STATIC CODE ANALYSIS TOOLS: A SYSTEMATIC LITERATURE REVIEW.

Static code analysis tools are being increasingly used to improve code quality. Such tools can statically analyze the code to find bugs, security vulnerabilities, security spots, duplications, and code smell. The quality of the source code is a key factor in any software product and requires constant inspection and supervision. Static code analysis is a valid way to infer the behavior of a program without executing it. Many tools allow static analysis in different frameworks, for different programming languages, and for detecting different defects in the source code. Still, a small number of tools provide support for domain-specific languages. This paper aims to present a systematic literature review focusing on the most frequently used static code analysis tools and on classifying the presented tools according to the supported both generalpurpose and domain-specific programming languages and the types of defects a specific tool can detect. [ABSTRACT FROM AUTHOR]