Publication type: Article in scientific journal
Type of review: Peer review (publication)
Title: Using code reviews to automatically configure static analysis tools
Authors: Zampetti, Fiorella
Mudbhari, Saghan
Arnaoudova, Venera
Di Penta, Massimiliano
Panichella, Sebastiano
Antoniol, Giuliano
et. al: No
DOI: 10.1007/s10664-021-10076-4
Published in: Empirical Software Engineering
Volume(Issue): 27
Issue: 1
Page(s): 28
Issue Date: 2021
Publisher / Ed. Institution: Springer
ISSN: 1382-3256
Language: English
Subjects: Static analysis tool; Code review; Automated tool configuration
Subject (DDC): 005: Computer programming, programs and data
Abstract: Developers often use Static Code Analysis Tools (SCAT) to automatically detect different kinds of quality flaws in their source code. Since many warnings raised by SCATs may be irrelevant for a project/organization, it can be possible to leverage information from the project development history, to automatically configure which warnings a SCAT should raise, and which not. In this paper, we propose an automated approach (Auto-SCAT) to leverage (statement-level) code review comments for recommending SCAT warnings, or warning categories, to be enabled. To this aim, we trace code review comments onto SCAT warnings by leveraging their descriptions and messages, as well as review comments made in other different projects. We apply Auto-SCAT to study how CheckStyle, a well-known SCAT, can be configured in the context of six Java open source projects, all using Gerrit for handling code reviews. Our results show that, Auto-SCAT is able to classify code review comments into CheckStyle checks with a precision of 61% and a recall of 52%. While considering also the code review comments not related to CheckStyle warnings Auto-SCAT has a precision and a recall of ≈ 75%. Furthermore, Auto-SCAT can configuring CheckStyle with a precision of 72.7% at checks level and a precision of 96.3% at category level. Finally, our findings highlight that Auto-SCAT outperforms state-of-art baselines based on default CheckStyle configurations, or leveraging the history of previously-removed warnings.
Further description: Erworben im Rahmen der Schweizer Nationallizenzen (
Fulltext version: Published version
License (according to publishing contract): Licence according to publishing contract
Departement: School of Engineering
Organisational Unit: Institute of Applied Information Technology (InIT)
Published as part of the ZHAW project: COSMOS – DevOps for Complex Cyber-physical Systems of Systems
Appears in collections:Publikationen School of Engineering

Files in This Item:
There are no files associated with this item.

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.