Are there any static code analysis tools for stored procedures written particularly in PL/SQL and T-SQL?
是否有任何静态代码分析工具用于特别是在PL / SQL和T-SQL中编写的存储过程?
9 个解决方案
#1
7
For T-SQL, Microsoft has the database edition of VS Team Suite (although, I believe its now in the dev SKU). This link talks about writing your own static code analysis rule for T-SQL: http://blogs.msdn.com/gertd/archive/2009/01/01/creating-t-sql-static-code-analysis-rules.aspx
对于T-SQL,Microsoft拥有VS Team Suite的数据库版本(尽管我相信它现在在开发SKU中)。此链接讨论为T-SQL编写自己的静态代码分析规则:http://blogs.msdn.com/gertd/archive/2009/01/01/creating-t-sql-static-code-analysis-rules。 ASPX
#2
6
Oracle has some little-known stuff built in.
Oracle内置了一些鲜为人知的东西。
Try this in 10g Release 2 or above:
在10g第2版或更高版本中试试这个:
ALTER SESSION PLSQL_WARNINGS = 'ENABLE:ALL';
Then compile your PL/SQL package (not an anonymous block).
然后编译您的PL / SQL包(不是匿名块)。
#3
4
Toad features the CodeXpert utility to statically check your PL/SQL code.
Toad使用CodeXpert实用程序来静态检查PL / SQL代码。
The utility can either scan files or connect directly to the Oracle database. As far as I've seen, works only on Windows.
该实用程序可以扫描文件或直接连接到Oracle数据库。据我所知,仅适用于Windows。
#4
4
Try free Sql Code Guard. It provides fast and comprehensive static analysis for T-Sql code, shows code complexity and objects dependencies
尝试免费的Sql Code Guard。它为T-Sql代码提供快速而全面的静态分析,显示代码复杂性和对象依赖性
#5
3
For PL/SQL, Toad CodeXpert can be extended with Sonar, an open source tool to manage code quality through a plugin.
对于PL / SQL,可以使用Sonar扩展Toad CodeXpert,Sonar是一个通过插件管理代码质量的开源工具。
I guess it would be possible to write a plugin for T-SQL as well.
我想也可以为T-SQL编写一个插件。
#6
2
The nearest thing that I know of are the estimated and actual query plan functions available in SQL Server Management Studio but I'd guess there's similar for other SQL engines.
我所知道的最接近的事情是SQL Server Management Studio中可用的估计和实际查询计划功能,但我猜它与其他SQL引擎类似。
#7
2
Our SD Source Code Search Engine is a tool for interactively searching large source code bases in many computer languages (including PL/SQL) efficiently, by preindexing the source code files by their tokens (identifiers, numbers, etc). As a side effect of the preindexing step, it computes standard metrics: SLOC, Cyclomatic, Halstead, ... for each file and produces a report. See the site for an example.
我们的SD源代码搜索引擎是一种交互式搜索许多计算机语言(包括PL / SQL)的大型源代码库的工具,通过其代码(标识符,数字等)预先索引源代码文件。作为预索引步骤的副作用,它为每个文件计算标准度量标准:SLOC,Cyclomatic,Halstead,...并生成报告。请参阅网站以获取示例。
Our SD CloneDR is a tool for analyzing large code bases for redundant code. We've applied it to PL/SQL, and have seen something like 45% of the code involved in clones. YMMV. The CloneDR works with a large variet of langauges; see the site for sample clone detection runs on some of those other langauges.
我们的SD CloneDR是一种用于分析冗余代码的大型代码库的工具。我们已将它应用于PL / SQL,并且已经看到克隆中涉及45%的代码。因人而异。 CloneDR适用于各种各样的语言;在某些其他语言中查看用于样本克隆检测的站点。
EDIT 10/4/2010:
编辑10/4/2010:
Our Source Code Search Engine is designed to enable very fast searches across large codes of mixed languages. It succeeds by preindexing the source code. As a side effect of the indexing step, it compute a variety of metrics including Cyclomatic and Halstead measures of complexity.
