1602559680
Learn advanced debugging techniques for more efficient debugging of your Node.js applications using Visual Studio Code.
#node #javascript #programming #developer #web-development
1604008800
Static code analysis refers to the technique of approximating the runtime behavior of a program. In other words, it is the process of predicting the output of a program without actually executing it.
Lately, however, the term “Static Code Analysis” is more commonly used to refer to one of the applications of this technique rather than the technique itself — program comprehension — understanding the program and detecting issues in it (anything from syntax errors to type mismatches, performance hogs likely bugs, security loopholes, etc.). This is the usage we’d be referring to throughout this post.
“The refinement of techniques for the prompt discovery of error serves as well as any other as a hallmark of what we mean by science.”
We cover a lot of ground in this post. The aim is to build an understanding of static code analysis and to equip you with the basic theory, and the right tools so that you can write analyzers on your own.
We start our journey with laying down the essential parts of the pipeline which a compiler follows to understand what a piece of code does. We learn where to tap points in this pipeline to plug in our analyzers and extract meaningful information. In the latter half, we get our feet wet, and write four such static analyzers, completely from scratch, in Python.
Note that although the ideas here are discussed in light of Python, static code analyzers across all programming languages are carved out along similar lines. We chose Python because of the availability of an easy to use ast
module, and wide adoption of the language itself.
Before a computer can finally “understand” and execute a piece of code, it goes through a series of complicated transformations:
As you can see in the diagram (go ahead, zoom it!), the static analyzers feed on the output of these stages. To be able to better understand the static analysis techniques, let’s look at each of these steps in some more detail:
The first thing that a compiler does when trying to understand a piece of code is to break it down into smaller chunks, also known as tokens. Tokens are akin to what words are in a language.
A token might consist of either a single character, like (
, or literals (like integers, strings, e.g., 7
, Bob
, etc.), or reserved keywords of that language (e.g, def
in Python). Characters which do not contribute towards the semantics of a program, like trailing whitespace, comments, etc. are often discarded by the scanner.
Python provides the tokenize
module in its standard library to let you play around with tokens:
Python
1
import io
2
import tokenize
3
4
code = b"color = input('Enter your favourite color: ')"
5
6
for token in tokenize.tokenize(io.BytesIO(code).readline):
7
print(token)
Python
1
TokenInfo(type=62 (ENCODING), string='utf-8')
2
TokenInfo(type=1 (NAME), string='color')
3
TokenInfo(type=54 (OP), string='=')
4
TokenInfo(type=1 (NAME), string='input')
5
TokenInfo(type=54 (OP), string='(')
6
TokenInfo(type=3 (STRING), string="'Enter your favourite color: '")
7
TokenInfo(type=54 (OP), string=')')
8
TokenInfo(type=4 (NEWLINE), string='')
9
TokenInfo(type=0 (ENDMARKER), string='')
(Note that for the sake of readability, I’ve omitted a few columns from the result above — metadata like starting index, ending index, a copy of the line on which a token occurs, etc.)
#code quality #code review #static analysis #static code analysis #code analysis #static analysis tools #code review tips #static code analyzer #static code analysis tool #static analyzer
1604016000
In our digital world, software is king. In a world so heavily dependent on software, poor code quality can result in grave consequence, from billions of dollars in lost revenue, to even fatal accidents. Here’s where Embold comes in—a static code analysis product aimed at empowering developers to do their best work.
Embold is a general-purpose static code analyser that has been designed for developers to analyse and improve their code by identifying issues across four dimensions, including design and duplication. We, at Analytics India Magazine, spoke to founder and CEO, Vishal Rai, to understand how Embold can detect anti-patterns in code for seamless integration.
Embold started a decade ago, with the vision of creating a product that can revolutionise the way developers write and design code. According to Vishal Rai, the idea was to develop a tool for software engineers and developers to write code faster and of better quality. And, after a time of extensive research and development, Vishal Rai, along with his partner Sudarshan Bhide launched their product in 2018.
Play
“We have noticed an interesting trend — as teams started becoming bigger, the issues in software started increasing as well and it was very frustrating when you were on programs which weren’t achieving their stated goals because of poor quality,” said Rai. “And that’s where we saw the opportunity of helping companies to write the product as great as Google or Apple and decided to reinvent software analytics.”
