Guidelines for Java Code Reviews.Get a jump-start on your next code review session with this list.
We have added a new experimental static analysis rule in Visual Studio 16.10 version Preview 3 – C26458, WARNING_PATH_SENSITIVE_USE_GSL_AT. The new warning is a more precise and less noisy version of warning C26446, WARNING_USE_GSL_AT. Both warnings analyse standard containers for unchecked element access and they both share the warning message: “Prefer to use gsl::at() instead of unchecked subscript operator (bounds.4).” This new warning,
Hello everyone, Let the 2021.1 EAP begin! We’ve just published ReSharper 2021.1 EAP1, let's see what’s inside. ReSharper Code Analysis There’s a new inspection that checks whether an auto-property
Being such a widely-used language makes Python a target for malicious hackers. Let's see a few ways to secure your Python apps and keep the black-hats at bay.
Learn build my first C# Code Analyzer and Code Fix using Visual Studio and the Roslyn SDK!
Peer code reviews have increasingly been adopted by engineering teams around the world. Here are 6 tips to make the process better for teams.
Static code analysis is a method of debugging by examining source code before a program is run. It's done by analyzing a set of code against a set (or multiple sets) of coding rules. Static code analysis and static analysis are often used interchangeably, along with source code analysis.
In Visual Studio version 16.8 Preview 3, we have added a few safety rules to C++ Code Analysis that can find some common mistakes, which can lead to bugs ranging from simple broken features to costly security vulnerabilities. These new rules are developed around issues discovered in production software via security reviews and incidents requiring costly servicing.
This blog post will introduce new rules related to VARIANT and its sibling types – such as VARIANTARG, or PROPVARIANT. To help with the new rules, we have built a code analysis extension, called VariantClear, that detects violations of these new rules in code. It is named VariantClear because the primary rule it detects is about misuse of VariantClear function.
C++ Core Check is Microsoft’s static analysis tool that enforces the rules from the C++ Core Guidelines, which is maintained by the C++ Foundation. This post is to provide a snapshot of the C++ Core Guidelines coverage that C++ Core Check offers.
Rust and C++ are two popular systems programming languages. For years, the focus of C++ has been on performance. We are increasingly hearing calls from customers and security researchers that C++ should have stronger safety guarantees in the language. C++ often falls behind Rust when it comes to programming safety.
What is PyCharm? PyCharm is an IDE (or Integrated Development Environment) for the Python programming language. It is a cross-platform development