Alert Type Frequency Assessment of Open-Source Static Analysis Tools and Codebases

Svoboda, David; Klieber, William; Flynn, Lori

doi:10.5281/zenodo.7958183

Published June 9, 2023 | Version 1.0.0

Dataset Open

Alert Type Frequency Assessment of Open-Source Static Analysis Tools and Codebases

1. CERT, Software Engineering Institute

This includes all data needed to replicate and validate our frequency analysis of static analysis (SA) alerts produced using open-source SA tools on several OSS codebases. It includes instructions how to get and run the SA tools, a Dockerfile to conveniently get and use the SA tools, raw SA tool output, some python scripts to parse that output, parsed SA data and aggregate analyses, and SA data augmented with CERT coding rule and CWE data.

The SA tools used:

clang-tidy version 15.07
cppcheck version 2.9
CERT Rosecheckers

The codebases analyzed:

zeek version 5.1.1
git version 2.39.0
dos2unix version 7.4.3

Files

dataset.for.SA.alerts.frequency.analysis.v2.zip

Files (66.2 MB)

Name	Size	Download all
dataset.for.SA.alerts.frequency.analysis.v2.zip md5:f7268aa896b3ab26efbe4c367afda755	66.2 MB	Preview Download

351

Views

Downloads

Show more details

	All versions	This version
Views	351	351
Downloads	64	64
Data volume	4.4 GB	4.4 GB

More info on how stats are collected....

DOI

Resource type

Dataset

Publisher

Zenodo

Languages

English

License: Creative Commons Attribution 4.0 International

The Creative Commons Attribution license allows re-distribution and re-use of a licensed work on the condition that the creator is appropriately credited. Read more

Technical metadata

Created: June 9, 2023
Modified: June 11, 2023

Alert Type Frequency Assessment of Open-Source Static Analysis Tools and Codebases

Authors/Creators

Description

Files

dataset.for.SA.alerts.frequency.analysis.v2.zip

Files (66.2 MB)