What is static analysis?
As the name may suggest, static analysis in the context of Java (or any programming language, actually) refers to the process of analyzing source code without running it. It is a technique that’s used to find issues, potential bugs, security vulnerabilities, and other issues in the code before it is run or compiled. Static analysis tools are used for this purpose (we’ll jump into that shortly).
There are lots of reasons to perform static analysis; let’s see some of them.
Code errors or bad practices
The first one we will show you may seem trivial, but it is the main reason we scan our code in search of problems – that is, problems in the code! Which problems? We’ll put them under the generic term of coding errors – that is, mistakes made by programmers when writing code (yes, it turns out that even programmers make mistakes – no matter how much experience they have, programmers still make mistakes. But...
