Tyrique  Littel

Tyrique Littel

1604008800

Static Code Analysis: What It Is? How to Use It?

Static code analysis refers to the technique of approximating the runtime behavior of a program. In other words, it is the process of predicting the output of a program without actually executing it.

Lately, however, the term “Static Code Analysis” is more commonly used to refer to one of the applications of this technique rather than the technique itself — program comprehension — understanding the program and detecting issues in it (anything from syntax errors to type mismatches, performance hogs likely bugs, security loopholes, etc.). This is the usage we’d be referring to throughout this post.

“The refinement of techniques for the prompt discovery of error serves as well as any other as a hallmark of what we mean by science.”

  • J. Robert Oppenheimer

Outline

We cover a lot of ground in this post. The aim is to build an understanding of static code analysis and to equip you with the basic theory, and the right tools so that you can write analyzers on your own.

We start our journey with laying down the essential parts of the pipeline which a compiler follows to understand what a piece of code does. We learn where to tap points in this pipeline to plug in our analyzers and extract meaningful information. In the latter half, we get our feet wet, and write four such static analyzers, completely from scratch, in Python.

Note that although the ideas here are discussed in light of Python, static code analyzers across all programming languages are carved out along similar lines. We chose Python because of the availability of an easy to use ast module, and wide adoption of the language itself.

How does it all work?

Before a computer can finally “understand” and execute a piece of code, it goes through a series of complicated transformations:

static analysis workflow

As you can see in the diagram (go ahead, zoom it!), the static analyzers feed on the output of these stages. To be able to better understand the static analysis techniques, let’s look at each of these steps in some more detail:

Scanning

The first thing that a compiler does when trying to understand a piece of code is to break it down into smaller chunks, also known as tokens. Tokens are akin to what words are in a language.

A token might consist of either a single character, like (, or literals (like integers, strings, e.g., 7Bob, etc.), or reserved keywords of that language (e.g, def in Python). Characters which do not contribute towards the semantics of a program, like trailing whitespace, comments, etc. are often discarded by the scanner.

Python provides the tokenize module in its standard library to let you play around with tokens:

Python

1

import io

2

import tokenize

3

4

code = b"color = input('Enter your favourite color: ')"

5

6

for token in tokenize.tokenize(io.BytesIO(code).readline):

7

    print(token)

Python

1

TokenInfo(type=62 (ENCODING),  string='utf-8')

2

TokenInfo(type=1  (NAME),      string='color')

3

TokenInfo(type=54 (OP),        string='=')

4

TokenInfo(type=1  (NAME),      string='input')

5

TokenInfo(type=54 (OP),        string='(')

6

TokenInfo(type=3  (STRING),    string="'Enter your favourite color: '")

7

TokenInfo(type=54 (OP),        string=')')

8

TokenInfo(type=4  (NEWLINE),   string='')

9

TokenInfo(type=0  (ENDMARKER), string='')

(Note that for the sake of readability, I’ve omitted a few columns from the result above — metadata like starting index, ending index, a copy of the line on which a token occurs, etc.)

#code quality #code review #static analysis #static code analysis #code analysis #static analysis tools #code review tips #static code analyzer #static code analysis tool #static analyzer

Murray  Beatty

Murray Beatty

1598606037

This Week in AI | Rubik's Code

Every week we bring to you the best AI research papers, articles and videos that we have found interesting, cool or simply weird that week.

#ai #this week in ai #ai application #ai news #artificaial inteligance #artificial intelligence #artificial neural networks #deep learning #machine learning #this week in ai

Otho  Hagenes

Otho Hagenes

1619511840

Making Sales More Efficient: Lead Qualification Using AI

If you were to ask any organization today, you would learn that they are all becoming reliant on Artificial Intelligence Solutions and using AI to digitally transform in order to bring their organizations into the new age. AI is no longer a new concept, instead, with the technological advancements that are being made in the realm of AI, it has become a much-needed business facet.

AI has become easier to use and implement than ever before, and every business is applying AI solutions to their processes. Organizations have begun to base their digital transformation strategies around AI and the way in which they conduct their business. One of these business processes that AI has helped transform is lead qualifications.

#ai-solutions-development #artificial-intelligence #future-of-artificial-intellige #ai #ai-applications #ai-trends #future-of-ai #ai-revolution

This Week in AI - Issue #22 | Rubik's Code

Every week we bring to you the best AI research papers, articles and videos that we have found interesting, cool or simply weird that week.Have fun!

Research Papers

Articles

#ai #this week in ai #ai application #ai news #artificaial inteligance #artificial intelligence #artificial neural networks #deep learning #machine learning #this week in ai

13 Free/Low-Cost Sites to Supercharge Your Programming Self-Education

Noonies 2020 award nominee

johnnythecoder has been nominated for the Hacker Noon Contributor of the Year - LEARNING award!

** Add your vote**

Although we still talk about programming as a standalone career, the dominance of technology in our lives makes it clear that coding is much more than a career path. In my opinion, computer science is more than a college major or a high-paid job; it’s a skill, essential for thriving in a modern-day economy.

Whether you work in healthcare, marketing, business, or other fields, you will see more coding and have to deal with a growing number of technologies throughout your entire life.

Now that we live in a tech-driven world, asking “Should I learn to program” is almost synonymous with “Should I learn to speak, read, or count?”

The short answer is: yes.

How to start your journey in coding? The good news is there are plenty of resources to support you all the way through. To save you the trouble of looking them up and choosing the right ones, I created my list of learning platforms that offer well-rounded programming education and help you stay competitive on the job market.

Here are 12+ useful educational resources every coding student should check out.

1. Codegym

#learning-to-code #learn-to-code #coding #programming #programming-languages #free-programming-sites #self-improvement #learn-to-code-free-online