LavX NewsMozilla's Firefox team explored extending Clang's Static Analyzer for whole-project taint tracking, aiming to devirtualize virtual calls across files. The prototype showed promise in richer control-flow modeling but stalled on ASTImporter's limitations in cross-file imports. This highlights the hurdles in scaling static analysis for complex codebases, urging better tools for open-source reliability. Thoughts on advancing CTU support? #OpenSource #StaticAnalysis #TechEthics
Python static analysis advances as mypy-pure and mypy-raise tackle purity and exception handling gaps. These tools enhance reliability by extending type checking into critical areas, supporting developers in building more robust and responsible code. Python's ecosystem evolves thoughtfully. #Python #StaticAnalysis #TechEthics
DyalogThe presentation recordings from DYNA Fall 2025 are now being published. Watch (or rewatch!) "Static Analysis of APL for Tooling and Compliance" by Aaron Hsu and Brandon Wilson at https://www.youtube.com/watch?v=d4pRvKMcp_g
Static Analysis of APL for Tooling and Compliance // Aaron Hsu and Brandon Wilson // DYNA Fall 2025
patchlevelWe released 3.2.0 of event-sourcing-psalm-plugin! See here for the changelog: https://github.com/patchlevel/event-sourcing-psalm-plugin/releases/tag/3.2.0
#PHP #DDD #EventSourcing #Psalm #StaticAnalysis
#PHP #DDD #EventSourcing #Psalm #StaticAnalysis
Aaron Brick — אהרן בריקWorking on a little static analysis of #Python code for common student snafus, but I haven't found the right tool yet. What library or technique beats regex (this seems easy) for finding calls to a certain function, or a function defined but never called?
I thought I might be able to figure this out by reading the CPython bytecode but not quite. All ideas welcome.
#computerscience #programming #development #staticanalysis #metrics #pedagogy
Nora DimitrijevićAre you a UK-based senior software developer who's interested in #compilers, #staticanalysis and/or #database engine implementation? Take a look at https://www.github.careers/careers-home/jobs/4504
Senior Software Engineer - CodeQL and Code Review Agents in United Kingdom | GitHub, Inc.
GitHub Careers Home is hiring a Senior Software Engineer - CodeQL and Code Review Agents in United Kingdom. Review all of the job details and apply today!
The Dutch PHP Conference🎤 Nic Wortel spoke at The Dutch PHP Conference!
The talk 'Finding security vulnerabilities with static analysis' is now live!💪 🚀
🎥 Watch it here: https://phpconference.nl/session/finding-security-vulnerabilities-with-static-analysis/
Webdevcon🎤 Nic Wortel spoke at Webdevcon!
The talk 'Finding security vulnerabilities with static analysis' is now live!💪 🚀
🎥 Watch it here: https://webdevcon.nl/session/finding-security-vulnerabilities-with-static-analysis/
Aaron Hsu will be presenting 'Static Analysis of APL for Tooling and Compliance' with Brandon Wilson on Day 1 of DYNA Fall 2025 in New York, 29 September. One of 11 APL presentations Free to attend. https://dyna.dyalog.com/presentations/static-analysis-of-apl-for-tooling-and-compliance/
Static Analysis of APL for Tooling and Compliance - DYNA Fall 2025
Aaron introduces the work that’s being done at Dyalog Ltd to provide static analysis tools for users of APL that should improve tooling, assist in code refactoring, and aid migrations. He discusses the security and static analysis tool built on Co-dfns that will be available as an independent tool targeting security and code quality audits, as well as how you can use Co-dfns to integrate static analysis into existing tools.
Patrick 
One Open-source Project Daily
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
https://github.com/anchore/syft
#1ospd #opensource #containers #cyclonedx #docker #go #golang #hacktoberfest #oci #sbom #spdx #staticanalysis #tool
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
https://github.com/anchore/syft
#1ospd #opensource #containers #cyclonedx #docker #go #golang #hacktoberfest #oci #sbom #spdx #staticanalysis #tool
