Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating stable location identifiers. One of the methods includes generating, for each relevant location in an existing file, a signature for the relevant location using at most a predetermined quantity of characters surrounding the relevant location; obtaining, for a first file that includes location information for the existing file, data that identify one or more locatable strings in the existing file and, for each locatable string, a corresponding location within the existing file; determining, for each particular location associated with a locatable string from the one or more locatable strings in the existing file, a respective corresponding signature; and generating the first file that includes, for each locatable string from the one or more locatable strings, the respective corresponding signature that uniquely identifies the relevant location on which the locatable string occurs in the existing file.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for using a snapshot manifest when storing files in a data store. One of the methods includes computing first static analysis results for a current snapshot; requesting, from a data storage system, a manifest that includes a plurality of unique identifiers that each identify a corresponding second object of second static analysis results for a previous snapshot; determining, for each first object of the first static analysis results, a unique identifier for the first object; determining, for each first object of the first static analysis results, whether the unique identifier for the first object occurs in the manifest; generating a batch of first objects having unique identifiers that do not occur in the manifest; and providing, to the data storage system, the batch of first objects having unique identifiers that do not occur in the manifest.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for providing user-specific source code alert information. One of the methods includes receiving a user identifier of a user that has previously accessed source code of a code base, and receiving source code access data that includes access metrics related to prior user access of the source code. Based on the source code access data and on source code that has previously been accessed by the user, relevant source code that has previously been accessed by other users is determined. Source code alerts are received for the code base, and a user-specific organization of alerts is provided for the user that identifies alerts for source code problems occurring in the source code, including at least one source code unit that has previously been accessed by another user.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating identifiers for tuples of recursively defined relations. One of the methods includes selecting one or more of the recursively defined relations to evaluate. Respective keys are computed for each tuple of any new tuples computed during recursive evaluation. For each key that occurs in a cache of keys, obtaining a tuple for the key from the cache and adding the obtained tuple to a new relation. For each key that does not occur in the cache of keys, generating a new identifier for the key, and adding, to a new relation for each key of each tuple of any keys that do not occur in the cache of keys for a relation, a new tuple comprising (1) elements of the tuple and (2) the new identifier for the key.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for storing data in a version control system. One of the methods includes maintaining, in a data store, a tree-structured index of files in which each leaf node stores an entry for each file in a plurality of files for a snapshot that includes a unique file identifier for the respective file; receiving a request for a particular file; generating a hash of a particular file path for the particular file; identifying, using the hash of the particular file path, a leaf node in the tree-structured index that includes an entry for the particular file; identifying, in the leaf node, an entry for the particular file path; obtaining, from the entry, the unique file identifier for the particular file in the data store; and using the unique file identifier for the particular file in response to the request.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for receiving an encrypted version of an obfuscated stack trace representing an error generated by error handling code of obfuscated code executed by a user device, the obfuscated stack trace having obfuscated code element names corresponding to deobfuscated code element names in a deobfuscated version of the code; decrypting the encrypted stack trace to generate an obfuscated stack trace; receiving an encrypted obfuscation log that maps obfuscated code element names of the obfuscated code executed by the user device to deobfuscated code element names in the deobfuscated version of the code; decrypting the encrypted obfuscation log to generate a decrypted obfuscation log; and generating a deobfuscated stack trace using the decrypted obfuscation log, the deobfuscated stack trace having deobfuscated code element names.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for performing data flow analysis using collapsed contexts. One of the methods includes obtaining data representing a plurality of software elements, wherein one or more software elements are initially designated as elements having the particular property; iteratively designating other software elements to which data of the one or more elements having the particular property flows, including: whenever the program includes multiple calls to a function, analyzing the function in a collapsed context to determine whether any argument flows to a return value of the function, and whenever any data in an argument that has the particular property according to the collapsed context flows to a return value of the function, adding each call to the function throughout the program having one argument having the particular property; and providing the set of software elements having the particular property.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating normalized analysis artifacts for a source code base. One of the methods includes receiving a request to perform an analysis of a collection of source code files in a particular file system, wherein each source code file in the particular file system has a respective associated original file path. One or more normalized analysis artifacts are generated for the collection of source code files, including applying a file path transformation function to the original file path of each source code file referenced by the analysis artifacts to generate a normalized file path for the source code file, wherein each reference in the normalized analysis artifacts to a particular source code file uses the normalized file path for the particular source code file instead of the original file path for the particular source code file.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for matching and attributing code violations. One of the methods includes receiving a plurality of snapshots of a code base, including data representing a revision graph of the snapshots of the code base and data representing respective violations in each of the plurality of snapshots. A plurality of transitively matched violations in the code base are generated, wherein each transitively matched violation represents a respective sequence of matching violations from a first violation of a first snapshot to a second violation of a second snapshot, wherein each transitively matched violation identifies a respective first violation representing an initial occurrence of a coding defect in the code base and a respective second violation representing a last occurrence of the coding defect in the code base.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for automatically classifying static analysis rules as being anomalous or not. One of the methods includes receiving alerts generated by a particular static analysis rule for a plurality of different software projects analyzed by a static analysis system. For each project, a respective alert proportion metric value is computed. Each of the plurality of different software projects is classified according to the alert proportion metric values as being one non-outlier projects or outlier projects. If more than a threshold number of projects were classified as being outlier projects for the particular static analysis rule, the particular static analysis rule is classified as an anomalous static analysis rule.