我们的源代码搜索引擎旨在实现跨大型混合语言代码的快速搜索。它通过预编索源代码成功。作为索引步骤的副作用,它计算各种指标,包括Cyclomatic和Halstead复杂度量。
Just added: not a static analysis tool, but one generally of interest to people interested software quality: our TestCoverage for PLSQL stored procedures.
刚补充说:不是一个静态分析工具,而是一个人们对软件质量感兴趣的人:我们的TestCoverage for PLSQL存储过程。
#8
1
Not that I'm aware of. Regardng PL/SQL, since Oracle doesn't expose much of their PL/SQL compilation engine its hard to find tool support.
不是我知道的。 Regardng PL / SQL,因为Oracle没有公开他们的PL / SQL编译引擎,很难找到工具支持。
The most I've been able to do is to query the data dictionary to do things like map the package dependencies.
我能做的最多的事情就是查询数据字典来做一些映射包依赖关系的事情。
#9
0
As a followup on the post for T-SQL; VS2010 and VS2008 database development editions come with build-in static analysis rules. These are user extensible, i.e. you can write your own analysis rules in a .net language. The open-source project Neznayka comes with an initial set of 22 rules, and forms a useful base for you to start contributing your own.
作为T-SQL帖子的后续内容; VS2010和VS2008数据库开发版本附带内置静态分析规则。这些是用户可扩展的,即您可以用.net语言编写自己的分析规则。开源项目Neznayka附带了一套最初的22条规则,为您开始贡献自己的规则提供了有用的基础。
Admittedly you have to fork out for Visual Studio and be prepared to develop db code using VS projects, but the recent releases of SSDT as a plug-in for SSMS raises the prospect that Microsoft may, if it has the will-power to do so, allow user-written rules to be distributed to environments that use MS SQL projects 'for free' to develop database code.
不可否认,你必须为Visual Studio做好准备,并准备使用VS项目开发db代码,但最近发布的SSDT作为SSMS的插件提出了微软可能的前景,如果它有这样做的意愿,允许将用户编写的规则分发到使用MS SQL项目“免费”开发数据库代码的环境。
The link for Neznayka.
Neznayka的链接。
Or search the web.
或者搜索网络。
#1
7
For T-SQL, Microsoft has the database edition of VS Team Suite (although, I believe its now in the dev SKU). This link talks about writing your own static code analysis rule for T-SQL: http://blogs.msdn.com/gertd/archive/2009/01/01/creating-t-sql-static-code-analysis-rules.aspx
对于T-SQL,Microsoft拥有VS Team Suite的数据库版本(尽管我相信它现在在开发SKU中)。此链接讨论为T-SQL编写自己的静态代码分析规则:http://blogs.msdn.com/gertd/archive/2009/01/01/creating-t-sql-static-code-analysis-rules。 ASPX
#2
6
Oracle has some little-known stuff built in.
Oracle内置了一些鲜为人知的东西。
Try this in 10g Release 2 or above:
在10g第2版或更高版本中试试这个:
ALTER SESSION PLSQL_WARNINGS = 'ENABLE:ALL';
Then compile your PL/SQL package (not an anonymous block).
然后编译您的PL / SQL包(不是匿名块)。
#3
4
Toad features the CodeXpert utility to statically check your PL/SQL code.
Toad使用CodeXpert实用程序来静态检查PL / SQL代码。
The utility can either scan files or connect directly to the Oracle database. As far as I've seen, works only on Windows.
该实用程序可以扫描文件或直接连接到Oracle数据库。据我所知,仅适用于Windows。
#4
4
Try free Sql Code Guard. It provides fast and comprehensive static analysis for T-Sql code, shows code complexity and objects dependencies
尝试免费的Sql Code Guard。它为T-Sql代码提供快速而全面的静态分析,显示代码复杂性和对象依赖性
#5
3
For PL/SQL, Toad CodeXpert can be extended with Sonar, an open source tool to manage code quality through a plugin.
对于PL / SQL,可以使用Sonar扩展Toad CodeXpert,Sonar是一个通过插件管理代码质量的开源工具。
I guess it would be possible to write a plugin for T-SQL as well.
