Static Code Analysis

Last published posts

Mobile Application Testing: 10 Steps Approach
Posted on

Mobile application testing is crucial in order to create a reliable product. In this post, we’ll go over the entire testing process step-by-step. Testing is a crucial part of the mobile application lifecycle. However, due to all the time and effort, it takes to complete the full cycle of app testing, it gets overlooked by…
Read more…

Real Agile Approach to Performance Testing
Posted on

Performance testing helps to determine if a system is reliable and comfortable to use. In this post, we’ll explain the main principles of Agile performance testing as well as its benefits. Before launching an app or a website, it’s crucial for a developer and admin to know how the entire system behaves under stressful situations….
Read more…

Posted on

In the development and delivery of software, the most important contribution of DevOps is the elimination of the time lag between project phases: development, testing, trial operation, and delivery of the product to the final consumer. The time2market indicator is one of the key indicators of the competitiveness of products and the success of companies…
Read more…


The implementation of the Static Code Analysis System allows the conducting of the analysis of code automatically in order to discover its potential defects and weaknesses, and to find the bottlenecks in the software development process.

Problems it will solve

  • Minimizing the risks of software misfunctionality by promptly discovering these defects in conducting the static code analysis;
  • Cutting the time frame for manual testing through early defect discovery and lowering the number of defects transferred for testing;
  • Raising software quality by monitoring potential defects and weaknesses and their prompt resolution; and
  • Raising the effectiveness of decision making when choosing the software developer on the basis of the evaluation of the programming code’s quality.

The report contains (Deliverables)

  • Information on the number of potential defects in the operation of the system’s functionality and their severity regarding the system’s operations;
  • A list of defects with a description of the problem and a method of its reproduction;
  • Information on how well the code is documented and its readability;
  • Information on code duplication and on the breaking of regulations for coding;
  • Recommendations for system code improvement;
  • Information on the software’s code quality when conducting a comparative analysis of the code for several system versions;
  • A deployed infrastructure for software development quality control; and
  • Regulations for working with the tool (MS Word).

Scope of work

  1. Analysis
    • Determine the criteria for choosing the tools for the initial code and software build management system;
    • Determine the tools and required infrastructure;
    • Coordination of choosing the tools with the client;
    • Infrastructure setup;
    • Write and coordinate requirements to the initial code and software build supply package;
    • Installation and tuning of the Static Code Analysis System; and
    • Trial launch.
  2. Execution
    • Receiving the initial system codes;
    • Analysis of the initial system codes using the tools; and
    • Integration of the tool in the development environment.
  3. System analysis
    • Determination of the bottlenecks of the initial codes on the basis of the results.
  4. Report

Tools and licences

  • Sonarqube
  • FindBugs
  • PVS-Studio