Tagged articles

252 articles

Page 1 of 3

May 12, 2026 · Information Security

cURL Founder Tests Anthropic Mythos on 176K Lines of C Code, Finds Only One Low‑Severity Vulnerability

In a detailed blog post, curl creator Daniel Stenberg evaluated Anthropic’s AI security model Mythos by scanning 176,000 lines of curl’s C code, uncovering five reported issues that collapsed to a single low‑severity CVE after manual verification, and concluded that the model’s hype far exceeds its actual capability.

AI code analysisAnthropic MythosC language

0 likes · 10 min read

cURL Founder Tests Anthropic Mythos on 176K Lines of C Code, Finds Only One Low‑Severity Vulnerability

21CTO

May 7, 2026 · Backend Development

PHP 2025: Counterintuitive Changes That Make It More Productive

The 2025 PHP releases (8.4 and 8.5) introduce subtle engineering improvements—property hooks, asymmetric visibility, a pipe operator, clone‑and‑modify, higher framework baselines, stricter static analysis, and safer Composer practices—that together reshape daily coding, testing, and deployment without a radical language overhaul.

ComposerPHPPHP 8.4

0 likes · 13 min read

PHP 2025: Counterintuitive Changes That Make It More Productive

Alibaba Cloud Observability

Apr 27, 2026 · Artificial Intelligence

From Observability to Understanding: Building an Agent‑Native Code Knowledge Graph with UModel

The article analyzes current AI code agents such as Claude Code and Cursor, highlights their three major limitations—guessing relationships, staying within the code domain, and lacking a temporal dimension—and proposes UModel’s deterministic AST extraction and cross‑domain linking to create a native code knowledge graph that lets agents move from merely finding code to truly understanding its structure.

AI AgentsKnowledge GraphObservability

0 likes · 26 min read

From Observability to Understanding: Building an Agent‑Native Code Knowledge Graph with UModel

AI Open-Source Efficiency Guide

Apr 16, 2026 · Frontend Development

How CodeFlow Uses a Single HTML File to X‑Ray Your Repository Architecture and Compute Change Impact

CodeFlow is a browser‑only tool that, with just one HTML file, visualizes a project's dependency graph, calculates the explosion radius of code changes, identifies code owners, runs security scans, and exports detailed reports, all without installing software or uploading source code.

D3.jsGitHubTree-sitter

0 likes · 11 min read

How CodeFlow Uses a Single HTML File to X‑Ray Your Repository Architecture and Compute Change Impact

AntTech

Apr 7, 2026 · Information Security

How YASA Enables Scalable Multi‑Language Taint Analysis with a Unified AST

The article introduces YASA, a unified multi‑language static taint analysis framework built on a novel Unified Abstract Syntax Tree (UAST), explains its design, core components, open‑source releases, and benchmark results that demonstrate superior coverage, precision, and performance over existing single‑ and multi‑language tools.

Multi-languageSoftware SecurityUAST

0 likes · 9 min read

How YASA Enables Scalable Multi‑Language Taint Analysis with a Unified AST

Open Source Tech Hub

Mar 29, 2026 · Backend Development

Why PHPantom Beats Intelephense: A Rust‑Powered PHP Language Server Review

PHPantom is a high‑performance, lightweight PHP language server written in Rust that starts in under a second, uses only 59 MB of memory, and offers deep type intelligence, project‑aware analysis, and extensive IDE features that surpass many existing tools.

IDE integrationLanguage ServerPHP

0 likes · 5 min read

Why PHPantom Beats Intelephense: A Rust‑Powered PHP Language Server Review

Java Architect Essentials

Mar 19, 2026 · Backend Development

Boost Java Code Quality: A Complete Guide to Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

This article introduces five essential Java static‑analysis tools—Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint—explaining their purpose, installation steps, usage methods, result interpretation, and configuration tips to help developers improve code quality and reduce review effort.

checkstylecode qualityfindbugs

0 likes · 13 min read

Boost Java Code Quality: A Complete Guide to Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

Node.js Tech Stack

Mar 13, 2026 · Artificial Intelligence

Claude’s New AI Code Review: Up to $25 per PR – What It Means for Your Repo

Claude’s newly launched AI‑powered code review uses multiple parallel agents to automatically scan pull requests, flagging issues with an internal consistency check that reduces false positives to under 1 %, while Anthropic reports detection rates of 84 % for large PRs and 31 % for small ones, though each review costs $15–25.

AI code reviewClaudeMulti-Agent

0 likes · 9 min read

Claude’s New AI Code Review: Up to $25 per PR – What It Means for Your Repo

phodal

Mar 12, 2026 · Information Security

How AI-Generated Code Amplifies Vulnerabilities and What Security Scans Reveal

An in‑depth analysis of Codex Security’s scans shows that AI‑assisted code production doesn’t create new bug types but dramatically speeds up the spread of existing flaws, prompting a shift toward automated, engineering‑driven defenses for large‑scale code generation.

AI securityAutomationCode Generation

0 likes · 11 min read

How AI-Generated Code Amplifies Vulnerabilities and What Security Scans Reveal

Woodpecker Software Testing

Mar 1, 2026 · Operations

Shift‑Left Testing in Practice: Deep Comparison of 5 Leading Tools

The article examines why shift‑left testing is now a practical necessity, compares five mainstream tools—SonarQube, ESLint + Jest + Cypress, Swagger/Pact, Cucumber, and Testim.io—across scenarios, integration depth, learning curve and ROI, and provides a decision framework backed by real‑world case studies.

API ContractBDDShift-Left Testing

0 likes · 8 min read

Shift‑Left Testing in Practice: Deep Comparison of 5 Leading Tools

Black & White Path

Feb 28, 2026 · Information Security

A Complete Guide to Mobile App Penetration Testing

This article presents a thorough mobile app penetration‑testing guide covering objectives, scope, testing methods, step‑by‑step workflow, recommended tools, reporting structure, and remediation advice to help developers and security professionals secure their applications.

Dynamic analysisfuzz testingmobile app

0 likes · 11 min read

A Complete Guide to Mobile App Penetration Testing

Huawei Cloud Developer Alliance

Feb 27, 2026 · Artificial Intelligence

Why AI Coding Tools Struggle with Enterprise-Scale Software—and How Huawei’s CodeArts Bridges the Gap

The article explains that while AI‑assisted programming excels at small scripts, it faces three fundamental engineering challenges—code‑scale semantic gaps, long‑term maintainability, and high fault costs—in enterprise Java projects, and describes how Huawei Cloud CodeArts tackles these issues with a five‑layer “foundation” architecture.

