1. Field of the Invention
The present invention relates to code archeology and more particularly to searching artifacts in using static code analysis.
2. Description of the Related Art
Code archeology refers to the process of uncovering the behavior of existing source code of a computer program for either modification, re-write or retirement. Static code analysis, as opposed to dynamic code analysis, both tools of code archeology, refers to the analysis of a computer program performed without executing the computer program. In most cases static code analysis is performed on a version of the source code and in other cases, some form of the object code compiled from the source code. The skilled artisan will recognize a distinction between static code analysis and code review or program comprehension to the extent that the former is an automated process performed by a tool, while the latter is a manual process performed by a human being. The sophistication of static code analysis performed by a tool varies from those that only consider the behavior of individual statements and declarations of source code, to those that include the complete source code of a computer program in the analysis. Resultant use of the information obtained from the analysis vary from highlighting possible coding errors in a computer program to formal methods that mathematically prove properties about a given computer program.
For most, static code analysis is a methodology of detecting errors in program code based on the programmer review source code marked by an analyzer of the tool in those places of source code where potential errors may occur. In other words the static analysis tool detects in the program text the places containing or likely to contain errors, subject to errors or possessing bad formatting. Such code sections are to be considered by the programmer for the programmer to decide whether or not to modify the subject code section. Static analyzers can be both of general purpose and specialized for searching certain error classes. Though complicated in nature, static code analyzers allow developers to detect a substantial number of errors at the earliest possible stage of program code development. In this regard, the earlier an error can be determined, the lower is the cost of its correction.
Static code analysis applied to a computer program of only a handful of source code files and corresponding resources, collectively referred to as “assets”, can be complicated for the uninitiated. Managing static code analysis for a computer program of hundreds of assets distributed across multiple different servers can be near impossible without significant experience. Thus, the use of static code analysis to achieve the enormous benefit resulting therefrom can be elusive for many developers lacking the requisite experience in static code analysis.