SONARQUBE-BASED STATIC CODE ANALYSIS OF AN ONLINE BOOKSTORE WEB APPLICATION
DOI:
https://doi.org/10.24867/25OI03KozmaKeywords:
Web Application, Static Code Analysis, SonarQube, MERN stackAbstract
This paper represents the results of a conducted SonarQube-based static code analysis of an online bookstore web application. The static code analysis was performed using SonarQube, while the web application was developed using the MERN technology stack. The results of the static code analysis are systematically presented and a a description of a potential solution for each problem detected in the source code is presented. is also attached. Finally, conclusions were drawn on the topic of conducted static code analysis using SonarQube, and further directions for the development, maintenance, and upgrading of this information system were proposed.
References
[1] N. Kozma, „Projektovanje informacionog sistema za podršku poslovanja prodavnice knjiga,“ Fakultet tehničkih nauka, Univerzitet u Novom Sadu, Novi Sad, Republika Srbija, 2021.
[2] M. Beller, R. Bholanath, S. McIntosh i A. Zaidman, „Analyzing the State of Static Analysis: A Large-Scale Evaluation in Open Source Software,“ u 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering, Suita, Osaka, Japan, 2016.
[3] Y. Kadam, A. Goplani, S. Mattoo, S. K. Gupta, D. Amrutkar i J. Dhanke, „Introduction to MERN Stack & Comparison with Previous Technologies,“ European Chemical Bulletin, t. 12, br. 4, pp. 14382-14386, 2023.
[4] Ž. Aleksić, „Statička analiza koda zasnovana na upotrebi Roslyn kompajlera,“ Zbornik radova Fakulteta tehničkih nauka, t. 34, br. 01, 2018.
[5] D. Stefanović, D. Nikolić, D. Dakić, I. Spasojević i S. Ristić, „Static Code Analysis Tools: A Systematic Literature Review,“ U 31st Daaam International Symposium On Intelligent Manufacturing And Automation, Vienna, Austria, 2020.
[6] „SonarQube Documentation,“ [На мрежи]. Available: https://docs.sonarqube.org/latest/. [Последњи приступ 22. 6. 2023.].
[7] „Languages - Overview,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/analyzing-source-code/languages/overview/. [Poslednji pristup 22. 6. 2023.].
[8] K. Dissanayake, „SonarQube (Part 2) — Features of SonarQube, Installation and some practice on SonarQube,“ [Na mreži]. Available: https://medium.com/swlh/sonarqube-part-2-features-of-sonarqube-installation-and-some-practice-on-sonarqube-d523ae9a998a. [Poslednji pristup 22. 6. 2023.].
[9] „User Guide - Rules,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/user-guide/rules/overview/. [Poslednji pristup 22. 6. 2023.].
[10] N. Subić, „Implementacija mobilne aplikacije Travelimg pomoću React Native radnog okvira,“ Zbornik radova Fakulteta tehničkih nauka u Novom Sadu, t. 34, p. 4, 2019.
[11] „Redux Fundamentals, Part 3: State, Actions, and Reducers,“ 23. 4. 2023.. [Na mreži]. Available: https://redux.js.org/tutorials/fundamentals/part-3-state-actions-reducers. [Poslednji pristup 8. 9. 2023.].
[12] S. Sahran, F. A. Goni i M. Mukhtar, „ERP Implementation Challenges in Small and Medium Enterprise: A Framework and Case Study,“ Advanced Materials Research, pp. 1636-1639, 2010.
[13] Q. Chen i F. He, „Towards a Resource-based Integration Strategy of E-Commerce,“ u EEE 2009 International Conference on Management and Service Science (MASS), Beijing, China , 2009.
[14] Edpresso Team, „Educative,“ [Na mreži]. Available: https://www.educative.io/edpresso/what-is-mern-stack. [Poslednji pristup 17. 8. 2023.].
[15] Bhavyaa, S. Gupta i M. Vaishali, „Comprehensive Study of MERN Stack - Architecture, Popularity and Future Scope,“ International Journal of Scientific Research in Computer Science Engineering and Information Technology, t. 7, br. 6, pp. 236-240, 2021.
[16] A. Moller i M. I. Schwartzbach, Static Program Analysis, Aarhus, Denmark: Department of Computer Science, Aarhus University, Denmark, 2023.
[17] „Learn about Sonar's values, history and leadership,“ [Na mreži]. Available: https://www.sonarsource.com/company/about/. [Poslednji pristup 22. 6. 2023.].
[18] „Analyzing source code - Overview,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/analyzing-source-code/overview/. [Poslednji pristup 13. 6. 2023.].