Developers always undergo immense pressure of building their products faster at the best quality possible, and such pressure can lead to compromised code quality. This impact of one line of code or one weak link can create significant issues and can massively affect the entire company. And that is why Rai believes that developers need support in being more productive. With Embold, Vishal and Sudharshan brought in a technology that can help developers be more efficient in their work and make the process of software development easy. Explaining the technology, Rai compared it with “autocorrect for code.” He said, “If you look at the legacy tools, they were built for the waterfall model, aka linear-sequential life cycle model, where one release took six months which gave enough time to test the tools. But in the current time, everything is fast, and thus developers require tools that can help them work fast and give them feedback that can be easily implemented in their workflow.” And that’s where Embold’s platform fits into the workflow that helps them find problems and maintain their code. As a matter of fact, Rai acknowledges that there have been many great tools, already in the market, but all of them have been created for great engineers. However, today, not every engineer is necessarily as experienced as others, and in such cases, it is imperative to make tools that are easy to use and help developers analyse their software. “Embold has been built for the future, the technologies that we have ingrained have neural networks, state-of-the-art in-memory databases and analysers that are far more evolved than legacy tools,” said Rai. “Embold has been created to enable people who aren’t as skilled to write better codes. Not only it fills the skills gap but also brings the new age developers closer to the best developers on the planet.”
#featured #bugs and errors in code #embold a autocorrect for code #embold find bugs and errors in code #embold for developers #embold help developers #embold maintains code quality #embold revolutionise writing code #static code analyser
1598839687
If you are undertaking a mobile app development for your start-up or enterprise, you are likely wondering whether to use React Native. As a popular development framework, React Native helps you to develop near-native mobile apps. However, you are probably also wondering how close you can get to a native app by using React Native. How native is React Native?
In the article, we discuss the similarities between native mobile development and development using React Native. We also touch upon where they differ and how to bridge the gaps. Read on.
Let’s briefly set the context first. We will briefly touch upon what React Native is and how it differs from earlier hybrid frameworks.
React Native is a popular JavaScript framework that Facebook has created. You can use this open-source framework to code natively rendering Android and iOS mobile apps. You can use it to develop web apps too.
Facebook has developed React Native based on React, its JavaScript library. The first release of React Native came in March 2015. At the time of writing this article, the latest stable release of React Native is 0.62.0, and it was released in March 2020.
Although relatively new, React Native has acquired a high degree of popularity. The “Stack Overflow Developer Survey 2019” report identifies it as the 8th most loved framework. Facebook, Walmart, and Bloomberg are some of the top companies that use React Native.
The popularity of React Native comes from its advantages. Some of its advantages are as follows:
Are you wondering whether React Native is just another of those hybrid frameworks like Ionic or Cordova? It’s not! React Native is fundamentally different from these earlier hybrid frameworks.
React Native is very close to native. Consider the following aspects as described on the React Native website:
Due to these factors, React Native offers many more advantages compared to those earlier hybrid frameworks. We now review them.
#android app #frontend #ios app #mobile app development #benefits of react native #is react native good for mobile app development #native vs #pros and cons of react native #react mobile development #react native development #react native experience #react native framework #react native ios vs android #react native pros and cons #react native vs android #react native vs native #react native vs native performance #react vs native #why react native #why use react native
1621137960
Having another pair of eyes scan your code is always useful and helps you spot mistakes before you break production. You need not be an expert to review someone’s code. Some experience with the programming language and a review checklist should help you get started. We’ve put together a list of things you should keep in mind when you’re reviewing Java code. Read on!
NullPointerException
…
#java #code quality #java tutorial #code analysis #code reviews #code review tips #code analysis tools #java tutorial for beginners #java code review
1604088000
There are more code smells. Let’s keep changing the aromas. We see several symptoms and situations that make us doubt the quality of our development. Let’s look at some possible solutions.
Most of these smells are just hints of something that might be wrong. They are not rigid rules.
This is part II. Part I can be found here.
The code is difficult to read, there are tricky with names without semantics. Sometimes using language’s accidental complexity.
_Image Source: NeONBRAND on _Unsplash
Problems
Solutions
Examples
Exceptions
Sample Code
Wrong
function primeFactors(n){
var f = [], i = 0, d = 2;
for (i = 0; n >= 2; ) {
if(n % d == 0){
f[i++]=(d);
n /= d;
}
else{
d++;
}
}
return f;
}
Right
function primeFactors(numberToFactor){
var factors = [],
divisor = 2,
remainder = numberToFactor;
while(remainder>=2){
if(remainder % divisor === 0){
factors.push(divisor);
remainder = remainder/ divisor;
}
else{
divisor++;
}
}
return factors;
}
Detection
Automatic detection is possible in some languages. Watch some warnings related to complexity, bad names, post increment variables, etc.
#pixel-face #code-smells #clean-code #stinky-code-parts #refactor-legacy-code #refactoring #stinky-code #common-code-smells