False positives Are Considered Enemies, But Can They Be Your Friends?by@sonarsource
327 reads
327 reads

False positives Are Considered Enemies, But Can They Be Your Friends?

by SonarSource9mOctober 11th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

There are several types of rules that give rise to different types of false positives. In this post, I’ll discuss how the different rules are based on different analysis techniques. There are different reasons for false positives, such as whether the rule needs to compute the semantic properties of your program. Some rules are simpler, but may still raise false positives. That may be because the implementation is buggy, or because the exact specification is hard to get right. There is no perfect answer: We can err on the side of avoiding false positives by deciding that all octal values with 3 are acceptable.

Company Mentioned

Mention Thumbnail
featured image - False positives Are Considered Enemies, But Can They Be Your Friends?
SonarSource HackerNoon profile picture
SonarSource

SonarSource

@sonarsource

We build world-class Code Quality & Security tools: SonarQube, SonarLint and SonarCloud

Share Your Thoughts

About Author

SonarSource HackerNoon profile picture
SonarSource@sonarsource
We build world-class Code Quality & Security tools: SonarQube, SonarLint and SonarCloud

TOPICS

THIS ARTICLE WAS FEATURED IN...

Permanent on Arweave
Read on Terminal Reader
Read this story in a terminal
 Terminal
Read this story w/o Javascript
Read this story w/o Javascript
 Lite
Also published here
L O A D I N G
. . . comments & more!