TU Darmstadt / ULB / TUbiblio

DLint: Dynamically Checking Bad Coding Practices in JavaScript

Gong, Liang ; Pradel, Michael ; Sridharan, Manu ; Sen, Koushik (2015)
DLint: Dynamically Checking Bad Coding Practices in JavaScript.
Baltimore, MD, USA
doi: 10.1145/2771783.2771809
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2015
Autor(en): Gong, Liang ; Pradel, Michael ; Sridharan, Manu ; Sen, Koushik
Art des Eintrags: Bibliographie
Titel: DLint: Dynamically Checking Bad Coding Practices in JavaScript
Sprache: Deutsch
Publikationsjahr: Juli 2015
Verlag: ACM
Buchtitel: Proceedings of the 2015 International Symposium on Software Testing and Analysis
Reihe: ISSTA 2015
Veranstaltungsort: Baltimore, MD, USA
DOI: 10.1145/2771783.2771809
Kurzbeschreibung (Abstract):

JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC.

Freie Schlagworte: Code practice, DLint, dynamic analysis, metric
ID-Nummer: TUD-CS-2015-12100
Fachbereich(e)/-gebiet(e): Profilbereiche > Cybersicherheit (CYSEC)
Profilbereiche
Hinterlegungsdatum: 17 Aug 2017 16:48
Letzte Änderung: 15 Mai 2018 10:33
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen