Skip to main content
To KTH's start page

New tool reduces static Java code violations

Photo: Markus Spiske, Unsplash
Published Mar 15, 2023

SORALD fixes rule violations raised by SonarQube, one of the most popular static code analysers used by developers.

A new repair tool called SORALD can directly suggest solutions to violations of the ten most important rules in SonarQube, thus reducing the burden on developers from interpreting and fixing detected rule violations to simply approving the recommended solutions.

This is the main finding in a paper  recently published in IEEE Transactions on Dependable and Secure Computing by a team of researchers at KTH and the Indian Institute of Technology Bombay.

The study, led by Khashayar Etemadi, a doctoral student at KTH, shows how the resolution of issues detected by static code analysers can be made more efficient, reducing both workload and unexpected cost risks at the same time.

Overwhelming and time consuming

The tool can be a potential game changer because it solves a fundamental problem for developers.

“Developers tend to feel overwhelmed by the number of violations presented by current static analysers,” Etemadi explains.

“Many of them are also insignificant, but even if they are important, they come without any suggested solutions.”

SORALD focuses on the most severe rule violations but can make simple and useful solutions. Consequently, Etemadi explains, developers can focus on reviewing and merging patches rather than the cumbersome process of manually fixing violations.

Repair bots

To make the repair tool even more convenient for developers, Etemadi and his colleagues also developed a repair bot which can be integrated into their development workflow. This differentiates it from similar repair tools such as SpongeBugs: SORALDBOT constantly monitors changes on GitHub repositories.

Tests on 161 of the most popular repositories on GitHub, revealed more than 1300 violations of the ten Java rules SORALD considers. The repair tool subsequently presented solutions to 65 per cent of the rule violations.

“Because developers can bypass the whole process of fixing violations themselves, SORALD transforms a rule violation programme to a violation-free one,” Etemadi concludes.

SORALD is not limited to SonarQube only. It can also be used with analysers such as Spotbugs and PMD, provided there is an accurate source code position for the violation.

Study SORALD’s source code and all its relevant experimental data

Khashayar Etemadi Someoliayi
Khashayar Etemadi Someoliayi fofu-engineer

Related news

Photo: Markus Spiske, Unsplash

New tool reduces static Java code violations

SORALD fixes rule violations raised by SonarQube, one of the most popular static code analysers used by developers.

Read the article
On 6 December, Nobel laureates Emmanuelle Charpentier and Jennifer Doudna (left and right) visited the KTH campus to study Un|fold, a sound and light sculpture inspired by their work on genome editing. Pictured with professor Benoit Baudry, who led the development of the art work. Photo: Clement Morin / Nobel Prize

Campus art installation captures the richness of basic software actions

Art can be a powerful projector of breakthrough science. During the 2022 Nobel Week Lights, an annual lights festival taking place during the Nobel Week, KTH launched an artwork called un|fold, which ...

Read the article

Two days on the latest within software

The software research centre CASTOR organised its second conference on 31 August to 1 September at KTH Nymble. Software researchers, engineers, and students gathered to discuss cutting-edge technology...

Read the article
News