问题描述
有什么工具可以有反对C#code静态分析?我知道的FxCop和StyleCop的。是否有其他人呢?我穿过NStatic运行之前,但它一直在发展中求什么似乎永远 - 它从什么小我见过的它寻找pretty光滑,因此,如果将永远看到光明的一天这将是很好。
What tools are there available for static analysis against C# code? I know about FxCop and StyleCop. Are there others? I've run across NStatic before but it's been in development for what seems like forever - it's looking pretty slick from what little I've seen of it, so it would be nice if it would ever see the light of day.
除了这些同样的思路(这主要是我的静态分析利息),用于测试code多线程问题(死锁,比赛条件等)工具还显得有些稀少。 Typemock赛车刚刚弹出,所以我会关注这一点。任何超出此?
Along these same lines (this is primarily my interest for static analysis), tools for testing code for multithreading issues (deadlocks, race conditions, etc.) also seem a bit scarce. Typemock Racer just popped up so I'll be looking at that. Anything beyond this?
有关你使用的工具现实生活中的意见是AP preciated。
Real-life opinions about tools you've used are appreciated.
推荐答案
code违规检测工具:
- ,微软出色的工具。检查是否符合.NET框架的指导方针。(不再作为独立下载。它现在包含在<一个href=\"http://www.microsoft.com/downloads/en/details.aspx?FamilyID=6b6c21d2-2006-4afa-9702-529fa782d63b&displaylang=en\">Windows SDK 并安装后可在程序Files \\ Microsoft的SDK \\ WINDOWS \\中找到[V7.1] \\斌\\ FxCop的\\ FxCopSetup.exe)
- 的基础上,code源代码分析(为C#2.0)
- ,类似的FxCop但一个开源许可证(基于的)
- ,类似的FxCop和宪兵的基础上的。不再开发,主要开发人员团队宪兵现在的工作。
- ,商业产品
- ,商用产品
- ,商用产品
- ,Visual Studio的插件,可以帮助安全漏洞的身份
- Fxcop, excellent tool by Microsoft. Check compliance with .net framework guidelines.(No longer available as a standalone download. It is now included in the Windows SDK and after installation can be found in Program Files\Microsoft SDKs\Windows\ [v7.1] \Bin\FXCop\FxCopSetup.exe)
- Clocksharp, based on code source analysis (to C# 2.0)
- Mono.Gendarme, similar to Fxcop but with an opensource licence (based on Mono.Cecil)
- Smokey, similar to Fxcop and Gendarme, based on Mono.Cecil. No longer on development, the main developer works with Gendarme team now.
- Coverity Prevent™ for C#, commercial product
- PRQA QA·C#, commercial product
- PVS-Studio, commercial product
- CAT.NET , visual studio addin that helps identification of security flaws
- CodeIt.Right
- Spec#
- Pex
质量度量工具:
- ,极具视觉工具。有用的耦合和依赖研究。
- 的,自由的,可以很容易地编写自己的指标/限制,漂亮的视觉效果。
- 的基础上,code源代码分析
- 使用C#全解析
- ,旧工具的修改新版本出来
- ,一个附加
- ,旧的工具,不支持.NET 2.0
- NDepend, great visual tool. Useful for coupling and dependency studies.
- Nitriq, free, can easily write your own metrics/constraints, nice visualizations.
- RSM Squared, based on code source analysis
- C# Metrics, using a full parse of C#
- SourceMonitor, old tool EDIT a new version is out
- Code Metrics, a Reflector add-in
- Vil, old tool that doesn't support .NET 2.0
检查风格工具:
- ,微软工具(从Visual Studio的集成或内运行到MSBuild项目)。同时还提供。
- ,code风格的验证插件的 ReSharper的的
- StyleCop, Microsoft tool ( run from inside of Visual Studio or integrated into an MSBuild project). Also available as an extension for Visual Studio 2015 and C#6.0.
- Agent Smith, code style validation plugin for ReSharper
重复检测:
- ,基于源$ C $ C。作品用大量的语言。
- ,只检测语言边界参数克隆(也可以处理比C#等多国语言)
- 的一个Visual Studio插件。 (它使用的)
- ,基于源$ C $ C,丰富的语言,酷轮可视化
- Simian, based on source code. Works with plenty languages.
- CloneDR, detects parameterized clones only on language boundaries (also handles many languages other than C#)
- Clone Detective a Visual Studio plugin. (It uses ConQAT internally)
- Atomiq, based on source code, plenty of languages, cool "wheel" visualization
常规重构工具
- - Majorly酷C#code分析和重构功能
- ReSharper - Majorly cool C# code analysis and refactoring features
这篇关于什么静态分析工具可用于C#?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!