[19] S. Malloy, „An introduction on using SonarQube,“ CREST DATA SYSTEMS, [Na mreži]. Available: https://www.crestdatasys.com/blogs/an-introduction-on-using-sonarqube/. [Poslednji pristup 12. 6. 2023.].
[20] „User Guide - Issues,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/user-guide/issues/. [Poslednji pristup 24. 6. 2023.].
[2] M. Beller, R. Bholanath, S. McIntosh i A. Zaidman, „Analyzing the State of Static Analysis: A Large-Scale Evaluation in Open Source Software,“ u 2016 IEEE 23rd International Conference on Software Analysis, Evolution, and Reengineering, Suita, Osaka, Japan, 2016.
[3] Y. Kadam, A. Goplani, S. Mattoo, S. K. Gupta, D. Amrutkar i J. Dhanke, „Introduction to MERN Stack & Comparison with Previous Technologies,“ European Chemical Bulletin, t. 12, br. 4, pp. 14382-14386, 2023.
[4] Ž. Aleksić, „Statička analiza koda zasnovana na upotrebi Roslyn kompajlera,“ Zbornik radova Fakulteta tehničkih nauka, t. 34, br. 01, 2018.
[5] D. Stefanović, D. Nikolić, D. Dakić, I. Spasojević i S. Ristić, „Static Code Analysis Tools: A Systematic Literature Review,“ U 31st Daaam International Symposium On Intelligent Manufacturing And Automation, Vienna, Austria, 2020.
[6] „SonarQube Documentation,“ [На мрежи]. Available: https://docs.sonarqube.org/latest/. [Последњи приступ 22. 6. 2023.].
[7] „Languages - Overview,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/analyzing-source-code/languages/overview/. [Poslednji pristup 22. 6. 2023.].
[8] K. Dissanayake, „SonarQube (Part 2) — Features of SonarQube, Installation and some practice on SonarQube,“ [Na mreži]. Available: https://medium.com/swlh/sonarqube-part-2-features-of-sonarqube-installation-and-some-practice-on-sonarqube-d523ae9a998a. [Poslednji pristup 22. 6. 2023.].
[9] „User Guide - Rules,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/user-guide/rules/overview/. [Poslednji pristup 22. 6. 2023.].
[10] N. Subić, „Implementacija mobilne aplikacije Travelimg pomoću React Native radnog okvira,“ Zbornik radova Fakulteta tehničkih nauka u Novom Sadu, t. 34, p. 4, 2019.
[11] „Redux Fundamentals, Part 3: State, Actions, and Reducers,“ 23. 4. 2023.. [Na mreži]. Available: https://redux.js.org/tutorials/fundamentals/part-3-state-actions-reducers. [Poslednji pristup 8. 9. 2023.].
[12] S. Sahran, F. A. Goni i M. Mukhtar, „ERP Implementation Challenges in Small and Medium Enterprise: A Framework and Case Study,“ Advanced Materials Research, pp. 1636-1639, 2010.
[13] Q. Chen i F. He, „Towards a Resource-based Integration Strategy of E-Commerce,“ u EEE 2009 International Conference on Management and Service Science (MASS), Beijing, China , 2009.
[14] Edpresso Team, „Educative,“ [Na mreži]. Available: https://www.educative.io/edpresso/what-is-mern-stack. [Poslednji pristup 17. 8. 2023.].
[15] Bhavyaa, S. Gupta i M. Vaishali, „Comprehensive Study of MERN Stack - Architecture, Popularity and Future Scope,“ International Journal of Scientific Research in Computer Science Engineering and Information Technology, t. 7, br. 6, pp. 236-240, 2021.
[16] A. Moller i M. I. Schwartzbach, Static Program Analysis, Aarhus, Denmark: Department of Computer Science, Aarhus University, Denmark, 2023.
[17] „Learn about Sonar's values, history and leadership,“ [Na mreži]. Available: https://www.sonarsource.com/company/about/. [Poslednji pristup 22. 6. 2023.].
[18] „Analyzing source code - Overview,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/analyzing-source-code/overview/. [Poslednji pristup 13. 6. 2023.].
[19] S. Malloy, „An introduction on using SonarQube,“ CREST DATA SYSTEMS, [Na mreži]. Available: https://www.crestdatasys.com/blogs/an-introduction-on-using-sonarqube/. [Poslednji pristup 12. 6. 2023.].
[20] „User Guide - Issues,“ [Na mreži]. Available: https://docs.sonarqube.org/latest/user-guide/issues/. [Poslednji pristup 24. 6. 2023.].
Downloads
Published
2024-01-04
Issue
Section
Information Systems Engineering
