Static analysis (SA) tools can generate useful static warnings to reveal the problematic code
snippets in a software system without dynamically executing the corresponding source code …

JavaScript has been a de facto standard language for client-side web programs, and now it
is expanding its territory to general purpose programs. In this article, we classify the client …

A linter is a static analysis tool that warns software developers about possible code errors or
violations to coding standards. By using such a tool, errors can be surfaced early in the …

Node. js provides the ability to write JavaScript programs for the server-side and has
become a popular language for develo** web applications. Node. js allows direct access …

Python's dynamic ty** nature provides developers with powerful programming
abstractions. However, many type-related bugs are accumulated in code bases of Python …

Building static analyzers for modern programming languages is difficult. Often soundness is
a requirement, perhaps with some well-defined exceptions, and precision must be adequate …

Infrastructure-as-Code (IaC) is a technology that enables the management and distribution
of infrastructure through code instead of manual processes. In 2020, Palo Alto Network's …

Manual confirmation of static analysis reports is a daunting task. This is due to both the large
number of warnings and the high density of false positives among them. Fuzzing techniques …

Distributed learning based on JavaScript-based frontends is typically implemented at the
endpoint to maximize performance. Yet, JavaScript-based frontends often experience …

Understanding program behaviors is important to verify program properties or to optimize
programs. Static analysis is a widely used technique to approximate program behaviors via …