Today’s software development teams are under immense pressure; the market demands high-quality, secure releases at a constantly increasing pace while security threats become more and more sophisticated. Considering the high cost of product failures and security breaches, it is more important than ever to address these risks throughout the software development process. Potential problems need to be spotted early to prevent release delays or, worse, post-release failures. Fortunately, there are numerous tools to help developers manage these risks, helping to identify potential problems early in the development phase when issues are less disruptive and easier to fix. They are readily accessible to developers and easy to use within many development environments. This applies to developers programming in any language; however, we focus on Java in this discussion (see Sidebar 1). 1.Static analysis helps mitigate risk 2.Selecting static analysis tools for Java
3.Checkstyle
4.PMD
5.FindBugs
6.Development testing – Tying it all together
...
refer to: http://embedded-computing.com/articles/static-helps-manage-risk-java/
3.Checkstyle
4.PMD
5.FindBugs
6.Development testing – Tying it all together
...
refer to: http://embedded-computing.com/articles/static-helps-manage-risk-java/
沒有留言:
張貼留言