How to Stop Blaming Compilers and Write Better Code: 6 Proven Practices

This article outlines six practical habits for developers—self‑checking code before blaming tools, continuous learning, embracing refactoring, acting professionally, using static analysis, and genuinely caring about code quality—to improve productivity and reduce bugs in any software project.

Best PracticesDebuggingcode quality

0 likes · 12 min read

How to Stop Blaming Compilers and Write Better Code: 6 Proven Practices

Art of Distributed System Architecture Design

Aug 16, 2015 · R&D Management

How Quora Balances High Code Quality with Rapid Development

The article examines Quora's engineering practices—including static analysis, post‑commit code review, automated testing, and systematic legacy code cleanup—that enable the company to maintain high code quality while sustaining fast development cycles.

Code Reviewcode qualitydevelopment processes

0 likes · 7 min read

How Quora Balances High Code Quality with Rapid Development

Qunar Tech Salon

Feb 26, 2015 · Fundamentals

Overview of Code Quality and Using Eclipse Plugins for Static Analysis

This article introduces five key aspects of Java code quality—coding standards, duplicate code, test coverage, dependency analysis, and complexity analysis—and demonstrates how Eclipse plugins such as CheckStyle, PMD, EclEmma, JDepend, and Metrics can be configured and used to assess and improve each aspect.

EclEmmaJDependMetrics

0 likes · 11 min read

Overview of Code Quality and Using Eclipse Plugins for Static Analysis