mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

9.3K
active users

#staticanalysis

0 posts0 participants0 posts today
Ross Spencer<p><b></b></p><p><strong><b>Published: Fractal in detail: What information is in a file format identification report?</b></strong></p><p><br>by <a rel="nofollow noopener" class="u-url mention" href="https://digipres.club/@beet_keeper" target="_blank">@beet_keeper</a></p><p>In early 2022, I was finally able to get around to writing a paper that I had been thinking about for the better part of a decade. The paper, “Fractal in Detail: What Information Is in a File Format Identification Report?” was published via Code4Lib and examines the information that can be extracted from a file format identification report, e.g., reports such as those output from digital preservation tools like Siegfried and DROID.</p><p>I provide a brief summary of the paper and its contents below.</p> <a href="https://exponentialdecay.co.uk/blog/published-fractal-in-detail-what-information-is-in-a-file-format-identification-report/" class="" rel="nofollow noopener" target="_blank">Continue reading<span class=""> “Published: Fractal in detail: What information is in a file format identification report?”</span>…</a> <p class=""><i></i> </p> <p><a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/code4lib/" target="_blank">#Code4Lib</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/digipres/" target="_blank">#digipres</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/digital-preservation/" target="_blank">#DigitalPreservation</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/droid/" target="_blank">#DROID</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/file-format-identification/" target="_blank">#FileFormatIdentification</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/file-formats/" target="_blank">#FileFormats</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/format-identification/" target="_blank">#formatIdentification</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/linting/" target="_blank">#Linting</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/metadata/" target="_blank">#Metadata</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/preservation-metadata/" target="_blank">#PreservationMetadata</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/pronom/" target="_blank">#PRONOM</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/puid/" target="_blank">#PUID</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/puids/" target="_blank">#PUIDS</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/siegfried/" target="_blank">#siegfried</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/static-analysis/" target="_blank">#StaticAnalysis</a> <a rel="nofollow noopener" class="hashtag u-tag u-category" href="https://exponentialdecay.co.uk/blog/tag/technical-metadata/" target="_blank">#TechnicalMetadata</a></p>
🚀 Несерьёзный Выдумщик 👨‍🔬<p><span>Как на счёт того, что на работу надо нанимать лишь профессионалов с должным уровнем знания языков программирования?<br>А не тех, кто считает, что этот код выведет −1.</span></p><pre><code>#include &lt;vector&gt; #include &lt;numeric&gt; #include &lt;iostream&gt; int average(const std::vector&lt;int&gt;&amp; v) { if (v.empty()) { return 0; } return std::accumulate(v.begin(), v.end(), 0) / v.size(); } int main() { std::cout &lt;&lt; average({-1,-1,-1}); }</code></pre>Если не верится, то <a href="https://godbolt.org/" rel="nofollow noopener" target="_blank">https://godbolt.org/</a><span> в помощь.<br>Будучи собрано GCC или Clang для систем x86-64 оно выведет: 1431655764.<br><br>Ирония постиронией, а вот не смешно ни разу, поскольку никакой Clang-Tidy такого не ловит. Извиняюсь за си-шный Керниган-Риччи стайл в расстановке фигурных скобок, но так компактнее<br><br></span><a href="https://shitpost.poridge.club/tags/программирование" rel="nofollow noopener" target="_blank">#программирование</a> <a href="https://shitpost.poridge.club/tags/C++" rel="nofollow noopener" target="_blank">#C++</a> <a href="https://shitpost.poridge.club/tags/С++" rel="nofollow noopener" target="_blank">#С++</a> <a href="https://shitpost.poridge.club/tags/Cpp" rel="nofollow noopener" target="_blank">#Cpp</a> <a href="https://shitpost.poridge.club/tags/programming" rel="nofollow noopener" target="_blank">#programming</a> <a href="https://shitpost.poridge.club/tags/softdev" rel="nofollow noopener" target="_blank">#softdev</a> <a href="https://shitpost.poridge.club/tags/staticanalysis" rel="nofollow noopener" target="_blank">#staticanalysis</a> <a href="https://shitpost.poridge.club/tags/ClangTidy" rel="nofollow noopener" target="_blank">#ClangTidy</a> <a href="https://mastodon.social/@russian_mastodon" class="u-url mention" rel="nofollow noopener" target="_blank">@russian_mastodon@mastodon.social</a> <a href="https://3zi.ru/@Russia" class="u-url mention" rel="nofollow noopener" target="_blank">@Russia@3zi.ru</a><p></p>