我想也可以为T-SQL编写一个插件。
#6
2
The nearest thing that I know of are the estimated and actual query plan functions available in SQL Server Management Studio but I'd guess there's similar for other SQL engines.
我所知道的最接近的事情是SQL Server Management Studio中可用的估计和实际查询计划功能,但我猜它与其他SQL引擎类似。
#7
2
Our SD Source Code Search Engine is a tool for interactively searching large source code bases in many computer languages (including PL/SQL) efficiently, by preindexing the source code files by their tokens (identifiers, numbers, etc). As a side effect of the preindexing step, it computes standard metrics: SLOC, Cyclomatic, Halstead, ... for each file and produces a report. See the site for an example.
我们的SD源代码搜索引擎是一种交互式搜索许多计算机语言(包括PL / SQL)的大型源代码库的工具,通过其代码(标识符,数字等)预先索引源代码文件。作为预索引步骤的副作用,它为每个文件计算标准度量标准:SLOC,Cyclomatic,Halstead,...并生成报告。请参阅网站以获取示例。
Our SD CloneDR is a tool for analyzing large code bases for redundant code. We've applied it to PL/SQL, and have seen something like 45% of the code involved in clones. YMMV. The CloneDR works with a large variet of langauges; see the site for sample clone detection runs on some of those other langauges.
我们的SD CloneDR是一种用于分析冗余代码的大型代码库的工具。我们已将它应用于PL / SQL,并且已经看到克隆中涉及45%的代码。因人而异。 CloneDR适用于各种各样的语言;在某些其他语言中查看用于样本克隆检测的站点。
EDIT 10/4/2010:
编辑10/4/2010:
Our Source Code Search Engine is designed to enable very fast searches across large codes of mixed languages. It succeeds by preindexing the source code. As a side effect of the indexing step, it compute a variety of metrics including Cyclomatic and Halstead measures of complexity.
我们的源代码搜索引擎旨在实现跨大型混合语言代码的快速搜索。它通过预编索源代码成功。作为索引步骤的副作用,它计算各种指标,包括Cyclomatic和Halstead复杂度量。
Just added: not a static analysis tool, but one generally of interest to people interested software quality: our TestCoverage for PLSQL stored procedures.
刚补充说:不是一个静态分析工具,而是一个人们对软件质量感兴趣的人:我们的TestCoverage for PLSQL存储过程。
#8
1
Not that I'm aware of. Regardng PL/SQL, since Oracle doesn't expose much of their PL/SQL compilation engine its hard to find tool support.
不是我知道的。 Regardng PL / SQL,因为Oracle没有公开他们的PL / SQL编译引擎,很难找到工具支持。
The most I've been able to do is to query the data dictionary to do things like map the package dependencies.
我能做的最多的事情就是查询数据字典来做一些映射包依赖关系的事情。
#9
0
As a followup on the post for T-SQL; VS2010 and VS2008 database development editions come with build-in static analysis rules. These are user extensible, i.e. you can write your own analysis rules in a .net language. The open-source project Neznayka comes with an initial set of 22 rules, and forms a useful base for you to start contributing your own.
作为T-SQL帖子的后续内容; VS2010和VS2008数据库开发版本附带内置静态分析规则。这些是用户可扩展的,即您可以用.net语言编写自己的分析规则。开源项目Neznayka附带了一套最初的22条规则,为您开始贡献自己的规则提供了有用的基础。
Admittedly you have to fork out for Visual Studio and be prepared to develop db code using VS projects, but the recent releases of SSDT as a plug-in for SSMS raises the prospect that Microsoft may, if it has the will-power to do so, allow user-written rules to be distributed to environments that use MS SQL projects 'for free' to develop database code.
不可否认,你必须为Visual Studio做好准备,并准备使用VS项目开发db代码,但最近发布的SSDT作为SSMS的插件提出了微软可能的前景,如果它有这样做的意愿,允许将用户编写的规则分发到使用MS SQL项目“免费”开发数据库代码的环境。
The link for Neznayka.
Neznayka的链接。
Or search the web.
或者搜索网络。