PVS-Studio Reviews and details

Social recommendations and mentions

• Let's check the qdEngine game engine, part one: top 10 warnings issued by PVS-Studio

  The analyzer has found various types of errors in the project. So, we'd like to look at them from different angles. That's why I'll publish several articles on different topics. The first one is dedicated to the Best button in the PVS-Studio plugins. - Source: dev.to / 9 days ago

• Bugs that buzzed a lot

  One of the ways to create better and more secure code is to use static analyzers such as PVS-Studio. The tool provides code analysis for the C, C++, C#, and Java programming languages. - Source: dev.to / 24 days ago

• Examining suspicious code fragments in AWS SDK for .NET

  I checked the code with the PVS-Studio analyzer using the plugin for Visual Studio. - Source: dev.to / 10 months ago

• Do developers care about code security?

  I'm working on PVS-Studio. It's a code analysis tool detects both coding errors and security flaws (SAST). So, I'd like to know more about what teams expect from SAST solutions. Source: about 1 year ago

• SAST in Secure SDLC: 3 reasons to integrate it in a DevSecOps pipeline

  And yet SAST is another essential step-up that can help reduce reputational and financial risks. If you are building SSDLC, SAST tools should be a mandatory part of the DevSecOps pipeline. - Source: dev.to / about 2 years ago

• Vulnerabilities due to XML files processing: XXE in C# applications in theory and in practice

  Since the project is open-source, we'll take advantage of this. To search for vulnerabilities, in addition to our own knowledge, we use PVS-Studio — a solution that searches for errors and security weaknesses. We need a group of security-related diagnostics — OWASP. You can read about turning on the corresponding warnings here. - Source: dev.to / about 2 years ago

• Errors and suspicious code fragments in .NET 6 sources

  I checked the code with the PVS-Studio static analyzer. As you probably guessed from this article, PVS-Studio 7.16 supports the analysis of projects on .NET 6. You can read more about new enhancements of the current release here. The PVS-Studio C# analyzer for Linux and macOS now works on .NET 6 as well. - Source: dev.to / over 2 years ago

• A variety of errors in C# code by the example of CMS DotNetNuke: 40 questions about the quality

  I use PVS-Studio 7.15 to perform the analysis. Want to try the analyzer on your project? Click here to open the page with all the necessary steps. Have any questions? Don't understand something? Feel free to contact us. - Source: dev.to / over 2 years ago

• All hail bug reports: how we reduced the analysis time of the user’s project from 80 to 4 hours

  Before we proceed to the story, here's a little introduction. We are the PVS-Studio team. We develop the analyzer that searches for errors and potential vulnerabilities in C, C++, C#, and Java code. Yours truly is the team lead of the C# analyzer development team, the author of articles and posts. - Source: dev.to / over 2 years ago

• Optimization of .NET applications: a big result of small edits

  Beware that we are not going to delve into any abstract theoretical reasoning. In this context, the "change the code to avoid the creation of one iterator" type of tips would look bizarre. All the problems listed in this article were identified after I profiled the PVS-Studio static analyzer for C#. The main purpose of profiling was to reduce the analysis time. - Source: dev.to / over 2 years ago