Sonar Overview

12,781 views

Published on

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
12,781
On SlideShare
0
From Embeds
0
Number of Embeds
21
Actions
Shares
0
Downloads
696
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Sonar Overview

  1. 1. Do Great Code! Samuel Langlois, 17-Jan-2013
  2. 2. Sonar• A platform to manage code quality• Free, open source, LGPL, web-based portal• Backed by• Aggregates well-known tools – Static analysis (PMD, findbugs, Checkstyle) – Duplicate code (Squid, CPD) – Code coverage (Cobertura, JaCoCo) (name change soon?)
  3. 3. Sonar @ Alfresco• http://sonar.alfresco.com• Open access, LDAP authentication coming• Contains the following projects: – Enterprise HEAD (Maven build) – CLOUD1 (Maven build) – Benchmark – Android SDK and App – …
  4. 4. Sonar portal
  5. 5. Sonar – Basic statistics
  6. 6. Drilling down• Whole project – Project/module • Java package – Java class
  7. 7. Sonar – Duplications
  8. 8. Sonar – Package tangle
  9. 9. Sonar - Coverage
  10. 10. Clouds
  11. 11. Sonar - Violations
  12. 12. Violation examples• Impossible cast
  13. 13. Violation examples• Dead store
  14. 14. Violation examples• Dead store
  15. 15. Violation examples• Redundant nullcheck
  16. 16. Violation examples• Empty if statement
  17. 17. Managing violations• For each violation you can – Comment – Change its severity – Declare it as a false-positive – Assign it to someone – Assign it to an action plan
  18. 18. Time machine
  19. 19. Technical debt• Term coined by Ward Cunningham in 1992• Work that needs done before a job is complete • Unwritten tests • Bad design and architecture • Duplicated code • …• The higher you wait to fix, the more expensive it becomes
  20. 20. SQALE• Based on ISO 9126 Quality Model• Computes a Technical Debt, measured in days
  21. 21. Code quality“A well-written program is a program wherethe cost of implementing a feature isconstant throughout the programs lifetime.”
  22. 22. What now?• What to start with? – Improving test coverage? – Removing duplicate code? – Checking violations? – …• Where to start? – Most critical projects? – Most « buggy » projects? – Voluntary teams? – … Try it and tell me!

×