AI programmingCode GenerationEnterprise Software

0 likes · 12 min read

Why AI Coding Tools Struggle with Enterprise-Scale Software—and How Huawei’s CodeArts Bridges the Gap

AI Engineering

Feb 21, 2026 · Information Security

Anthropic Unveils Claude Code Security: AI Takes Over Code Vulnerability Detection

Anthropic's new Claude Code Security tool uses an AI model that reads code like a human researcher, detecting complex logic‑flaw and permission‑control bugs missed by traditional pattern‑matching scanners, providing multi‑round verification, confidence scores, and AI‑generated patches while still requiring developer approval.

AI securityAnthropicClaude

0 likes · 6 min read

Anthropic Unveils Claude Code Security: AI Takes Over Code Vulnerability Detection

php Courses

Jan 12, 2026 · Backend Development

Boost PHP Code Quality with PHPStan: A Complete Guide to Static Analysis

This article explains what static code analysis is, introduces PHPStan as a leading PHP static analysis engine, outlines its key benefits, provides step‑by‑step installation, configuration and usage instructions, and shows how to integrate and upgrade it within a backend development workflow.

PHPStancode qualitystatic analysis

0 likes · 6 min read

Boost PHP Code Quality with PHPStan: A Complete Guide to Static Analysis

FunTester

Jan 3, 2026 · Fundamentals

How to Make Testing a Daily Habit: Practical Tools, Layouts, and Metrics

This article explains why testing is essential, outlines its concrete benefits, compares static analysis tools like PMD and SonarQube, provides actionable test‑layout guidelines, suggests a phased adoption path, and defines key metrics for continuous test‑quality improvement.

SonarQubebest practicespmd

0 likes · 11 min read

How to Make Testing a Daily Habit: Practical Tools, Layouts, and Metrics

Code Wrench

Dec 31, 2025 · Backend Development

Why Go’s Built‑In Toolchain Remains Essential in the AI Era

Even as AI accelerates code generation, this article shows how Go’s native formatting, static analysis, and refactoring tools provide indispensable engineering constraints that keep large‑scale projects maintainable, predictable, and safe during extensive rewrites.

BackendEngineeringToolchain

0 likes · 8 min read

Why Go’s Built‑In Toolchain Remains Essential in the AI Era

Spring Full-Stack Practical Cases

Dec 4, 2025 · Backend Development

Unlock Java Code Analysis with Spoon: Real‑World Spring Boot 3 Cases

This article introduces the open‑source Spoon library for Java source‑code analysis and transformation, demonstrates how to integrate it with Spring Boot 3, and provides step‑by‑step examples—including visual AST inspection, empty‑catch detection, architecture rule validation, field usage checks, reflection replacement, and automatic code modifications such as adding fields, constructors, logging, and null‑checks.

ASTBackend DevelopmentJava

0 likes · 16 min read

Unlock Java Code Analysis with Spoon: Real‑World Spring Boot 3 Cases

Liangxu Linux

Nov 19, 2025 · Fundamentals

Why C/C++ Static Code Analysis Is Essential: Standards, Tools & Best Practices

This article explains why static code analysis is crucial for C/C++ development, outlines major standards such as MISRA, CWE and CERT, reviews both commercial and open‑source analysis tools, and provides guidance on selecting the right solution based on project needs, budget and integration requirements.

C++CWEMISRA

0 likes · 12 min read

Why C/C++ Static Code Analysis Is Essential: Standards, Tools & Best Practices

JavaGuide

Nov 17, 2025 · Backend Development

How Spring Boot 4’s JSpecify Eliminates NullPointerExceptions

Spring Boot 4 adopts JSpecify’s null‑safety annotations, replacing JSR‑305, to make nullability explicit at compile time; using @NullMarked and @Nullable with tools like NullAway, developers can catch potential NPEs early, reduce defensive checks, improve API contracts, and handle collections and parameters more safely.

@NullableJSpecifyJava

0 likes · 13 min read

How Spring Boot 4’s JSpecify Eliminates NullPointerExceptions

Open Source Tech Hub

Nov 5, 2025 · Backend Development

Analyzing PHP Keyword Conflicts with the Rust‑Based php‑syntax‑analyzer

This guide introduces php‑syntax‑analyzer, a Rust‑written CLI that scans popular PHP packages from Packagist to detect potential conflicts when new keywords like let or using become reserved, explains its key features, installation steps, usage examples, important options, and current limitations.

CLIPHPPackagist

0 likes · 5 min read

Analyzing PHP Keyword Conflicts with the Rust‑Based php‑syntax‑analyzer

Liangxu Linux

Oct 10, 2025 · Fundamentals

Mastering Embedded Code Refactoring: Strategies, Tools, and Real‑World Examples

This guide explains why refactoring embedded software is uniquely challenging, outlines preparation steps, presents basic to advanced refactoring techniques, shows hardware‑specific and real‑time optimizations, describes verification methods, and provides a concrete sensor‑data case study with measurable results.

Code RefactoringLow PowerReal-Time

0 likes · 10 min read

Mastering Embedded Code Refactoring: Strategies, Tools, and Real‑World Examples

Data Party THU

Oct 9, 2025 · Information Security

How to Secure MCP Tools: Risks, Real‑World Cases, and the Open‑Source MCPScan Framework

The article analyzes the security challenges introduced by the open Model Context Protocol (MCP) ecosystem, outlines typical attack vectors such as command‑execution hijacking and indirect prompt injection, and presents MCPScan—an open‑source scanner that combines static taint analysis with LLM‑driven reasoning to detect exploitable tool chains before deployment.

LLMMCPOpen-source

0 likes · 7 min read

How to Secure MCP Tools: Risks, Real‑World Cases, and the Open‑Source MCPScan Framework

Network Intelligence Research Center (NIRC)

Sep 22, 2025 · Fundamentals

Getting Started with Tree-sitter: High‑Performance Code Parsing and Multi‑Language SQL Extraction

Tree-sitter is a high‑performance incremental parsing library that supports over 50 languages; the article explains its core features, typical use cases such as editor syntax highlighting and static analysis, and walks through a concrete multi‑language SQL extraction implementation in Java, Python, and XML.

JavaPythonSQL extraction

0 likes · 6 min read

Getting Started with Tree-sitter: High‑Performance Code Parsing and Multi‑Language SQL Extraction

Open Source Tech Hub

Sep 18, 2025 · Backend Development

Boost PHP Code Quality with Psalm: Complete Static Analysis Guide

This guide explains how Psalm, a PHP static analysis tool, improves code quality by detecting type errors, logical bugs, and security issues, and covers its key features, installation steps, configuration options, IDE integration, automated fixes, and reasons to choose it over alternatives.

