Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
SonarQube Should I stay or should I go ? Jérémie Fays – 3 June 2015
Stay if you want to hear… •  What is SonarQube ? •  What is available at Interface ?
SonarWhat ? Developers –  Maintenability –  Good programming practises –  Bugs Tech transfer –  Info on software maturity ...
Sonar not what ! What it doesn’t do : •  Performance analysis (memory, CPU) •  Conformity to requirements specifications • ...
SonarWhat ? Open source (LGPL v3) Developped by a Swiss company : SonarSource Used by major companies (Thales, Cisco, Siem...
Supported languages Free –  Java / groovy –  Python –  Web –  Android –  C++ Commercial –  C/C++/objective C –  Visual Bas...
Ulg softwares
SonarQube
Basic metrics : LOC •  LOC = Lines of Code •  Useful for reporting •  Sometimes used in software valuation (Cocomo II)
Complexity = number of ways to run through code In practise : if, while, for… à +1 Guide value : complexity /function sho...
Code duplication Code blocks duplicated ? Make it a function ! Guide value : no
Comments Comments help maintenance and transferability Guide value : 20-40%, but very variable
Code coverage Percentage of code covered by unit tests Guide value : >80%
Issues •  Possible bugs •  Security issues •  Coding rules / style •  Show « magic numbers » Guide value : no blocker or c...
Example
Technical debt = effort needed to solve all « code quality » issues Guide value : no.
SonarQube, in short •  A set of « quality » metrics •  Better use : day-to-day …or even continuous integration !
Situation at Interface
A continuous improvement •  Software protection and licenses http://www.interface.ulg.ac.be/docs/Researchers_Guide.pdf Fos...
Our SonarQube instance Samba Script
SonarQube : our services •  Snapshot analysis –  A first contact with SonarQube •  Preparation for a transfer –  Before a t...
Future Continuous integration with Jenkins ?
Conclusions •  SonarQube is useful for : –  Short term quality mission –  Day-to-day use (up to continuous integration) • ...
Thanks ! Jérémie Fays j.fays@ulg.ac.be +32 4 349 85 21 www.linkedin.com/in/jeremiefays
Upcoming SlideShare
Loading in …5
×
Software
3,218 views
Jun. 03, 2015

SonarQube - Should I Stay or Should I Go ?

...by Jérémie Fays, 3 june 2015.

Ever considered monitoring your code quality ? SonarQube is certainly a good candidate for that, and an open source one ! This presentation explains shortly the metrics you can track using SonarQube, and how it has been implemented at the University of Liege TTO.

Related Books

Free with a 30 day trial from Scribd

See all
Tubes: A Journey to the Center of the Internet Andrew Blum
(4/5)
Free
Emergence: The Connected Lives of Ants, Brains, Cities, and Software Steven Johnson
(4/5)
Free
The Impulse Economy: Understanding Mobile Shoppers and What Makes Them Buy Gary Schwartz
(4.5/5)
Free
An Army of Davids: How Markets and Technology Empower Ordinary People to Beat Big Media, Big Government, and Other Goliaths Glenn Reynolds
(4/5)
Free
World Wide Mind: The Coming Integration of Humanity, Machines, and the Internet Michael Chorost
(4/5)
Free
In the Plex: How Google Thinks, Works, and Shapes Our Lives Steven Levy
(4.5/5)
Free
Hamlet's BlackBerry: A Practical Philosophy for Building a Good Life in the Digital Age William Powers
(4/5)
Free
Talking Back to Facebook: The Common Sense Guide to Raising Kids in the Digital Age James P. Steyer
(4.5/5)
Free
The Thank You Economy Gary Vaynerchuk
(4/5)
Free
Socialnomics: How Social Media Transforms the Way We Live and Do Business Erik Qualman
(3/5)
Free
Public Parts: How Sharing in the Digital Age Improves the Way We Work and Live Jeff Jarvis
(3.5/5)
Free
The Nature of the Future: Dispatches from the Socialstructed World Marina Gorbis
(4/5)
Free
Blog Schmog: The Truth About What Blogs Can (and Can't) Do for Your Business Robert W. Bly
(4/5)
Free
The End of Business As Usual: Rewire the Way You Work to Succeed in the Consumer Revolution Brian Solis
(5/5)
Free
101 Awesome Builds: Minecraft®™ Secrets from the World's Greatest Crafters Triumph Books
(4.5/5)
Free
How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life J. J. Luna
(4/5)
Free