alexanderadam<p>Now <span class="h-card" translate="no"><a href="https://ruby.social/@emilysamp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>emilysamp</span></a></span> from <a href="https://ruby.social/tags/Shopify" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Shopify</span></a> speaks about one of the most controversial topics in <a href="https://ruby.social/tags/RubyProgramming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RubyProgramming</span></a>: <a href="https://ruby.social/tags/Types" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Types</span></a> (and 🍦 <span class="h-card" translate="no"><a href="https://bird.makeup/users/sorbet_ruby" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sorbet_ruby</span></a></span> for that matter).</p><p><a href="https://railsatscale.com/2025-04-23-rbs-support-for-sorbet/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">railsatscale.com/2025-04-23-rb</span><span class="invisible">s-support-for-sorbet/</span></a></p><p>Remember that you can easily generate type definitions with Tapioca:</p><p><a href="https://github.com/Shopify/tapioca" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Shopify/tapioca</span><span class="invisible"></span></a></p><p><a href="https://ruby.social/tags/brightonruby2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>brightonruby2025</span></a> <a href="https://ruby.social/tags/brightonruby" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>brightonruby</span></a> <a href="https://ruby.social/tags/types" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>types</span></a> <a href="https://ruby.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a> <a href="https://ruby.social/tags/prism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>prism</span></a> <a href="https://ruby.social/tags/sorbet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sorbet</span></a> <a href="https://ruby.social/tags/lsp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lsp</span></a> <a href="https://ruby.social/tags/RubyLSP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RubyLSP</span></a> <a href="https://ruby.social/tags/gradualtyping" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gradualtyping</span></a> <a href="https://ruby.social/tags/typesignatures" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>typesignatures</span></a> <a href="https://ruby.social/tags/tapioca" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tapioca</span></a></p>
OpenMP ARB<p>🚀 Going to ISC 2025? Join us for “GORC: A Graph Neural Network-Based Static Data Race Checker for OpenMP”<br>📅 June 12 | 🕐 13:25–13:50 | 📍 Hall F, 2nd Floor, Hamburg Congress Center</p><p>Speakers Anh Tran &amp; Ignacio Laguna unveil GORC, a novel GNN-based race checker trained on PrograML graphs.<br>GORC achieves higher recall than LLOV and handles incomplete programs, outperforming current ML-based tools.</p><p><a href="https://isc-hpc.com/program/schedule" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">isc-hpc.com/program/schedule</span><span class="invisible"></span></a></p><p><a href="https://mast.hpc.social/tags/ISC25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ISC25</span></a> <a href="https://mast.hpc.social/tags/OpenMP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenMP</span></a> <a href="https://mast.hpc.social/tags/DataRace" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataRace</span></a> <a href="https://mast.hpc.social/tags/HPC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HPC</span></a> <a href="https://mast.hpc.social/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a> <a href="https://mast.hpc.social/tags/GraphNeuralNetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GraphNeuralNetwork</span></a></p>
0xC0DEC0DE07E9<p>One static analysis tool tells me to use `lstat` and `fstat` to avoid (or at least detect) malicious replacement of a file that I `open`. Then, after doing this, my other static analysis tool complains that I’ve introduced a TOCTOU (time-of-use, time-of-check) between `lstat` and `open`.</p><p>Sure, but I’m going to detect that. Real issue I have with all of this is that there’s still a window (which I estimate to be the about the same size in both versions of this program) between creating this pseudoterminal file and the next interaction I have with it (be that pulling file stats with `lstat` or `open`ing it).<br><a href="https://hachyderm.io/tags/SemGrep" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SemGrep</span></a> <a href="https://hachyderm.io/tags/Coverity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Coverity</span></a> <a href="https://hachyderm.io/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a> <a href="https://hachyderm.io/tags/Programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Programming</span></a> <a href="https://hachyderm.io/tags/C" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>C</span></a></p>
Orhun Parmaksız 👾<p>Just found this gem for my open source projects 🔥</p><p>🌈 **zizmor** — A static analysis tool for GitHub Actions.</p><p>🛡️ Finds common security issues in your GitHub Actions workflows &amp; more!</p><p>🦀 Written in Rust!</p><p>⭐ GitHub: <a href="https://github.com/zizmorcore/zizmor" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/zizmorcore/zizmor</span><span class="invisible"></span></a></p><p><a href="https://fosstodon.org/tags/rustlang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rustlang</span></a> <a href="https://fosstodon.org/tags/github" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>github</span></a> <a href="https://fosstodon.org/tags/actions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>actions</span></a> <a href="https://fosstodon.org/tags/workflows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>workflows</span></a> <a href="https://fosstodon.org/tags/cicd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cicd</span></a> <a href="https://fosstodon.org/tags/automation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>automation</span></a> <a href="https://fosstodon.org/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a> <a href="https://fosstodon.org/tags/terminal" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>terminal</span></a></p>
jnpn<p><a href="https://cppcast.com/sonarsource-analysis/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cppcast.com/sonarsource-analys</span><span class="invisible">is/</span></a></p><p><a href="https://mastodon.social/tags/cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpp</span></a> <a href="https://mastodon.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a></p>