DockerIDE integrationPHP

0 likes · 7 min read

Boost PHP Code Quality with Psalm: Complete Static Analysis Guide

AsiaInfo Technology: New Tech Exploration

Sep 8, 2025 · Artificial Intelligence

Unlocking Precise Code Q&A: How ASTs Power AI-Driven Development

With software systems growing ever more complex, traditional text‑based code search falls short; this article explains how abstract syntax trees (AST) provide deeper structural understanding, improve query precision, enable advanced features like control‑flow analysis and knowledge‑graph construction, and outlines a full architecture for building AI‑enhanced code question‑answering systems.

ASTLLMcode question answering

0 likes · 33 min read

Unlocking Precise Code Q&A: How ASTs Power AI-Driven Development

Ops Development & AI Practice

Sep 4, 2025 · Industry Insights

SonarQube vs Codacy: Which Code Quality Tool Fits Your Team?

This article compares SonarQube and Codacy, examining their histories, core features, security capabilities, deployment models, and ideal use‑cases, to help teams decide which static analysis solution aligns best with their workflow, technology stack, and compliance requirements.

CodacySoftware EngineeringSonarQube

0 likes · 8 min read

SonarQube vs Codacy: Which Code Quality Tool Fits Your Team?

Code Mala Tang

Aug 24, 2025 · Backend Development

Can You Trust Your Compiler? Discover Hidden Bugs and Protection Tips

This article examines why compilers can be unreliable, explains how optimization errors, undefined‑behavior assumptions, and hardware‑specific code generation can introduce subtle bugs, presents real‑world examples from GCC, MSVC and Clang, and offers practical strategies to detect and avoid such compiler faults.

CMSVCUndefined Behavior

0 likes · 14 min read

Can You Trust Your Compiler? Discover Hidden Bugs and Protection Tips

Ops Development & AI Practice

Aug 23, 2025 · Information Security

Why an Empty ‘vulnerabilities’ Array Means Your GitLab SAST Scan Passed

The article explains GitLab SAST’s standardized JSON report format, walks through the meaning of the scan metadata and the vulnerabilities array, and shows that an empty vulnerabilities list together with a success status simply indicates a clean, successful static analysis run.

GitLabJSON reportSAST

0 likes · 7 min read

Why an Empty ‘vulnerabilities’ Array Means Your GitLab SAST Scan Passed

Code Wrench

Aug 13, 2025 · Backend Development

Boost Go Code Quality Instantly with golangci-lint: A Complete Guide

golangci-lint combines dozens of Go linters into a fast, configurable, and CI‑friendly tool that catches unused variables, long functions, style inconsistencies, and security issues, and this guide walks you through its features, installation, configuration, a real‑world example, and best practices.

CIgolangci-lintlinting

0 likes · 7 min read

Boost Go Code Quality Instantly with golangci-lint: A Complete Guide

Huolala Tech

Aug 12, 2025 · Information Security

Can AI Boost Traditional SAST to Detect Complex Logic Bugs?

This article explores a hybrid approach that combines traditional static application security testing (SAST) with large language models (LLM) to automatically detect business‑logic vulnerabilities, detailing the methodology, implementation stages, experimental results, and the challenges of integrating AI into code security analysis.

AILLMSAST

0 likes · 15 min read

Can AI Boost Traditional SAST to Detect Complex Logic Bugs?

Sohu Smart Platform Tech Team

Aug 10, 2025 · Mobile Development

Choosing the Right Static Code Analyzer for iOS: SonarQube vs Infer vs Clang

This article compares SonarQube, Infer, and Clang Static Analyzer for iOS development, detailing their language support, strengths, weaknesses, integration with CI/CD pipelines, and practical usage tips to help teams select the most suitable static analysis solution.

ClangInferSonarQube

0 likes · 26 min read

Choosing the Right Static Code Analyzer for iOS: SonarQube vs Infer vs Clang

FunTester

Aug 8, 2025 · Backend Development

How FixrLeak Uses Generative AI to Automatically Fix Java Resource Leaks

FixrLeak combines AST analysis with generative AI to detect and automatically repair Java resource leaks, dramatically reducing manual effort, improving code quality, and demonstrating the transformative potential of AI‑driven solutions in large‑scale software engineering.

ASTJavacode repair

0 likes · 9 min read

How FixrLeak Uses Generative AI to Automatically Fix Java Resource Leaks

php Courses

Jul 23, 2025 · Backend Development

Beyond Try‑Catch: Advanced PHP Techniques for Safer Code

This article explores modern PHP practices that move error handling from runtime try‑catch blocks to proactive strategies such as static analysis, contract programming, attribute‑based validation, and test‑driven development, showing how to build more reliable and maintainable backend applications.

AttributesContractsPHP

0 likes · 5 min read

Beyond Try‑Catch: Advanced PHP Techniques for Safer Code

Java Backend Technology

Jul 23, 2025 · Fundamentals

Boost Java Code Quality: Master Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

This article explains why code quality degrades as systems grow, introduces five essential static‑analysis tools (Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint), and provides step‑by‑step installation and usage instructions with screenshots to help developers reduce bugs and improve maintainability.

checkstylecode qualitypmd

0 likes · 15 min read

Boost Java Code Quality: Master Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

macrozheng

Jul 18, 2025 · Backend Development

Boost Java Code Quality: Guide to Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

This article explains why code quality matters in growing Java projects and introduces five essential static analysis tools—Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint—covering their purpose, installation steps, usage instructions, and key features to help developers reduce bugs and improve review efficiency.

IDE pluginsJavacode quality

0 likes · 14 min read

Boost Java Code Quality: Guide to Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

AntTech

Jul 16, 2025 · Artificial Intelligence

Can AI Auditors Match Human Experts? Inside RepoAudit’s LLM‑Powered Code Review

The EXPRESS Workshop at ISSTA 2025, hosted by Ant Group, featured a keynote by Purdue’s Prof. Zhang on an LLM‑driven “Human‑like AI Auditor” called RepoAudit, which demonstrated high‑accuracy automated code review, uncovering dozens of real bugs and hundreds of zero‑day vulnerabilities across major open‑source projects.

AILLMRepoAudit

0 likes · 6 min read

Can AI Auditors Match Human Experts? Inside RepoAudit’s LLM‑Powered Code Review

Architecture Digest

Jul 11, 2025 · Fundamentals

Master CheckStyle in IntelliJ: A Step‑by‑Step Guide to Clean Java Code

This article walks you through installing and configuring the CheckStyle plugin in IntelliJ IDEA, importing coding standards such as Alibaba's, running checks on Java classes, and troubleshooting common errors like missing annotations, formatting issues, and import order problems, all illustrated with screenshots.

Alibaba styleIntelliJ IDEAJava

0 likes · 5 min read

Master CheckStyle in IntelliJ: A Step‑by‑Step Guide to Clean Java Code

Sohu Tech Products

Jul 9, 2025 · Mobile Development

Choosing the Right Static Analyzer for iOS: SonarQube vs Infer vs Clang

This article compares popular static‑code analysis tools for iOS—including SonarQube, Infer, and Clang Static Analyzer—detailing their language support, features, pros and cons, integration methods, and practical usage tips, helping developers select the most suitable solution for their projects.