Related Audiobooks

Free with a 30 day trial from Scribd

See all
Cognitive Surplus: Creativity and Generosity in a Connected Age Clay Shirky
(3.5/5)
Free
So You Want to Start a Podcast: Finding Your Voice, Telling Your Story, and Building a Community that Will Listen Kristen Meinzer
(4.5/5)
Free
The New New Thing: A Silicon Valley Story Michael Lewis
(4.5/5)
Free
Ten Arguments for Deleting Your Social Media Accounts Right Now Jaron Lanier
(4/5)
Free
Everybody Lies: Big Data, New Data, and What the Internet Can Tell Us About Who We Really Are Seth Stephens-Davidowitz
(4.5/5)
Free
An Introduction to Information Theory: Symbols, Signals and Noise John R. Pierce
(4.5/5)
Free
Kill All Normies: Online Culture Wars From 4Chan And Tumblr To Trump And The Alt-Right Angela Nagle
(4/5)
Free
The Art of Social Media: Power Tips for Power Users Guy Kawasaki
(4/5)
Free
The Dark Net: Inside the Digital Underworld Jamie Bartlett
(3.5/5)
Free
Alone Together: Why We Expect More from Technology and Less from Each Other Sherry Turkle
(4/5)
Free
The Death of Expertise: The Campaign Against Established Knowledge and Why it Matters Tom Nichols
(4.5/5)
Free
Algorithms to Live By: The Computer Science of Human Decisions Brian Christian
(4.5/5)
Free
New Dark Age: Technology and the End of the Future James Bridle
(4.5/5)
Free
The Emperor's New Mind: Concerning Computers, Minds, and the Laws of Physics Roger Penrose
(4/5)
Free
Blockchain Revolution: How the Technology Behind Bitcoin Is Changing Money, Business, and the World Don Tapscott
(4/5)
Free
Everybody Has a Podcast (Except You): A How-To Guide from the First Family of Podcasting Justin McElroy
(5/5)
Free
no profile picture user

  • Be the first to comment

SonarQube - Should I Stay or Should I Go ?

  1. 1. SonarQube Should I stay or should I go ? Jérémie Fays – 3 June 2015
  2. 2. Stay if you want to hear… •  What is SonarQube ? •  What is available at Interface ?
  3. 3. SonarWhat ? Developers –  Maintenability –  Good programming practises –  Bugs Tech transfer –  Info on software maturity –  Better valuation –  Preparation for a due diligence (Technical Debt) Static code analysis
  4. 4. Sonar not what ! What it doesn’t do : •  Performance analysis (memory, CPU) •  Conformity to requirements specifications •  Expertise on architecture and technological choices
  5. 5. SonarWhat ? Open source (LGPL v3) Developped by a Swiss company : SonarSource Used by major companies (Thales, Cisco, Siemens, Adobe, Tom-Tom…) Supports more than 20 programming languages
  6. 6. Supported languages Free –  Java / groovy –  Python –  Web –  Android –  C++ Commercial –  C/C++/objective C –  Visual Basic –  COBOL –  Swift Not supported –  Fortran –  Matlab –  R –  Pascal
  7. 7. Ulg softwares
  8. 8. SonarQube
  9. 9. Basic metrics : LOC •  LOC = Lines of Code •  Useful for reporting •  Sometimes used in software valuation (Cocomo II)
  10. 10. Complexity = number of ways to run through code In practise : if, while, for… à +1 Guide value : complexity /function should be less than 8.
  11. 11. Code duplication Code blocks duplicated ? Make it a function ! Guide value : no
  12. 12. Comments Comments help maintenance and transferability Guide value : 20-40%, but very variable
  13. 13. Code coverage Percentage of code covered by unit tests Guide value : >80%
  14. 14. Issues •  Possible bugs •  Security issues •  Coding rules / style •  Show « magic numbers » Guide value : no blocker or critical errors.
  15. 15. Example
  16. 16. Technical debt = effort needed to solve all « code quality » issues Guide value : no.
  17. 17. SonarQube, in short •  A set of « quality » metrics •  Better use : day-to-day …or even continuous integration !
  18. 18. Situation at Interface
  19. 19. A continuous improvement •  Software protection and licenses http://www.interface.ulg.ac.be/docs/Researchers_Guide.pdf Fossology installed and running •  Software quality http://www.interface.ulg.ac.be/docs/Metriques-qualite-logiciel.pdf SonarQube installed and running + C/C++ commercial plugin
  20. 20. Our SonarQube instance Samba Script
  21. 21. SonarQube : our services •  Snapshot analysis –  A first contact with SonarQube •  Preparation for a transfer –  Before a tech transfer (license or spin-off) –  Before opening the code •  Operational use –  Day-to-day use of our SonarQube instance
  22. 22. Future Continuous integration with Jenkins ?
  23. 23. Conclusions •  SonarQube is useful for : –  Short term quality mission –  Day-to-day use (up to continuous integration) •  A SonarQube instance is available at ITF : –  Commercial C/C++ plugin installed –  One shot analysis –  Account creation for day-to-day use è Contact me !
  24. 24. Thanks ! Jérémie Fays j.fays@ulg.ac.be +32 4 349 85 21 www.linkedin.com/in/jeremiefays

×