What methodology would you use with a static code analysis tool?
When and where would you run the analysis? How frequent?
How would you integrate it to a continues build environment, on daily builds? only nightly?
Share
Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
What methodology would you use with a static code analysis tool?
When and where would you run the analysis? How frequent?
How would you integrate it to a continues build environment, on daily builds? only nightly?
If I am using then on a new code base I set them up exactly how I want up front. If I am using them on an existing code base I enable messages in stages, so that a particular category of issue is reported on. Once that particular type of message is cleaned up I add the next category.
I treat static analysis tools as if they were part of the compiler. Each developer runs them each time they do a build. If possible I would also treat them as I do compiler warnings – as errors. That way code with warnings does not make it onto the build server at all. This has issues if you cannot turn warnings off in specific cases… and warnings should only be turned off by agreement.