ClangInferSonarQube

0 likes · 30 min read

Choosing the Right Static Analyzer for iOS: SonarQube vs Infer vs Clang

Architecture Digest

Jul 6, 2025 · Fundamentals

Boost Java Code Quality with CheckStyle, PMD, FindBugs, SonarLint

This guide introduces essential Java code‑quality tools—including Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint—explaining their installation, usage, and key features so developers can automate static analysis, reduce bugs, and improve maintainability across projects.

Javacheckstylecode quality

0 likes · 11 min read

Boost Java Code Quality with CheckStyle, PMD, FindBugs, SonarLint

Raymond Ops

Jun 12, 2025 · Information Security

Build an Automated Security Code Scanning Platform with SonarQube, Jenkins, and SVN

This guide walks you through setting up a fully automated security code detection platform—covering environment preparation, installing JDK, MySQL, SVN, Maven, Tomcat, SonarQube, and Jenkins, configuring each component, integrating them via Jenkins pipelines, and running sample scans to generate actionable security reports.

AutomationJenkinsSonarQube

0 likes · 20 min read

Build an Automated Security Code Scanning Platform with SonarQube, Jenkins, and SVN

php Courses

Jun 10, 2025 · Backend Development

How to Automate Architecture Testing in PHP Projects for Cleaner Code

This article explains what architecture testing is, why PHP projects need it, introduces tools like Deptrac, PHPArch and PHPMD, shows common testing scenarios, and provides best practices for integrating automated architecture tests into CI/CD pipelines to improve code quality and maintainability.

Backend DevelopmentPHParchitecture testing

0 likes · 6 min read

How to Automate Architecture Testing in PHP Projects for Cleaner Code

php Courses

May 19, 2025 · Backend Development

PHPStan Overview: What It Is, Why Use It, Installation, Configuration, and Advanced Tips

This article introduces PHPStan, a popular PHP static analysis tool, explains its benefits, provides step‑by‑step installation and configuration instructions, demonstrates how to run analyses, interpret error reports, troubleshoot common issues, and explore advanced techniques for improving backend code quality.

BackendPHPStancode quality

0 likes · 4 min read

PHPStan Overview: What It Is, Why Use It, Installation, Configuration, and Advanced Tips

AntTech

May 16, 2025 · Information Security

How CDFuzz’s Targeted Dictionary Boosts Grey‑Box Fuzzing Coverage by 16%

The award‑winning CDFuzz technique introduces a lightweight, targeted dictionary that eliminates extra instrumentation, achieves up to 16.1% higher coverage, discovers dozens of real bugs, and demonstrates that simple optimizations can outperform complex grey‑box fuzzing strategies across diverse file formats.

CDFuzzSoftware Securitycoverage improvement

0 likes · 6 min read

How CDFuzz’s Targeted Dictionary Boosts Grey‑Box Fuzzing Coverage by 16%

Cognitive Technology Team

May 13, 2025 · Fundamentals

An Introduction to SootUp: Static Analysis of JVM Code

This article introduces the SootUp library, explains how to configure its Maven dependencies, describes the Jimple intermediate representation, and demonstrates how to use SootUp's API to analyze Java source code, bytecode, and method bodies through a series of code examples.

JVMJavaJimple

0 likes · 14 min read

An Introduction to SootUp: Static Analysis of JVM Code

AntTech

May 6, 2025 · Information Security

Security Risk Detection for HarmonyOS ArkTS Code: Architecture, Analysis Framework, and Future Directions

This article presents a comprehensive overview of the security challenges in HarmonyOS native ArkTS applications and describes the design and implementation of a specialized static analysis framework—including source extraction, data‑flow and inter‑function analysis, knowledge‑graph construction, and risk inference engine—while also outlining integration into development pipelines and future research directions.

Knowledge GraphRisk DetectionarkTS

0 likes · 17 min read

Security Risk Detection for HarmonyOS ArkTS Code: Architecture, Analysis Framework, and Future Directions

DevOps Engineer

Apr 25, 2025 · Big Data

Reflections on PyCon LT 2025 Data Day: Sessions on Static Code Analysis, Data Warehouses, Pipelines, and Data Science Tools

The author recounts attending PyCon LT 2025 Data Day, summarizing talks on building a simple static code analyzer with AST, challenges of data warehouses versus data lakes, cloud cost‑scraping pipelines, A/B testing libraries, privacy‑enhancing data processing, and tools like Panel and Dagster, while noting the inspiring presence of female speakers.

DagsterData SciencePanel

0 likes · 7 min read

Reflections on PyCon LT 2025 Data Day: Sessions on Static Code Analysis, Data Warehouses, Pipelines, and Data Science Tools

Java Architect Essentials

Apr 17, 2025 · Fundamentals

A Comprehensive Guide to Java Code Quality Tools: Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint

This article introduces several Java code quality tools—including Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint—detailing their installation, usage, and key features to help developers improve code standards, detect bugs, and streamline code review processes.

IDE pluginsJavacode quality

0 likes · 13 min read

A Comprehensive Guide to Java Code Quality Tools: Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint

Alipay Experience Technology

Apr 16, 2025 · Information Security

How ArkTS Code Security Risks Are Detected: Inside Alibaba’s Cutting‑Edge Analysis Framework

This article details Alibaba's security team's comprehensive approach to detecting ArkTS code vulnerabilities in HarmonyOS apps, covering architectural design, static analysis techniques, knowledge‑graph modeling, CI/CD integration, and future AI‑driven enhancements.

HarmonyOSKnowledge GraphRisk Detection

0 likes · 17 min read

How ArkTS Code Security Risks Are Detected: Inside Alibaba’s Cutting‑Edge Analysis Framework

Sohu Tech Products

Apr 2, 2025 · Mobile Development

Static Code Analysis Tools for iOS Development – Comparison, Pros, Cons, and Usage

The article reviews open‑source static analysis options for iOS, then compares SonarQube, Infer, and Clang Static Analyzer, outlining each tool’s language support, advantages, drawbacks, CI/CD integration, and practical usage to help teams choose the best solution based on project size, language mix, and reporting needs.

Clang AnalyzerInferSonarQube

0 likes · 27 min read

Static Code Analysis Tools for iOS Development – Comparison, Pros, Cons, and Usage

macrozheng

Mar 28, 2025 · Backend Development

Boost Java Code Quality: Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

Learn how to enhance Java code quality and reduce review effort by using a suite of static analysis tools—including Alibaba Java Coding Guidelines, CheckStyle, PMD, FindBugs, and SonarLint—covering installation, configuration, usage, and interpretation of results to catch bugs and enforce standards.

