Confirm, emeritus
419
edits
Changes
no edit summary
** Chrome never evals a content-tainted string.
** C++ never snprintfs using a content-tainted string.
* Enforce correct API usage:** SpiderMonkey Exact-GC safety bugs.** "Not stored in the heap" pointer dataflow analysis.* Dataflow enforcement of correct API usage (CQual++):
** String character set encoding mistakes.
** Unit (twips vs. pixels) checking for layout.
* Measure code complexityCode metrics, to compare to similar open source projects:
** Virtual method declaration and call populations.
** Cohesion, coupling, other modularity measures.
