Tony/Susan Having written two such 'system auditors' I can tell you from experience that it's not that easy to do a good source analysis.
The problem is that every system is different, adopts different standards, use different tools, are often very incomplete, and most include lots of bad links, obsolete code, multiple versions of the same program in different source files and the like. [on to the predictable ad..] Which is why mvScan was designed as a navigation and parsing tool. It scans through a system in a defined order running various 'plug-ins' at each stage. The provided plugins do source code (and object code) analysis, build impact maps of all calls, file opens/reads/writes from BASIC, PROC etc, SUBR() calls, dictionary translations, executed commands (from BASIC, Menus, paragraphs, PROCs), where things are cataloged, common block and include file usage - all that standard stuff. But it also allows you to write custom plugins to pick up site-specific functionality. For example, you might have a generic file opener function that it needs to pick up on. Or you may have custom headers to your programs, or use a precompiler that handles includes and definitions. If you use a 4GL like uvCase or SB+, you might need to include the tool definitions. So the parser has to be very flexible to individual needs. You also have to recognize that static analysis only goes so far. It can't parse relations that are derived at run time. The original auditor I wrote supported trigger insertion - automatically changing source code to replace reads/writes/opens/executes with functions that would capture and log information in real time as the system ran. mvScan doesn't - that approach is too dangerous unless done under controlled conditions. Instead, it uses an autodoc approach in which you are encouraged to 'fill in the gaps' yourselves with special documentary comments in the source code. So the whole becomes an iterative process that will lead to a better understood and documented system. Brian Susan Lynch wrote: > Tony, there are a number of things that a source code analyzer can do > that would be very helpful if you found yourself coming into a > company as a consultant or as a new employee and they had no > technical documentation: ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