IDE pluginsSoftware Engineeringcode quality

0 likes · 12 min read

Boost Java Code Quality: Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

Cognitive Technology Team

Mar 17, 2025 · Backend Development

Static Code Analysis and Change Impact Assessment for Financial Risk Prevention

This article presents a comprehensive overview of using static analysis and change‑impact techniques—including program slicing, variable lineage, and automated field mapping—to reduce risk‑related incidents in large‑scale financial systems by more than 50%, outlining the background, solution architecture, implementation steps, and optimization challenges.

Javachange impactprogram slicing

0 likes · 13 min read

Static Code Analysis and Change Impact Assessment for Financial Risk Prevention

Kuaishou Frontend Engineering

Mar 12, 2025 · Operations

How Mulan Supercharged Kuaishou’s Code Review Efficiency

This article examines how Kuaishou’s internal Mulan universal code analysis service tackled pipeline quality challenges by introducing on‑demand triggering, incremental checking, and unified rule infrastructure, resulting in dramatically faster static checks, lower rule‑development costs, comprehensive monitoring, and a rapid increase in rule coverage.

Software qualityci/cdcode analysis

0 likes · 13 min read

How Mulan Supercharged Kuaishou’s Code Review Efficiency

Kuaishou Frontend Engineering

Feb 20, 2025 · Frontend Development

How Kuaishou’s Vision Platform Guarantees High‑Quality Animation Assets with Automated Detection

This article explains how Kuaishou’s Vision platform tackles animation asset delivery challenges by introducing systematic admission and egress detection, static and dynamic analysis services, image efficiency checks, performance testing, and open SDK/API, ultimately improving stability, reducing crashes, and streamlining the workflow.

SDKanimationfrontend

0 likes · 13 min read

How Kuaishou’s Vision Platform Guarantees High‑Quality Animation Assets with Automated Detection

Radish, Keep Going!

Feb 2, 2025 · Backend Development

Boost Your Go 1.24 Workflow: New go tool Command & Vet Enhancements Explained

Go 1.24 brings significant toolchain updates—including a new go.mod tool directive for managing executable dependencies and enhanced vet analyzers—that streamline dependency tracking, speed up builds, and help developers catch bugs earlier, ultimately improving productivity and code quality.

GoGo 1.24Toolchain

0 likes · 9 min read

Boost Your Go 1.24 Workflow: New go tool Command & Vet Enhancements Explained

大转转FE

Jan 23, 2025 · Frontend Development

How to Measure and Reduce Frontend Cyclomatic Complexity with ESLint

This article explains cyclomatic complexity concepts, industry standards, calculation methods, and how a custom ESLint rule can be used to assess both single‑function and nested‑function complexity in front‑end projects, including scoring thresholds and practical implementation details.

ASTESLintcode quality

0 likes · 19 min read

How to Measure and Reduce Frontend Cyclomatic Complexity with ESLint

大转转FE

Dec 27, 2024 · Frontend Development

Boosting Front-End Code Maintainability: Metrics, Tools, and Best Practices

This article explores the concept of code maintainability, explains why it matters, defines key measurement metrics such as naming conventions, comment density, code volume, logical lines, cyclomatic complexity, similarity and redundancy, and provides practical improvement techniques and tool recommendations for modern front‑end projects.

best practicescode maintainabilitycode quality

0 likes · 50 min read

Boosting Front-End Code Maintainability: Metrics, Tools, and Best Practices

AntTech

Dec 23, 2024 · Fundamentals

Data‑Driven Cross‑Language Program Analysis with Datalog: CodeFuse‑Query and Its ICSE 2025 Publication

The article introduces a data‑driven, Datalog‑based cross‑language program analysis technique presented in an ICSE 2025 paper, describes the open‑source CodeFuse‑Query platform, its technical innovations, and multiple production scenarios such as code evaluation, precise testing, dead‑code detection, and large‑scale code data cleaning.

CodeFuse-QueryCross-languageDatalog

0 likes · 8 min read

Data‑Driven Cross‑Language Program Analysis with Datalog: CodeFuse‑Query and Its ICSE 2025 Publication

Goodme Frontend Team

Oct 28, 2024 · Frontend Development

Preventing Day.js Locale Pollution in Large Frontend Projects with Static Analysis

This article recounts a date‑misalignment bug caused by an unintended Day.js locale change in a mini‑program, explains why the global locale must remain unique, and details a comprehensive static‑analysis solution using ESLint, custom Webpack loaders, and Babel plugins to intercept and block Day.js locale modifications at compile time.

DayjsESLintfrontend

0 likes · 22 min read

Preventing Day.js Locale Pollution in Large Frontend Projects with Static Analysis

转转QA

Oct 21, 2024 · Information Security

Implementation of Static Code Scanning in Zhuanzhuan's DevOps Platform

This article details Zhuanzhuan's practical implementation of static code scanning within its self‑built DevOps platform, covering its significance, architecture, incremental analysis methods, permission management, rule selection, promotion process, and challenges encountered, illustrating how it became a low‑cost, repeatable security safeguard in their CI/CD workflow.

DevOpsSecuritySonarQube

0 likes · 10 min read

Implementation of Static Code Scanning in Zhuanzhuan's DevOps Platform

Architect

Oct 4, 2024 · Backend Development

Building a Code Analysis Platform to Boost Microservice Backend Efficiency

This article details how a microservice‑based backend team designed and implemented a code‑analysis platform that creates a knowledge base, enables precise test selection and application slimming, and ultimately accelerates demand iteration while reducing dead code and unnecessary test runs.

BackendDynamic analysisMicroservices

0 likes · 18 min read

Building a Code Analysis Platform to Boost Microservice Backend Efficiency

Liangxu Linux

Sep 18, 2024 · Operations

Boost Your Shell Scripts: Master ShellCheck for Error‑Free Bash Coding

ShellCheck is a popular open‑source static analysis tool that scans Bash, sh, ksh, and dash scripts, highlighting syntax mistakes, unsafe commands, and logic flaws, while offering detailed explanations and fixes, and can be run via CLI, editors, CI pipelines, or Docker.

BashShellCheckstatic analysis

0 likes · 8 min read

Boost Your Shell Scripts: Master ShellCheck for Error‑Free Bash Coding

Open Source Tech Hub

Aug 23, 2024 · Backend Development

What Is PXP? A Fast, Rust‑Powered PHP Preprocessor and Language Extension

PXP is a collection of tools and libraries that combine Rust and PHP to create a fast, reliable superset of PHP with modern language features, a language server, static analyzer, formatter and linter, aiming to improve the overall PHP developer experience.