Jan :rust: :ferris:<p>Dylint - Run <a href="https://floss.social/tags/Rust" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Rust</span></a> lints from dynamic libraries:</p><p><a href="https://github.com/trailofbits/dylint" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/trailofbits/dylint</span><span class="invisible"></span></a></p><p>"Dylint is a Rust linting tool, similar to Clippy. But whereas <a href="https://floss.social/tags/Clippy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Clippy</span></a> runs a predetermined, static set of lints, Dylint runs <a href="https://floss.social/tags/lints" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>lints</span></a> from user-specified, dynamic libraries. Thus, Dylint allows developers to maintain their own personal lint collections."</p><p>Looks like a really cool project!</p><p><a href="https://floss.social/tags/Lint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Lint</span></a> <a href="https://floss.social/tags/RustLang" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RustLang</span></a> <a href="https://floss.social/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a> <a href="https://floss.social/tags/Compiler" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Compiler</span></a></p>
KDAB<p>Clang-tidy helps modernize C/C++ code by detecting bugs, inefficiencies &amp; outdated patterns. While setup can be tricky, it's a powerful ally for migrating large codebases to modern C++. <a href="https://techhub.social/tags/Cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cpp</span></a> <a href="https://techhub.social/tags/ClangTidy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ClangTidy</span></a> <a href="https://techhub.social/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a> <a href="https://techhub.social/tags/CodeQuality" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CodeQuality</span></a><br><a href="https://www.youtube.com/watch?v=EWq4mXjeDV8" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=EWq4mXjeDV</span><span class="invisible">8</span></a></p>
phpday<p>"Custom PHPStan Rules: Automate Standards and Save Time" will be Dave Liddament's talk at phpday25.</p><p><a href="https://phpc.social/tags/phpday25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phpday25</span></a> <a href="https://phpc.social/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a> <a href="https://phpc.social/tags/Staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Staticanalysis</span></a> <a href="https://phpc.social/tags/improvement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>improvement</span></a> <a href="https://phpc.social/tags/PHPStan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHPStan</span></a></p><p>--------<br>phpday - 22nd edition<br>The annual gathering for developers, professionals, and PHP enthusiasts.<br>The conference is powered by <span class="h-card" translate="no"><a href="https://phpc.social/@grusp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>grusp</span></a></span><br>📍Verona (Italy) | 📆 May 15-16, 2025 <br>Tickets <a href="https://bit.ly/41J6UP3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/41J6UP3</span><span class="invisible"></span></a></p>
C++Now<p>C++Now 2025 SESSION ANNOUNCEMENT: Improving Code Safety in C++ at Scale with Static Analysis by Yitzhak Mandelbaum</p><p><a href="https://schedule.cppnow.org/session/2025/improving-code-safety-in-cpp-at-scale-with-static-analysis/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">schedule.cppnow.org/session/20</span><span class="invisible">25/improving-code-safety-in-cpp-at-scale-with-static-analysis/</span></a></p><p>Register now at <a href="https://cppnow.org/registration/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">cppnow.org/registration/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/cplusplus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cplusplus</span></a> <a href="https://mastodon.social/tags/cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpp</span></a> <a href="https://mastodon.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a></p>
phpday<p>"Custom PHPStan Rules: Automate Standards and Save Time" will be Dave Liddament's talk at phpday25.</p><p><a href="https://phpc.social/tags/phpday25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phpday25</span></a> <a href="https://phpc.social/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a> <a href="https://phpc.social/tags/Staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Staticanalysis</span></a> <a href="https://phpc.social/tags/improvement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>improvement</span></a> <a href="https://phpc.social/tags/PHPStan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHPStan</span></a></p><p>--------<br>phpday - 22nd edition<br>The annual gathering for developers, professionals, and PHP enthusiasts.<br>The conference is powered by <span class="h-card" translate="no"><a href="https://phpc.social/@grusp" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>grusp</span></a></span><br>📍Verona (Italy) | 📆 May 15-16, 2025 <br>Tickets <a href="https://bit.ly/41J6UP3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/41J6UP3</span><span class="invisible"></span></a></p>
