There are two types of software engineers - ones who care about static analysis warnings and the ones who don't. This talk shall target both audiences by helping the former be more efficient in their work and the latter by helping them remain oblivious and delegate their work to a responsible software bot.
We present a tool called Sorald (academic reference: https://ieeexplore.ieee.org/document/9756950), the first software bot to apply AST transformation that automates the task of fixing SonarQube violations. It is built on top of an Eclipse project - Repairnator. It continuously monitors commits on specified GitHub repositories and submits a patch to fix a detected static analysis violation via pull request. The developer can then review and merge it into their codebase. Thus, relieving developers of the burden of interpreting and fixing those warnings.
Our talk consists of three parts:
- Presenting the design and workflow of Sorald,
- A short demonstration of Sorald's prowess,
- Testimonials from maintainers who have received Sorald's suggestions.