Language ServerPreprocessorRust

0 likes · 5 min read

What Is PXP? A Fast, Rust‑Powered PHP Preprocessor and Language Extension

Full-Stack Cultivation Path

Aug 18, 2024 · Frontend Development

Understanding ESLint: Core Concepts, Configuration Complexity, and Debugging Techniques

This article explains ESLint's highly configurable static analysis architecture, clarifies the roles of parsers, processors, configs and plugins, explores the intricacies of its configuration system, and provides practical debugging methods—including performance profiling and a real‑world import/no-cycle case study.

ConfigurationDebuggingESLint

0 likes · 13 min read

Understanding ESLint: Core Concepts, Configuration Complexity, and Debugging Techniques

Architecture Development Notes

Aug 15, 2024 · Fundamentals

How Go’s Compiler Shrinks Binaries with Dead Code Elimination

This article explains Go’s dead code elimination (DCE) optimization, demonstrates it with sample code, shows how to inspect compiled binaries using go tool nm, and discusses factors that affect DCE such as code complexity, compiler flags, and reflection, helping developers reduce binary size.

Compiler OptimizationGobinary size

0 likes · 6 min read

How Go’s Compiler Shrinks Binaries with Dead Code Elimination

JD Tech

Jul 23, 2024 · Fundamentals

Effective Code Review: Goals, Principles, Practices, and Real-World Cases

This article explains the importance of code review, outlines its core goals and basic principles, provides step‑by‑step practical guidance with a detailed checklist, shares real‑world case studies and code examples, and discusses metrics and future AI‑assisted improvements to help teams improve software quality.

AI toolsCode reviewSoftware quality

0 likes · 17 min read

Effective Code Review: Goals, Principles, Practices, and Real-World Cases

Rare Earth Juejin Tech Community

Jul 23, 2024 · Frontend Development

Creating Custom ESLint Plugins to Enforce Team Coding Standards

This article explains how to develop custom ESLint plugins—covering background concepts, Yeoman generator setup, rule implementation for typeof and instanceof checks, unit testing, local linking, and providing recommended configurations—to ensure consistent code style and best‑practice enforcement across a development team.

ESLintJavaScriptcustom plugin

0 likes · 12 min read

Creating Custom ESLint Plugins to Enforce Team Coding Standards

JD Tech Talk

Jul 18, 2024 · Fundamentals

Effective Code Review Practices: Goals, Principles, Steps, and Real‑World Cases

This article explains the importance of code review, outlines its core objectives and basic principles, describes practical steps and a detailed checklist, shares several real‑world case studies with before‑and‑after code snippets, and discusses the benefits, metrics, and future AI‑assisted enhancements.

Code reviewSoftware EngineeringSoftware quality

0 likes · 18 min read

Effective Code Review Practices: Goals, Principles, Steps, and Real‑World Cases

JD Cloud Developers

Jul 18, 2024 · Fundamentals

Mastering Code Review: Proven Strategies, Checklists, and Real-World Cases

This comprehensive guide explains why code review is essential, outlines its core goals and principles, provides step‑by‑step practices and a detailed checklist, shares five real‑world case studies with before‑and‑after code, and looks ahead to AI‑assisted review tools.

AI toolsCode reviewSoftware quality

0 likes · 19 min read

Mastering Code Review: Proven Strategies, Checklists, and Real-World Cases

ITPUB

Jul 17, 2024 · Backend Development

10 Proven Techniques to Slash Java Bugs and Boost Code Quality

This guide presents ten practical strategies—including IDE selection, static analysis tools, unit testing, code reviews, and learning from others' post‑mortems—to help developers dramatically reduce bugs, improve code quality, and increase overall productivity.

Code reviewJavabug reduction

0 likes · 10 min read

10 Proven Techniques to Slash Java Bugs and Boost Code Quality

Top Architect

Jul 3, 2024 · Fundamentals

Step‑by‑Step Guide to Installing and Configuring the CheckStyle Plugin in IntelliJ IDEA

This article provides a step‑by‑step tutorial for installing and configuring the CheckStyle plugin in IntelliJ IDEA, explains how to address common CheckStyle warnings such as missing annotations, spacing, naming, formatting, logical errors and import‑order issues, includes screenshots, and also contains promotional material for ChatGPT services and a community group.

IntelliJ IDEAJavacheckstyle

0 likes · 9 min read

Step‑by‑Step Guide to Installing and Configuring the CheckStyle Plugin in IntelliJ IDEA

Liangxu Linux

Jun 25, 2024 · Backend Development

Boost Your Shell Scripts with ShellCheck: Install, Use, and Real‑World Examples

This guide introduces ShellCheck, a static analysis tool for Linux shell scripts, outlines its key features, shows how to install it on various distributions or use it online, demonstrates command‑line usage with a practical example, and explains integration with editors like VSCode.

BashLinuxShell scripting

0 likes · 6 min read

Boost Your Shell Scripts with ShellCheck: Install, Use, and Real‑World Examples

macrozheng

Jun 19, 2024 · Backend Development

Master CheckStyle in IntelliJ IDEA: Step-by-Step Guide to Clean Java Code

This guide walks you through installing and configuring the CheckStyle plugin in IntelliJ IDEA, explains how to import custom rule sets, and details common style violations such as missing annotations, spacing, naming, formatting, logical errors, and import order, offering practical fixes to keep Java code clean and consistent.

IntelliJ IDEAJavacheckstyle

0 likes · 4 min read

Master CheckStyle in IntelliJ IDEA: Step-by-Step Guide to Clean Java Code

JD Cloud Developers

Jun 8, 2024 · Fundamentals

Boost Your Code Reading Efficiency with 3 Powerful Tools

This article introduces three static analysis tools—Source Insight, Understand, and Source Trail—detailing their visualization, code checking, exploration, and comparison features, while highlighting platform support, usability, and maintenance status to help developers choose the best aid for reading code efficiently.

Software toolscode readingcode visualization

0 likes · 6 min read

Boost Your Code Reading Efficiency with 3 Powerful Tools

JD Tech Talk

Jun 8, 2024 · Fundamentals

Three Code‑Reading Assistance Tools: Source Insight, Understand, and Sourcetrail

This article introduces three static‑analysis‑based code‑reading tools—Source Insight, Understand, and Sourcetrail—detailing their visualization, inspection, exploration, and comparison features, platform support, and maintenance status to help developers choose the most suitable aid for efficient source‑code comprehension.

code readingdevelopment-toolssource insight

0 likes · 9 min read

Three Code‑Reading Assistance Tools: Source Insight, Understand, and Sourcetrail

Ops Development & AI Practice

Jun 1, 2024 · Backend Development

Mastering Dependency Injection in Go with Google Wire

This article introduces Google Wire, a static‑analysis‑based dependency injection tool for Go, covering its key features, installation steps, core usage patterns—including defining dependencies, creating providers, generating code, and best practices such as modular management, interface abstraction, and testing with mock implementations.

Code GenerationGoGoogle Wire

0 likes · 8 min read

Mastering Dependency Injection in Go with Google Wire

Software Development Quality

May 15, 2024 · Information Security

How APKDeepLens Scans Android Apps for OWASP Top 10 Vulnerabilities

APKDeepLens is a Python‑based tool that automatically scans Android APK files for security flaws, covering the OWASP Top 10 mobile risks and providing detailed, actionable reports for developers, pentesters, and security researchers.

APKOWASPPython

0 likes · 4 min read

How APKDeepLens Scans Android Apps for OWASP Top 10 Vulnerabilities

JD Tech

May 6, 2024 · Fundamentals

Static and Runtime Code Scanning to Detect Unused Java Methods

This article presents a design and implementation of both static AST‑based scanning and runtime JaCoCo coverage analysis to automatically detect unused (zombie) Java methods, describing the workflow, required dependencies, code snippets, and how to visualize active versus dead code in the IDE.

ASTDead CodeJaCoCo

0 likes · 8 min read

Static and Runtime Code Scanning to Detect Unused Java Methods

php Courses

May 6, 2024 · Backend Development

Static Code Analysis with PHPStan: Benefits, Installation, and Integration

This article explains static code analysis, introduces PHPStan as a leading PHP static analysis engine, outlines its advantages, provides step‑by‑step installation and configuration instructions, describes level upgrades, and shows how to integrate it into development workflows to improve code quality and security.

BackendPHPStanSoftware Security

0 likes · 8 min read

Static Code Analysis with PHPStan: Benefits, Installation, and Integration

Java Tech Enthusiast

Apr 29, 2024 · Fundamentals

Nine Practical Techniques to Reduce Code Bugs

To cut bugs and boost productivity, developers should use a robust IDE, integrate static analysis tools like FindBugs and CheckStyle, run SonarQube and Fortify for quality and security checks, write unit and functional tests, automate regression suites, and regularly conduct peer code reviews.

Code reviewbug reductioncode quality

0 likes · 8 min read

Nine Practical Techniques to Reduce Code Bugs

Su San Talks Tech

Apr 17, 2024 · Fundamentals

10 Proven Strategies to Slash Code Bugs and Boost Development Efficiency

This article presents ten practical techniques—including choosing the right IDE, integrating static analysis tools like FindBugs and CheckStyle, using SonarQube and Fortify, writing unit and automated tests, performing incremental code reviews, and learning from others' pitfalls—to help developers dramatically reduce bugs and improve code quality.

Code reviewbug reductioncode quality

0 likes · 10 min read

10 Proven Strategies to Slash Code Bugs and Boost Development Efficiency

JD Retail Technology

Feb 23, 2024 · Backend Development

Static and Dynamic Code Inspection for Reducing Java Backend Code Corruption

This article explains how to use static analysis tools like IDEA and PMD together with dynamic coverage tools such as JaCoCo to identify, clean up, and refactor unused, duplicated, or dead Java code in large backend projects, improving maintainability and stability.

Dynamic analysisJaCoCoJava

0 likes · 9 min read

Static and Dynamic Code Inspection for Reducing Java Backend Code Corruption

Open Source Tech Hub

Feb 7, 2024 · Backend Development

How to Use SonarLint for Real‑Time PHP Code Quality Checks

This guide explains how to install SonarLint in IDEs like PHPStorm, run on‑the‑fly scans, interpret common PHP code‑smell warnings, and apply concrete fixes for issues such as missing braces, improper loop conditions, unreachable catch blocks, and absent default cases in switch statements.

IDE pluginPHPcode quality

0 likes · 5 min read

How to Use SonarLint for Real‑Time PHP Code Quality Checks

Architecture Digest

Jan 31, 2024 · Fundamentals

Installing and Using the CheckStyle Plugin in IntelliJ IDEA

This guide explains how to import, configure, and apply the CheckStyle plugin in IntelliJ IDEA, covering common annotation, formatting, naming, logical, and import‑order issues, and provides step‑by‑step screenshots to help Java developers enforce coding standards efficiently.

IntelliJ IDEAJavacheckstyle

0 likes · 4 min read

Installing and Using the CheckStyle Plugin in IntelliJ IDEA

JD Tech

Jan 25, 2024 · Fundamentals

Code Visualization: Core Concepts, Implementation Methods, and Application Scenarios

This article explains the fundamentals of code visualization, why it is needed, presents several real‑world scenarios, and details both static (source‑based and bytecode‑based) and dynamic analysis techniques for generating call graphs, along with their advantages, disadvantages, tools, and case studies.

Dynamic analysisSoftware Engineeringcall graph

0 likes · 11 min read

Code Visualization: Core Concepts, Implementation Methods, and Application Scenarios

php Courses

Jan 24, 2024 · Backend Development

Essential Tools for PHP Developers: IDEs, AI Assistants, Debuggers, and Deployment Solutions

This article presents a curated list of essential tools for PHP developers—including IDEs, AI‑powered assistants, database managers, static analysis utilities, code formatters, container platforms, debuggers, testing frameworks, and deployment automation—to streamline workflows, boost productivity, and improve code quality.

DebuggingDeploymentIDE

0 likes · 8 min read

Essential Tools for PHP Developers: IDEs, AI Assistants, Debuggers, and Deployment Solutions

Ctrip Technology

Jan 11, 2024 · Backend Development

Building a Backend Java Code‑Analysis Platform for Precise Testing and Application Slimming

This article describes how to construct a code‑analysis platform for Java micro‑services that builds a knowledge base through static, semi‑dynamic and dynamic analysis, enabling precise test‑case selection and safe removal of dead code to improve iteration efficiency and system maintainability.

Dynamic analysisapplication slimmingcode analysis

0 likes · 17 min read

Building a Backend Java Code‑Analysis Platform for Precise Testing and Application Slimming

Open Source Tech Hub

Jan 5, 2024 · Operations

How to Install and Use SonarQube with Docker for Code Quality Analysis

This guide explains what SonarQube is, its advantages, architecture, and provides step‑by‑step Docker installation, project setup, scanner configuration, and real‑world examples of detecting unreachable code and unused parameters.

DockerPHPSonarQube

0 likes · 9 min read

How to Install and Use SonarQube with Docker for Code Quality Analysis

Open Source Tech Hub

Nov 14, 2023 · Backend Development

Why Static Code Scanning Matters for PHP and How to Do It

This article explains what static code scanning is, why PHP projects especially need it due to weak typing, runtime compilation and dependency complexity, compares popular tools like PHPStan, PHPSA and Phan, and shows how to integrate scanning into a release workflow.

