Using Static Checkers

Let's learn about utilities that can understand program source code in order to perform static analysis.

Static program analysis is the process of checking the source code without actually running the compiled version. The rigorous application of static checkers dramatically improves the quality of the code: it becomes more consistent and less bug-prone. The chance of introducing known security vulnerabilities is reduced too.

Integrating static checkers with CMake

The C++ community has created dozens of static checkers: Astrée, Clang-Tidy, CLazy, CMetrics, Cppcheck, Cpplint, CQMetrics, ESBMC, FlawFinder, Flint, IKOS, Joern, PC-Lint, Scan-Build, Vera++, and so on.

Get hands-on with 1200+ tech skills courses.