Gong, Liang ; Pradel, Michael ; Sridharan, Manu ; Sen, Koushik (2015)
DLint: Dynamically Checking Bad Coding Practices in JavaScript.
Baltimore, MD, USA
doi: 10.1145/2771783.2771809
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC.
Typ des Eintrags: | Konferenzveröffentlichung |
---|---|
Erschienen: | 2015 |
Autor(en): | Gong, Liang ; Pradel, Michael ; Sridharan, Manu ; Sen, Koushik |
Art des Eintrags: | Bibliographie |
Titel: | DLint: Dynamically Checking Bad Coding Practices in JavaScript |
Sprache: | Deutsch |
Publikationsjahr: | Juli 2015 |
Verlag: | ACM |
Buchtitel: | Proceedings of the 2015 International Symposium on Software Testing and Analysis |
Reihe: | ISSTA 2015 |
Veranstaltungsort: | Baltimore, MD, USA |
DOI: | 10.1145/2771783.2771809 |
Kurzbeschreibung (Abstract): | JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC. |
Freie Schlagworte: | Code practice, DLint, dynamic analysis, metric |
ID-Nummer: | TUD-CS-2015-12100 |
Fachbereich(e)/-gebiet(e): | Profilbereiche > Cybersicherheit (CYSEC) Profilbereiche |
Hinterlegungsdatum: | 17 Aug 2017 16:48 |
Letzte Änderung: | 15 Mai 2018 10:33 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |