Tag feed

#static-analysis

42 posts8 followers

Explore Hashnode

Alternatives

Trending tags this week

MGMoksh Guptamoksh45.hashnode.dev2d ago · 7 min read

Top Static Code Analysis Tools Every Developer Should Know in 2026

Shipping buggy code to production is expensive - in time, reputation, and money. Static code analysis is how engineering teams prevent that. In 2026, the tooling available is faster, smarter, and more

0

PPythonWoodszenzic.hashnode.dev4d ago · 4 min read

Introducing Zenzic: A Documentation Quality Gate for Modern Engineering Teams

Most engineering teams already treat code as something that must pass through strict quality gates before reaching production. We run linters, type checkers, security scanners, tests, and CI pipelines

0

SMSangeetha Membeddedandbeyond.hashnode.devJun 13 · 6 min read

How to Set Up Static Code Analysis in an Embedded C Project

If you've ever shipped a firmware update only to discover a null pointer dereference hiding in production — you'll know the pain I'm talking about. Static code analysis is one of the most underused to

0

YDyazan dabayazandaba.hashnode.devMay 22 · 21 min read

LLVM-Clang Static Analyzers And SMT Solvers

Introduction Static analyzers generally speaking are abstract interpreters that analyze and emit diagnostics of program P, meaning that they analyze a program using abstract values rather than dynamic

0

PKPravin Khandkepravin-khandke.hashnode.devMay 4 · 10 min read

Clean Code at Scale: How Sonar Became Our Silent Reviewer

The pull request was three hundred lines of Java, touching seven files across two modules. A senior developer had reviewed it, left a dozen comments, and approved. But the build failed — not because o

0

VvictorstackAIvictorstackai.hashnode.devMar 8 · 3 min read

Modernizing Workflows with Pre-commit Hooks in Drupal

When managing a Drupal distribution for a massive intergovernmental corporation with developers working across three continents, "code review" cannot be the first line of defense against poor syntax. By the time a senior architect is reviewing a Pull...

0

VvictorstackAIvictorstackai.hashnode.devMar 8 · 3 min read

The Case for Strict PHPStan Baselines in Enterprise Codebases

Modernizing a legacy PHP application presents a paradox: you critically need strict static analysis to prevent future bugs, but turning on a tool like PHPStan immediately throws 5,000 errors, completely breaking the CI pipeline. During a recent stabi...

0

DGDevTools Guidedevtoolsguide.hashnode.devMar 4 · 5 min read

Semgrep: Find Real Bugs with Pattern-Based Static Analysis

Most linters catch style problems. Semgrep catches real bugs: SQL injection, hardcoded secrets, insecure deserialization, SSRF vulnerabilities, and misuse of cryptographic APIs. It works on source code using pattern matching that understands syntax —...

0

DGDevTools Guidedevtoolsguide.hashnode.devMar 3 · 8 min read

Static Analysis Beyond Linting: CodeQL, Semgrep, SonarQube, and Snyk Code

Static Analysis Beyond Linting: CodeQL, Semgrep, SonarQube, and Snyk Code Linters enforce style. Static analysis finds bugs. The difference matters. ESLint will tell you about unused variables and inconsistent formatting. CodeQL will tell you that us...

0

DGDevTools Guidedevtoolsguide.hashnode.devMar 3 · 9 min read

Knip: Finding Dead Code and Unused Dependencies in JavaScript Projects

Knip: Finding Dead Code and Unused Dependencies in JavaScript Projects Every codebase accumulates dead code. A utility function written for a feature that got reverted. A dependency added for one component that nobody uses anymore. An exported type ...

0

#static-analysis

Search Hashnode

#static-analysis

Explore Hashnode

Trending tags this week

Top Static Code Analysis Tools Every Developer Should Know in 2026

Introducing Zenzic: A Documentation Quality Gate for Modern Engineering Teams

How to Set Up Static Code Analysis in an Embedded C Project

LLVM-Clang Static Analyzers And SMT Solvers

Clean Code at Scale: How Sonar Became Our Silent Reviewer

Modernizing Workflows with Pre-commit Hooks in Drupal

The Case for Strict PHPStan Baselines in Enterprise Codebases

Semgrep: Find Real Bugs with Pattern-Based Static Analysis

Static Analysis Beyond Linting: CodeQL, Semgrep, SonarQube, and Snyk Code

Knip: Finding Dead Code and Unused Dependencies in JavaScript Projects