Uploaded bygaudol
PDF, PPTX2,358 views

Continuous inspection with Sonar

This document summarizes a presentation about continuous inspection and reducing technical debt in software development. It discusses the "7 deadly sins" that can accumulate technical debt, such as duplications, lack of testing, and complexity. It introduces Sonar as a tool to help developers measure and reduce these sins by augmenting their ability to reduce, reuse and recycle source code. The presentation demonstrates Sonar and outlines its future roadmap to expand its rules, metrics, and language support to further help developers improve software quality.

Embed presentation

Download as PDF, PPTX
JEE Conf Continuous Inspection Fight back the 7 deadly sins of the developer! Olivier Gaudin olivier.gaudin@sonarsource.com @gaudol
Back in old times
The genius
The super hero Au fin fond de l'Univers, à des années et des années-lumière de la Terre, Veille celui que le gouvernement intersidéral appelle quand il n'est plus Capable de trouver une solution à ses problèmes, quand il ne reste plus Aucun espoir : le Capitaine FLAM !
This is my toy
Fear of changes
Industrialisation has entered the game... ● Project under version control ● Project under continuous integration ● Technical and functional traceability
What is the mission of today's developer ? ?
Sustainable development
(Almost) Everything is maintenance ! Creation of an application Maintenance of an application
Nothing is more important than code But source code is nothing alone
Old times are over
Developing for others
Methodology
Transparency
Software factories evolve Makefile Issue Tracker IDE Continuous Refactoring Inspection VI / SCM Continuous Unit Tests Emacs Integration
Pushed by requirements Configuration Manager ● No change should be authorized to production system without being in configuration manager ● The complete version of an application should be found easily in the source control manager
Pushed by requirements Continuous Integration ● Projects in SCM can be built by anybody at any time ● Executing unit tests is part of the build process ● The output of a build is an artifact “ready to be used” ● If one of those requirements is not fulfilled, nothing is more important than fixing it
Pushed by requirements Continuous Inspection ● Any new code should ship with corresponding unit tests ● No new method should exceed a pre-defined level of complexity ● No cycle between packages should be introduced ● ...
BUT... Maturity steps should be followed ● Insuring technical traceability Configuration Manager ● Insuring functional traceability Issue Manager ● Insuring build stability Continuous Integration ● Insuring source code quality Continuous Inspection (Sonar)
The end does not justify the means Doing the right software Doing the software right
What is quality? « A well-written program is a program where the cost of implementing a feature is constant throughout the program's lifetime. » Itay Maman
How to measure quality ?
The technical debt
The 7 deadly sins of the developer Sins Technical Debt
The 7 deadly sins ? Applied to source code ● ? ● ? ● ? ● ? ● ? ● ? ● ?
The 7 deadly sins ? Applied to source code ● Duplications ● Bad distribution of complexity ● Spaghetti Design ● Lack of unit tests ● No coding standards ● Potential bugs ● Not enough or too many comments
The mission of Sonar Declare open the hunt of the developer's 7 deadly sins
The mission of Sonar More seriously Augment everybody's capability to reduce, reuse and recycle source code
Sonar: a reality 6,000+ downloads per month (300 in 2008) 1,300+ subscribers to mailing list 60 plugins in the open source forge 150,000 downloads X?,000 instances in the world
Demo
Sonar is only a tool ! ● What should happen in case new defects are added ? ● How, when and who should make quality standards evolve ? ● How to train new joiners ? ● Any measure reported must be analysed
The « Done, Done, Done, Done » ● Developed ● Tested ● Approved by the « Product Owner » ● Technical debt under control
Roadmap 2012 Review Expand rules Process and metrics Governance dashboards Sonar IDE Quality of Track changes Unit Tests PL/SQL Code Churn Developer Cockpit Sonar-cpd VB .NET ABAP 2.0 C++
Questions & Answers Thank You ! http://www.sonarsource.org http://www.sonarsource.com

More Related Content

PDF
Tracking and improving software quality with SonarQube
byPatroklos Papapetrou (Pat)
 
PPTX
Sonar Overview
bySamuel Langlois
 
PPTX
Track code quality with SonarQube - short version
byDmytro Patserkovskyi
 
PDF
Sonar Metrics
byKeheliya Gallaba
 
PPTX
A year of SonarQube and TFS/VSTS
byMatteo Emili
 
PDF
ITAKE Unconference - Holding down your technical debt with Sonarqube
byPatroklos Papapetrou (Pat)
 
PPTX
Sonar Review
byKate Semizhon
 
KEY
Unit Testing Your Application
byPaladin Web Services
 
Tracking and improving software quality with SonarQube
byPatroklos Papapetrou (Pat)
 
Sonar Overview
bySamuel Langlois
 
Track code quality with SonarQube - short version
byDmytro Patserkovskyi
 
Sonar Metrics
byKeheliya Gallaba
 
A year of SonarQube and TFS/VSTS
byMatteo Emili
 
ITAKE Unconference - Holding down your technical debt with Sonarqube
byPatroklos Papapetrou (Pat)
 
Sonar Review
byKate Semizhon
 
Unit Testing Your Application
byPaladin Web Services
 

What's hot

PPTX
SonarQube: Continuous Code Inspection
byMichael Jesse
 
PDF
SonarQube - Should I Stay or Should I Go ?
byGeeks Anonymes
 
PPTX
Track code quality with SonarQube
byDmytro Patserkovskyi
 
PDF
Tech Talk #5 : Code Analysis SonarQube - Lương Trọng Nghĩa
byNexus FrontierTech
 
