A longitudinal study of static analysis warning evolution and the effects of PMD on software quality in Apache open sour

  • PDF / 1,753,689 Bytes
  • 56 Pages / 439.642 x 666.49 pts Page_size
  • 36 Downloads / 171 Views

DOWNLOAD

REPORT

A longitudinal study of static analysis warning evolution and the effects of PMD on software quality in Apache open source projects Alexander Trautsch1

· Steffen Herbold1

· Jens Grabowski1

© The Author(s) 2020

Abstract Automated static analysis tools (ASATs) have become a major part of the software development workflow. Acting on the generated warnings, i.e., changing the code indicated in the warning, should be part of, at latest, the code review phase. Despite this being a best practice in software development, there is still a lack of empirical research regarding the usage of ASATs in the wild. In this work, we want to study ASAT warning trends in software via the example of PMD as an ASAT and its usage in open source projects. We analyzed the commit history of 54 projects (with 112,266 commits in total), taking into account 193 PMD rules and 61 PMD releases. We investigate trends of ASAT warnings over up to 17 years for the selected study subjects regarding changes of warning types, short and long term impact of ASAT use, and changes in warning severities. We found that large global changes in ASAT warnings are mostly due to coding style changes regarding braces and naming conventions. We also found that, surprisingly, the influence of the presence of PMD in the build process of the project on warning removal trends for the number of warnings per lines of code is small and not statistically significant. Regardless, if we consider defect density as a proxy for external quality, we see a positive effect if PMD is present in the build configuration of our study subjects. Keywords Static code analysis · Quality evolution · Software metrics · Software quality

1 Introduction Automated static analysis tools (ASATs) support software developers with warnings and information regarding common coding mistakes, design anti-patterns like code smells (Fowler 1999), or code style violations. ASATs work directly on the source code or bytecode without executing the program. They are using abstract models of the source code, e.g., the Abstract Syntax Tree (AST) or the control flow graph to match the provided source Communicated by: Meiyappan Nagappan  Alexander Trautsch

[email protected] 1

Institute of Computer Science, University of Goettingen, G¨ottingen, Germany

Empirical Software Engineering

code against a set of rules defined in the ASAT. If a part of the source code violates a predefined rule, a warning is generated. These rules can be customized by the project using the ASAT to fit their needs by removing rules deemed unnecessary. ASAT reports usually contain a type of warning, a short description, and the file and line number of the source code that triggered the warning. Developers can then inspect the line specified in the warning and decide if a change is necessary. The defects that can be found by static analysis include varying severities. Java String comparisons with “==” instead of using the equals() method, would compare the object reference instead of the object contents. The severi

Data Loading...

Recommend Documents
An Empirical Study on the Persistence of SpotBugs Issues in Open-Source Software Evolution

148 50 35MB

Study I: Private-Collective Innovation and Open Source Software: Longitudinal Insights from Linux Kernel Development

143 67 6MB

Software Quality Assurance in INDIGO-DataCloud Project: a Converging Evolution of Software Engineering Practices to Supp

168 85 2MB

Determining Microservice Boundaries: A Case Study Using Static and Dynamic Software Analysis

165 21 22MB

Formalizing Open Source Software Quality Assurance Model by Identifying Common Features from Open Source Software Projec

179 46 57MB

A Personal Perspective on the Evolution of Empirical Software Engineering

168 94 205KB

A Study of the Effect on Business Growth by Utilization and Contribution of Open Source Software in Japanese IT Companie

144 77 9MB

Open quantum entanglement: a study of two atomic system in static patch of de Sitter space

157 36 7MB

On the fulfillment of coordination requirements in open-source software projects: An exploratory study

135 81 2MB

Effects of acid mine drainage on groundwater quality: a case study from an open-pit copper mine in eastern Turkey

174 12 905KB

Unification of Static and Dynamic AOP for Evolution in Embedded Software Systems

145 107 314KB

Quality of Software Architectures and Software Quality First Interna

189 55 4MB