Розмір шрифта:
STATIC CODE ANALYSIS AS A TOOL FOR IMPROVING SOFTWARE QUALITY IN MODERN APPLICATIONS
Остання редакція: 2026-05-26
Анотація
This paper examines static code analysis as an effective method for ensuring software quality. The principles of static analysis tools and their integration into development processes and CI/CD pipelines are analyzed. Special attention is paid to the early detection of security vulnerabilities, technical debt, and coding standard violations. The advantages of applying static code analysis for improving the reliability and maintainability of modern software are determined.
Ключові слова
static code analysis, software quality, SAST, technical debt, CI/CD, code security
Посилання
1. OWASP Static Code Analysis [Electronic resource] – Access mode: https://owasp.org/www-community/controls/Static_Code_Analysis
2. Introduction to Static Analysis / Synopsys [Electronic resource] – Access mode: https://www.synopsys.com/glossary/what-is-sast.html
3. Abstract Syntax Trees and Static Analysis [Electronic resource] – Access mode: https://www.geeksforgeeks.org/abstract-syntax-tree-ast-in-java/
4. SonarQube Documentation [Electronic resource] – Access mode: https://docs.sonarqube.org/latest/
5. SAST – Static Application Security Testing / Gartner [Electronic resource] – Access mode: https://www.gartner.com/en/information-technology/glossary/static-application-security-testing-sast
2. Introduction to Static Analysis / Synopsys [Electronic resource] – Access mode: https://www.synopsys.com/glossary/what-is-sast.html
3. Abstract Syntax Trees and Static Analysis [Electronic resource] – Access mode: https://www.geeksforgeeks.org/abstract-syntax-tree-ast-in-java/
4. SonarQube Documentation [Electronic resource] – Access mode: https://docs.sonarqube.org/latest/
5. SAST – Static Application Security Testing / Gartner [Electronic resource] – Access mode: https://www.gartner.com/en/information-technology/glossary/static-application-security-testing-sast
Повний текст:
PDF