I think most development occurs on problems that can't be formally modeled anyway. Most developers work on things like, "can you add this feature to the e-commerce site? And can the pop-up be blue?" which isn't really model-able. But that's not to say that formal methods are useless! We can still prove some interesting aspects of programs -- for example, that every lock that gets acquired later gets released. ... - Source: Hacker News / 3 months ago
Using infer, someone else exploited null-dereference checks to introduce simple affine types in C++. Cppcheck also checks for null-dereferences. Unfortunately, that approach means that borrow-counting references have a larger sizeof than non-borrow counting references, so optimizing the count away potentially changes the semantics of a program which introduces a whole new way of writing subtly wrong code. Source: 11 months ago
Then this idea that the US government will tell tech companies how to write secure software. Let's get this straight, the private sector, especially big tech is miles ahead of US government in this regard. Microsoft literally invented threat modelling and modern exploit mitigations. Facebook has the best appsec processes pretty much in the whole world, including their own cutting edge code analyzer. AWS uses... Source: about 1 year ago
I notice there isn't fbinfer. It's pretty cool, and is used for this library. Source: over 1 year ago
"Move fast, break stuff" is a great approach when you aren't pushing the broken bits to production. Fuck, even Facebook, the big "move fast, break stuff" company, uses tools to detect errors in its continuous integration toolchain. https://fbinfer.com/. Source: over 1 year ago
TBH, there's a non-zero amount of non-"ivory tower" tools you may have used that are written in functional languages. Say, Pandoc or Shellcheck are written in Haskell; Infer and Flow are written in OCaml. RabbitMQ and Whatsapp are implemented in Erlang (FB Messenger was too, originally; they switched to the C++ servers later). Twitter backend is (or was, at least) written in Scala. Source: over 1 year ago
- borrow-cpp which exploits some null dereference checks in the infer static analyzer to model some of borrow checking. Source: over 1 year ago
Infer kind of does this, it has multiple frontends and provides linting capabilities https://fbinfer.com. - Source: Hacker News / over 1 year ago
Do you know an article comparing Infer by Facebook to other products?
Suggest a link to a post with product alternatives.
This is an informative page about Infer by Facebook. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.