Skip to content
OpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.
C++ C# Java CMake JavaScript C
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
3rdparty Add JavaScript language support. Jul 12, 2018
CMake
OpenStaticAnalyzer Update Main.md Jul 12, 2018
cl Add JavaScript language support. Jul 12, 2018
config Initial commit Nov 8, 2017
csharp Add JavaScript language support. Jul 12, 2018
inc Add JavaScript language support. Jul 12, 2018
java Add JavaScript language support. Jul 12, 2018
javascript/cl Add JavaScript language support. Jul 12, 2018
lib Add JavaScript language support. Jul 12, 2018
wrapper Add JavaScript language support. Jul 12, 2018
.gitattributes Add JavaScript language support. Jul 12, 2018
.gitignore Add JavaScript language support. Jul 12, 2018
.gitmodules Add Python language support. Mar 6, 2018
CMakeLists.txt Add JavaScript language support. Jul 12, 2018
LICENSE Use standard LICENSE text Jan 9, 2018
README.md Fix typo in the README.md Jul 13, 2018

README.md

OpenStaticAnalyzer™

Copyright (c) 2004-2018 Department of Software Engineering, University of Szeged, Hungary.

About

OpenStaticAnalyzer is a source code analyzer tool, which can perform deep static analysis of the source code of complex systems.

The source code of a program is usually its only up-to-date documentation. At the same time, the source code is the exquisite bearer of knowledge, business processes and methodology, accumulated over a long period of time. Source code quality decrease, which happens due to many quick fixes and time pressure, results in the increase of development and testing costs, and operational risks. In spite of this, the source code usually receives hostile treatment and is merely considered as a tool.

OpenStaticAnalyzer provides deep static analysis of source code. Using the results of the analysis, the quality of the analyzed source code can be improved and developed both in the short- and long term in a directed way.

Product characteristics

The most important product characteristics of OpenStaticAnalyzer are the following:

  • Platform-independent command line tools
  • Transparent integration into build processes
  • Powerful filter management
  • Coding issue detection:
    • Metric threshold violations (MetricHunter module)
    • Re-prioritized and carefully selected PMD 5.2.3 coding rule violations
    • FindBugs 3.0.0 coding rule violations
    • Pylint 1.8.2 coding rule violations
    • FxCop coding rule violations
    • ESLint coding rule violations
  • Clone detection (copy-pasted source code fragments) extended with clone tracking and "clone smells"
    • Syntax-based, so-called Type-2 clones
  • Metrics calculation at component, file, package, class, method, and function levels:
    • Source code metrics
    • Clone metrics
    • Coding rule violation metrics
  • Supported languages: Java, Python, C#, JavaScript (C/C++ will be available in the near future).

By continuous static analysis, the software developers can:

  • reduce the software erosion rate and this way decrease development costs;
  • coding problems can be identified before testing, so the number of test iterations and the testing costs can be reduced;
  • the number of errors in delivered software can be reduced, so the operational risks can be decreased, increasing the company's reputation.

License

OpenStaticAnalyzer 4.0 is licensed under the European Union Public Licence (EUPL) v1.2.

OpenStaticAnalyzer is free software, distributed in the hope that it will be useful, but on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the LICENSE file for more details.

Documentation

User's Guide

Java

Python

C#

JavaScript

How to compile

In order to build the OpenStaticAnalyzer software package the following tools are required:

  • CMake 3.8.0
  • Compiler
    • Linux : gcc 6.3
    • Windows : Microsoft Visual Studio 2015
  • JDK 1.8
  • Gradle 1.6
  • Apache Maven 3.2.5
  • Pandoc 1.16
  • Node 8.x.x

Some of the 3rd party libraries are used as a submodule so either --recursive parameter has to be used with the git clone command, or they have to be initialized immediately after the cloning with the git submodule update --init --recursive command. OpenStaticAnalyzer uses CMake for generating the platform dependent build files. After cloning the source code into an OpenStaticAnalyzer directory and creating a Build directory next to it, it can be built by executing the following commands in the Build directory:

  • Linux:

      cmake ../OpenStaticAnalyzer -G "Unix Makefiles"
      make OpenStaticAnalyzer-Package
    
  • Windows:

    • Building with Visual Studio 2015 IDE

      cmake ..\OpenStaticAnalyzer -G "Visual Studio 14 2015 Win64"

      Open the generated OpenStaticAnalyzer.sln file with the VS IDE and build the Columbus\OpenStaticAnalyzer\OpenStaticAnalyzer-Package project to generate the OpenStaticAnalyzer package.

    • Building from command line

      Activate the VS 2015 compiler environment. For example:

      "c:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\vcvarsall.bat"

      Then execute the following commands in the same terminal.

      cmake ..\OpenStaticAnalyzer -G "Visual Studio 14 2015 Win64"
      msbuild /p:Configuration=Release /m /t:Build OpenStaticAnalyzer\OpenStaticAnalyzer-Package.vcxproj
      

The generated build directory hierarchy can be so deep that due to the length limit of the path on Windows (260 characters) the build can fail. In this case a new drive should be associated with the directory containing the source and build directories with the subst command, from which the build can be run.

How to contribute

Coming soon, stay tuned!

You can’t perform that action at this time.