TU Darmstadt / ULB / TUbiblio

DLint: Dynamically Checking Bad Coding Practices in JavaScript

Gong, Liang and Pradel, Michael and Sridharan, Manu and Sen, Koushik :
DLint: Dynamically Checking Bad Coding Practices in JavaScript.
In: ISSTA 2015 . ACM
[Conference or Workshop Item] , (2015)

Abstract

JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC.

Item Type: Conference or Workshop Item
Erschienen: 2015
Creators: Gong, Liang and Pradel, Michael and Sridharan, Manu and Sen, Koushik
Title: DLint: Dynamically Checking Bad Coding Practices in JavaScript
Language: German
Abstract:

JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC.

Title of Book: Proceedings of the 2015 International Symposium on Software Testing and Analysis
Series Name: ISSTA 2015
Publisher: ACM
Uncontrolled Keywords: Code practice, DLint, dynamic analysis, metric
Divisions: Profile Areas > Cybersecurity (CYSEC)
Profile Areas
Event Location: Baltimore, MD, USA
Date Deposited: 17 Aug 2017 16:48
DOI: 10.1145/2771783.2771809
Identification Number: TUD-CS-2015-12100
Export:

Optionen (nur für Redakteure)

View Item View Item