2 research outputs found
Quieting the Static: A Study of Static Analysis Alert Suppressions
Static analysis tools are commonly used to detect defects before the code is
released. Previous research has focused on their overall effectiveness and
their ability to detect defects. However, little is known about the usage
patterns of warning suppressions: the configurations developers set up in order
to prevent the appearance of specific warnings. We address this gap by
analyzing how often are warning suppression features used, which warning
suppression features are used and for what purpose, and also how could the use
of warning suppression annotations be avoided. To answer these questions we
examine 1\,425 open-source Java-based projects that utilize Findbugs or
Spotbugs for warning-suppressing configurations and source code annotations. We
find that although most warnings are suppressed, only a small portion of them
get frequently suppressed. Contrary to expectations, false positives account
for a minor proportion of suppressions. A significant number of suppressions
introduce technical debt, suggesting potential disregard for code quality or a
lack of appropriate guidance from the tool. Misleading suggestions and
incorrect assumptions also lead to suppressions. Findings underscore the need
for better communication and education related to the use of static analysis
tools, improved bug pattern definitions, and better code annotation. Future
research can extend these findings to other static analysis tools, and apply
them to improve the effectiveness of static analysis.Comment: 11 pages, 4 figure
Error Reporting with Graduated Color
I) A technique to avoid intemptions during p rogramming uses color and infomation hiding to provide ewor repovts on demand, rather than when you least want them