Code ScanningPHPPHPStan

0 likes · 9 min read

Why Static Code Scanning Matters for PHP and How to Do It

Baidu Geek Talk

Nov 2, 2023 · Artificial Intelligence

AI-Powered Code Defect Detection: Leveraging Code Knowledge Graphs and Large Language Models

The paper presents an AI‑driven static analysis framework that builds code knowledge graphs to extract relevant slices and leverages large language models for multilingual defect prediction, achieving up to 80% F1, detecting 662 defects across 1,100 C++ modules with a 26.9% recall gain over traditional rule‑based scanners.

BERTSoftware qualitycode defect detection

0 likes · 9 min read

AI-Powered Code Defect Detection: Leveraging Code Knowledge Graphs and Large Language Models

Liangxu Linux

Nov 1, 2023 · Information Security

How to Use Tencent’s TscanCode for Static Code Analysis on Linux and Windows

This guide explains static code scanning concepts, compares popular tools, introduces Tencent’s open‑source TscanCode, details its supported languages and detection capabilities, and provides step‑by‑step instructions for running the tool on Linux and Windows with example code and results.

C++TscanCodeWindows

0 likes · 5 min read

How to Use Tencent’s TscanCode for Static Code Analysis on Linux and Windows

Baidu Geek Talk

Oct 23, 2023 · Mobile Development

How Python Automates iOS Code Refactoring: A Step‑by‑Step Guide

This article explains how to use Python scripts to automate the analysis and refactoring of iOS configuration data items in Baidu App, detailing the extraction of public properties, usage detection across modules, CSV reporting, and the overall refactoring workflow to improve maintainability and reduce risk.

AutomationCSV exportCode Refactoring

0 likes · 16 min read

How Python Automates iOS Code Refactoring: A Step‑by‑Step Guide

MaGe Linux Operations

Oct 21, 2023 · Backend Development

Essential Go Commands Every Backend Developer Should Master

Learn how to install Go, verify its version, configure environment variables, initialize modules, manage dependencies, build binaries, format code, tidy unused packages, run and test your applications, and use vet for static analysis—all with concise command-line examples for efficient Go development.

Backend Developmentcommand-linego-modules

0 likes · 5 min read

Essential Go Commands Every Backend Developer Should Master

Alipay Experience Technology

Oct 20, 2023 · Mobile Development

Boost Android Native C++ Quality with Clang‑Tidy and the C++ Core Guidelines

This article explains how to integrate the C++ Core Guidelines checker via Clang‑Tidy into Android C++ projects, covering setup in ndk‑build and Android Studio, using quick‑fixes to automatically refactor code, generating a JSON compilation database, and highlighting the guidelines' impact on modern C++ talent development.

AndroidCClang-Tidy

0 likes · 14 min read

Boost Android Native C++ Quality with Clang‑Tidy and the C++ Core Guidelines

phodal

Oct 19, 2023 · Operations

Can LLMs Revolutionize Code Review? Inside AutoDev’s AI‑Powered Approach

The article examines how rising code volume and AI‑generated snippets challenge traditional code review, proposes an LLM‑assisted workflow using AutoDev and DevOpsGenius, details prompt design, commit filtering, and implementation steps, and discusses the benefits and limitations for different team roles.

AI automationCode reviewDevOps

0 likes · 9 min read

Can LLMs Revolutionize Code Review? Inside AutoDev’s AI‑Powered Approach

Architect

Oct 18, 2023 · Artificial Intelligence

Code Understanding: Techniques, Applications, and AI‑Driven Solutions

This article explores the fundamentals of code understanding, including static, dynamic, and non‑code analysis, presents a three‑layer architecture for scalable code comprehension, and demonstrates practical AI‑enhanced applications such as intelligent unit testing, dead‑code detection, and AI‑based static analysis within CI/CD pipelines.

AILLMSoftware Engineering

0 likes · 16 min read

Code Understanding: Techniques, Applications, and AI‑Driven Solutions

Ant R&D Efficiency

Oct 17, 2023 · Fundamentals

Analysis of Code Defects and Their Repair Rates in Projects A and B

The report analyzes SonarQube‑detected defects in Projects A and B, classifying them by type and severity, revealing that code smells dominate while null‑pointer bugs are unexpectedly frequent, and discusses why some defects are quickly fixed versus others remaining unresolved, emphasizing early detection, design rigor, and robust testing.

Software TestingSonarQubebug fixing

0 likes · 16 min read

Analysis of Code Defects and Their Repair Rates in Projects A and B

Baidu Geek Talk

Oct 9, 2023 · Artificial Intelligence

Code Understanding Technology: Building White-Box Software Knowledge Graph at Baidu

Baidu’s white‑box code understanding platform combines static, dynamic, non‑code and LLM‑based analyses in a three‑layer architecture that accelerates C/C++ processing ninefold, supports multiple languages, and powers applications such as intelligent unit testing, orphan‑function cleanup and AI‑driven risk detection, while future integration with models like GPT‑4 aims to enable multi‑turn code Q&A, automated refactoring and predictive testing.

ASTBaiduCode Understanding

0 likes · 15 min read

Code Understanding Technology: Building White-Box Software Knowledge Graph at Baidu

Meituan Technology Team

Sep 21, 2023 · Backend Development

Code Change Risk Visualization and Quality Assurance Practices at Meituan

The article details Meituan's design and deployment of a code‑change risk visualization platform—named Houyi—covering risk categories, system architecture, technical challenges, eight practical application scenarios, and future plans to enhance code analysis and risk detection.

MeituanMicroservicescode change visualization

0 likes · 21 min read

Code Change Risk Visualization and Quality Assurance Practices at Meituan

Baidu Geek Talk

Sep 20, 2023 · Backend Development

How Baidu Cut iOS App Size by Removing Unused Methods with LLVM Libtooling

Baidu reduced the iOS app package by over 350 MB by discarding dead code, replacing unreliable Mach‑O analysis with a source‑level AST approach built on LLVM libtooling and the Swift compiler, and implementing a multi‑layer static‑analysis pipeline that extracts, transforms, stores, and filters method usage data.

ASTLLVMapp size optimization

0 likes · 17 min read

How Baidu Cut iOS App Size by Removing Unused Methods with LLVM Libtooling

Liangxu Linux

Sep 9, 2023 · Fundamentals

9 Essential Uses of Static Code Analyzers for Embedded C Development

This article explains why static code analysis tools are crucial for embedded C projects, lists nine practical functions such as bug detection, coding‑standard enforcement, ANSI‑C compliance, type checking, dimensional analysis, stack and thread inspection, and summarizes their impact on code quality and robustness.

MISRAToolchaincode quality

0 likes · 7 min read

9 Essential Uses of Static Code Analyzers for Embedded C Development