Static Analysis

Static Analysis

Static analysis, also called static code analysis, is the process of analyzing a computer program to find problems in it without actually executing it. Most generally, static analysis is performed on the source code of the program with tools that convert the program into an abstract syntax tree (AST) to understand the code's structure and then find problems in it.

What kind of problems can static analysis find?

Static analysis is a powerful tool to ensure software quality and robustness, and can find a number of issues in code before execution. Some of these categories of issues are:

  1. Potential security vulnerabilities
  2. Bug risks and anti-patterns
  3. Violation of code style guidelines
  4. Performance issues
  5. Dead or unused code

Also see Continuous Quality.

Write clean and secure code with DeepSource

Powerful static analysis that takes 5 minutes to set up and helps you fix code health and security problems on every pull request.