Skip to content
Branch: master
Go to file
Code

Latest commit

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
bin
 
 
lib
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

FlawDetector Build Status

FlawDetector is a tool to detect ruby code's flaw with static analysis. In static analysis, it analyze RubyVM bytecode which is compiled from ruby code.

FlawDetector is similer to FindBugs which is a tool to detect java code's flaw. For details of FindBugs, refer to references section in this text file.

Getting Started

$ gem install flaw_detector

Usage

  flaw_detector [-f outfille] [--help] rbfile ...

Example

$ flaw_detector -f result.csv sample/flaw_in_code.rb

Command Result

Currently, FlawDetector supports only CSV format result. Result example is as follows:

$ cat result.csv
msgid,file,line,short_desc,long_desc,details
RCN_REDUNDANT_FALSECHECK_OF_FALSE_VALUE,sample/flaw_in_code.rb,4,Redundant falsecheck of value known to be false,Redundant falsecheck of a which is known to be false in LINE:2,This method contains a redundant check of a known false value against the constant false.
NP_ALWAYS_FALSE,sample/flaw_in_code.rb,7,False value missing method received,False value missing method received in a,"A false value, which is NilClass or FalseClass, is received missing method here. This will lead to a NoMethodError when the code is executed."

Each line represents a flaw. If you want to know how flaw can be shown in result, refer to message.rb

Fix and Recheck

According to the result, you should fix source code and recheck it by FlawDetector until "OK" is displaied

$ emacs sample/flaw_in_code.rb
$ cat sample/flaw_in_code.rb
def no_flaw(a)
  if a
    rl = a + 1
  else
    rl = a.to_i + 1
  end
end
$ flaw_detector sample/flaw_in_code.rb
OK
$

References

About

The tool to detect code's flaw with static analysis

Resources

License

You can’t perform that action at this time.