Skip to content

Latest commit

 

History

History
63 lines (38 loc) · 2.24 KB

README.md

File metadata and controls

63 lines (38 loc) · 2.24 KB

Ballerina Static Code Analysis Tool

Overview

Static code analysis uses tools to examine code without executing the code. They are used for identifying potential issues like bugs, vulnerabilities, and style violations. Static code analysis improves software quality by detecting issues early, ensuring better maintainability, and providing enhanced security. Ballerina supports static code analysis using the Ballerina scan tool. The Ballerina scan tool provides the command-line functionality to statically analyze Ballerina files and report analysis results.

This repository consists of

  • The Ballerina scan tool implementation.
  • The core scan logic.
  • The extension points for introducing additional analysis and reporting results to static code analysis platforms.

Prerequisites

  1. OpenJDK 17 (Adopt OpenJDK or any other OpenJDK distribution)

  2. Ballerina

Building from the source

Execute the commands below to build from the source.

  1. Export GitHub Personal access token with read package permissions as follows,

    export packageUser=<GitHub username>
    export packagePAT=<GitHub personal access token>
  2. To build the package:

    ./gradlew clean build

Note: The scan tool configurations will be appended to the contents of the .ballerina/.config/bal-tools.toml file during the build process.

  1. To run the tests:

    ./gradlew clean test
  2. To build the package without tests:

    ./gradlew clean build -x test

Contribute to Ballerina

As an open-source project, Ballerina welcomes contributions from the community.

For more information, go to the contribution guidelines.

Code of conduct

All the contributors are encouraged to read the Ballerina Code of Conduct.

Useful links