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating signatures for source code elements. One of the methods includes generating a respective signature for each source code element of the plurality of source code elements, including obtaining a name of the source code element, obtaining one or more of a location of a compilation unit containing the source code element and contents of the compilation unit containing the source code element, and generating the signature including combining a first representation of the name of the source code element and one or more of a second representation of the location of the compilation unit and a third representation of the contents of the compilation unit containing the source code element, wherein at least two of the plurality of source code elements have a same name and different respective signatures.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for designating developers as having a particular skill. One of the methods includes obtaining a reference collection of snapshots for a code base, wherein each snapshot comprises a representation of source code of the code base at a particular time, each snapshot being associated with a particular developer of a plurality of developers of the code base. A plurality of metrics for each developer that committed at least one snapshot to the reference collection of snapshots is computed. Respective values of the plurality of metrics are partitioned into a plurality of respective partitions, and each of the plurality of developers are assigned to one of the plurality of partitions for each of the plurality of metrics. Developers in one or more top-ranked partitions are designated as developers having a particular skill.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for attributing external dependencies in a software project. One of the methods includes receiving data representing a child snapshot and a parent snapshot in a revision graph of a software project. One or more pairs of matching source code files is identified, and for each pair having a first file and second file, a first count of external dependencies on an external dependency target in the first file and a second count of external dependencies on the external dependency target in the second file are computed. If the first count is different than the second count, an introduction or a removal of one or more external dependencies on the external dependency target in the second file of the pair of matching source code files is attributed to an author of the child snapshot.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for evaluating source code developers. One of the methods includes receiving, from a user, a request for a user interface presentation representing an overall performance metric versus a second metric attributed to each responsible entity of a plurality of responsible entities that contributed source code to a project. A user interface presentation is generated, wherein each responsible entity is represented by a graphical element at a position in a display area, the position of the element having one coordinate corresponding to the first measure of the overall contributions contributed by the responsible entity and another coordinate corresponding to the second measure of the second metric attributed to the responsible entity.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for assigning levels of priority to selected source code functions. One of the methods includes for each selected function, a respective associated first set of functions reachable from the selected function by at most N steps, and a respective associated second set of functions that are each reachable from the selected function by more than N steps and less than M steps are computed. A first partition having all selected functions whose respective associated first set of functions has at least one of the subject functions is computed. A second partition having selected functions not in the first partition and whose respective associated second set of functions has at least one of the subject functions is computed. Selected functions belonging to the first partition are assigned a higher priority than selected functions belonging to the second partition.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for aggregating source code metric values. One of the methods includes obtaining data representing a directed graph, wherein one or more nodes of the graph are associated with a respective set of one or more metric instances, wherein each set of metric instances for each node includes all metric instances occurring in sets of any node descendant from the node in the graph, wherein each metric instance identifies a location in a source code base, and wherein each metric instance has a respective metric value, a respective identifier, and a respective attribute type. An attribute value is computed for a first node in the graph from the respective metric value of each metric instance in a first set of metric instances associated with the first node.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for generating stable location identifiers. One of the methods includes generating, for each relevant location in an existing file, a signature for the relevant location using at most a predetermined quantity of characters surrounding the relevant location; obtaining, for a first file that includes location information for the existing file, data that identify one or more locatable strings in the existing file and, for each locatable string, a corresponding location within the existing file; determining, for each particular location associated with a locatable string from the one or more locatable strings in the existing file, a respective corresponding signature; and generating the first file that includes, for each locatable string from the one or more locatable strings, the respective corresponding signature that uniquely identifies the relevant location on which the locatable string occurs in the existing file.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for implementing algebraic data types in database query languages. One of the methods includes receiving an expression in a database query language, the expression having a programming language construct representing an algebraic data type, wherein the expression specifies two or more alternative subtypes. Respective domain relations are generated using definitions of each of the alternative subtypes within the expression. Unique domain identifiers are assigned among domain tuples belonging to each alternative subtype. A union relation is generated for the algebraic data type. Unique union identifiers are assigned for union tuples belonging to the union relation. Respective injector relations are generated for each of the alternative subtypes.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for using an imports scanner to maintain a compilation cache. One of the methods includes receiving an original set of source code files to be compiled for a compilation target. Each file in in the original set having an entry point is added to a reduced set of source code files. Each unscanned file in the reduced set of source code files is scanned for import statements until no unscanned files in the reduced set of source code remain. Each file identified by an import statement is added to the reduced set of source code files. If the reduced set of files is not represented by an entry in a compilation cache, the compilation target is generated using only the reduced set of source code files instead of the original set of source code files.

Abstract: Methods for reducing storage and performing static analysis on violations across code base revisions are disclosed. An example method begins with receiving a child snapshot representing a code base at a specific revision. A parent snapshot is identified. Then, canonical representations for violations representing coding defects in the parent and child snapshots are computed. An example method determines matching violations between the snapshots, unmatched parent violations, and unmatched child violations. For matching violations that have different canonical representations, a mapping between the parent snapshot violation and the child snapshot violation is stored using their respective canonical representations. For unmatched parent violations, each violation's canonical representation is stored with an indication that the violation has been eliminated from the child snapshot.