C++Now<p>C++Now 2025 SESSION ANNOUNCEMENT: Improving Code Safety in C++ at Scale with Static Analysis by Yitzhak Mandelbaum</p><p><a href="https://schedule.cppnow.org/session/2025/improving-code-safety-in-cpp-at-scale-with-static-analysis/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">schedule.cppnow.org/session/20</span><span class="invisible">25/improving-code-safety-in-cpp-at-scale-with-static-analysis/</span></a></p><p>Register now at <a href="https://cppnow.org/registration/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">cppnow.org/registration/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/cplusplus" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cplusplus</span></a> <a href="https://mastodon.social/tags/cpp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cpp</span></a> <a href="https://mastodon.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a></p>
The Dutch PHP Conference<p>🔍 New talk at Dutch PHP Conference!</p><p>Manual code reviews don’t catch everything—but static analysis tools can help detect security vulnerabilities before they become a problem.</p><p>Join Nic Wortel at DPC 2025 for:<br>🎤 "Finding Security Vulnerabilities with Static Analysis"</p><p>📅 Check the schedule: <a href="https://phpconference.nl/session/finding-security-vulnerabilities-with-static-analysis/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">phpconference.nl/session/findi</span><span class="invisible">ng-security-vulnerabilities-with-static-analysis/</span></a></p><p><a href="https://mastodon.social/tags/dpc" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dpc</span></a> <a href="https://mastodon.social/tags/php" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>php</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a> <a href="https://mastodon.social/tags/websecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>websecurity</span></a> <a href="https://mastodon.social/tags/techconference" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>techconference</span></a></p>
Mensch Antimeier<p>Almost done with level 1 in a big, partly legacy, codebase - quite some work and deleted lines of code 💦. <br>Loooking forward to level 2 and a bit of fresh air in the error messages 😁. </p><p><a href="https://chaos.social/tags/php" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>php</span></a> <a href="https://chaos.social/tags/phpstan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phpstan</span></a> <a href="https://chaos.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a></p>
The Dutch PHP Conference<p>🔄 Speaker Update! Nic Wortel replaces Tomas Votruba at <a href="https://mastodon.social/tags/DPC25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DPC25</span></a> with "Finding security vulnerabilities with static analysis". </p><p>🛡️💡 Check the schedule → <a href="https://phpconference.nl/schedule-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">phpconference.nl/schedule-2025/</span><span class="invisible"></span></a></p><p><a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/fordevelopers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fordevelopers</span></a> <a href="https://mastodon.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a></p>
markus staab<p>Thanks to my github <a href="https://phpc.social/tags/sponsors" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sponsors</span></a> I can contribute to important projects of the <a href="https://phpc.social/tags/php" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>php</span></a> ecosystem</p><p>Focused on <a href="https://phpc.social/tags/staticanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>staticanalysis</span></a> tools and type-information of widely used projects I can make everyones job easier and more efficient</p><p>Do me a favour and tell your boss to support my efforts :).</p><p>follow my efforts and writeups on <a href="https://staabm.github.io/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">staabm.github.io/</span><span class="invisible"></span></a></p>
scovl :emacs: :freebsd_logo:<p>Comparativo: PMD, Semgrep e Aider. Qual ferramenta de análise estática usar? Descubra os pontos fortes e fracos de cada uma, incluindo o poder dos LLMs no Aider. <a href="https://hachyderm.io/tags/Coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Coding</span></a> <a href="https://hachyderm.io/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a> <a href="https://hachyderm.io/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevSecOps</span></a> <a href="https://dev.to/scovl/analise-comparativa-aider-vs-pmd-vs-semgrep-34fd" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dev.to/scovl/analise-comparati</span><span class="invisible">va-aider-vs-pmd-vs-semgrep-34fd</span></a></p>
Thomas Kräftner<p>So, for a client I am evaluating whether to use <a href="https://mastodon.social/tags/PHPStan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHPStan</span></a> and/or <a href="https://mastodon.social/tags/Psalm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Psalm</span></a> for <a href="https://mastodon.social/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a> <a href="https://mastodon.social/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a> and would love everyone's opinion on this! What are you using and in particular why?</p>
InfoQ<p><a href="https://techhub.social/tags/PHPStan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHPStan</span></a>, a static analysis tool for PHP, released v 2.0!</p><p>This release introduces new features and improvements that enhance code analysis, performance, and user experience.</p><p>Read more details on <a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoQ</span></a> 👉 <a href="https://bit.ly/3P76Xyt" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/3P76Xyt</span><span class="invisible"></span></a> </p><p><a href="https://techhub.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://techhub.social/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a> <a href="https://techhub.social/tags/StaticAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticAnalysis</span></a></p>