Gong, Liang and Pradel, Michael and Sridharan, Manu and Sen, Koushik
:
DLint: Dynamically Checking Bad Coding Practices in JavaScript.
In: ISSTA 2015
.
ACM
[Conference or Workshop Item]
, (2015)
Abstract
JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC.
| Item Type: | Conference or Workshop Item |
|---|---|
| Erschienen: | 2015 |
| Creators: | Gong, Liang and Pradel, Michael and Sridharan, Manu and Sen, Koushik |
| Title: | DLint: Dynamically Checking Bad Coding Practices in JavaScript |
| Language: | German |
| Abstract: | JavaScript has become one of the most popular programming languages, yet it is known for its suboptimal design. To effectively use JavaScript despite its design flaws, developers try to follow informal code quality rules that help avoid correctness, maintainability, performance, and security problems. Lightweight static analyses, implemented in "lint-like" tools, are widely used to find violations of these rules, but are of limited use because of the language's dynamic nature. This paper presents DLint, a dynamic analysis approach to check code quality rules in JavaScript. DLint consists of a generic framework and an extensible set of checkers that each addresses a particular rule. We formally describe and implement 28 checkers that address problems missed by state-of-the-art static approaches. Applying the approach in a comprehensive empirical study on over 200 popular web sites shows that static and dynamic checking complement each other. On average per web site, DLint detects 49 problems that are missed statically, including visible bugs on the web sites of IKEA, Hilton, eBay, and CNBC. |
| Title of Book: | Proceedings of the 2015 International Symposium on Software Testing and Analysis |
| Series Name: | ISSTA 2015 |
| Publisher: | ACM |
| Uncontrolled Keywords: | Code practice, DLint, dynamic analysis, metric |
| Divisions: | Profile Areas > Cybersecurity (CYSEC) Profile Areas |
| Event Location: | Baltimore, MD, USA |
| Date Deposited: | 17 Aug 2017 16:48 |
| DOI: | 10.1145/2771783.2771809 |
| Identification Number: | TUD-CS-2015-12100 |
| Export: |
Optionen (nur für Redakteure)
 |
View Item |
Print
Impressum