PDF
Sonar
byPeerapat Asoktummarungsri
 
PPTX
Sonar
byprabakaranbrick
 
PDF
SonarQube
byGnanaseelan Jeb
 
PDF
Sonarqube
byPeerapat Asoktummarungsri
 
PDF
Quality Assurance Guidelines
byTim Stribos
 
PDF
Code Review with Sonar
byMax Kleiner
 
PDF
Code Review
byTu Hoang
 
PPTX
Code review process with JetBrains UpSource
byOleksii Prohonnyi
 
PPTX
Tracking your Technical Debt with Sonarqube
byPuppet
 
PDF
Java Source Code Analysis using SonarQube
byAngelin R
 
PDF
Static code analysis
byPrancer Io
 
PPTX
Sonar qube to impove code quality
byMani Sarkar
 
PDF
Code Quality Lightning Talk
byJonathan Gregory
 
PPTX
Automation and Technical Debt
byIBM UrbanCode Products
 
PPT
How to become a testing expert
bygaoliang641
 
PDF
Leaning on the two Ts
byMani Sarkar
 
SonarQube: Continuous Code Inspection
byMichael Jesse
 
SonarQube - Should I Stay or Should I Go ?
byGeeks Anonymes
 
Track code quality with SonarQube
byDmytro Patserkovskyi
 
Tech Talk #5 : Code Analysis SonarQube - Lương Trọng Nghĩa
byNexus FrontierTech
 
Sonar
byPeerapat Asoktummarungsri
 
Sonar
byprabakaranbrick
 
SonarQube
byGnanaseelan Jeb
 
Sonarqube
byPeerapat Asoktummarungsri
 
Quality Assurance Guidelines
byTim Stribos
 
Code Review with Sonar
byMax Kleiner
 
Code Review
byTu Hoang
 
Code review process with JetBrains UpSource
byOleksii Prohonnyi
 
Tracking your Technical Debt with Sonarqube
byPuppet
 
Java Source Code Analysis using SonarQube
byAngelin R
 
Static code analysis
byPrancer Io
 
Sonar qube to impove code quality
byMani Sarkar
 
Code Quality Lightning Talk
byJonathan Gregory
 
Automation and Technical Debt
byIBM UrbanCode Products
 
How to become a testing expert
bygaoliang641
 
Leaning on the two Ts
byMani Sarkar
 

Viewers also liked

PDF
Repository Management with JFrog Artifactory
byStephen Chin
 
PPT
Maven Introduction
bySandeep Chawla
 
PDF
Jenkins with SonarQube
bySomkiat Puisungnoen
 
PPTX
An Introduction to Maven
byVadym Lotar
 
PDF
Maven 3 Overview
byMike Ensor
 
PDF
Análise de qualidade de código com Sonar - Fernando Boaglio
byFernando Boaglio
 
PDF
How to Become a Thought Leader in Your Niche
byLeslie Samuel
 
PDF
Continuous delivery-with-maven
byJohn Ferguson Smart Limited
 
PPTX
Maven for Dummies
byTomer Gabel
 
PDF
Apache Maven 3
byMaxime Gréau
 
PPTX
Tech debt will kill us
byJulian Warszawski
 
PPTX
Sonar-Hodson-Maven
bySlimen Belhaj Ali
 
KEY
The Technical Debt Trap - Michael "Doc" Norton
byLeanDog
 
PPT
Maven Overview
byFastConnect
 
PPT
Demystifying Maven
byMike Desjardins
 
PPTX
Artifactory Docker Integration Webinar
byBaruch Sadogursky
 
Repository Management with JFrog Artifactory
byStephen Chin
 
Maven Introduction
bySandeep Chawla
 
Jenkins with SonarQube
bySomkiat Puisungnoen
 
An Introduction to Maven
byVadym Lotar
 
Maven 3 Overview
byMike Ensor
 
Análise de qualidade de código com Sonar - Fernando Boaglio
byFernando Boaglio
 
How to Become a Thought Leader in Your Niche
byLeslie Samuel
 
Continuous delivery-with-maven
byJohn Ferguson Smart Limited
 
Maven for Dummies
byTomer Gabel
 
Apache Maven 3
byMaxime Gréau
 
Tech debt will kill us
byJulian Warszawski
 
Sonar-Hodson-Maven
bySlimen Belhaj Ali
 
The Technical Debt Trap - Michael "Doc" Norton
byLeanDog
 
Maven Overview
byFastConnect
 
Demystifying Maven
byMike Desjardins
 
Artifactory Docker Integration Webinar
byBaruch Sadogursky
 

Similar to Continuous inspection with Sonar

PDF
Sonar
byNovencia Groupe
 
PDF
Continuous Inspection of Code Quality: SonarQube
byEmre Dündar
 
PDF
Software Testing and Quality Assurance Assignment 3
byGurpreet singh
 
PPTX
UNIT 1 - MPP.pptxdfvvnfuvbrrujfvbvndvnbn
byrachanahrr123
 
PPT
Software Engineering Fundamentals - Svetlin Nakov
bySvetlin Nakov
 
PPTX
Introduction-to-Software-Development.pptx
bymissionpassed738
 
PPTX
Introduction-to-Software-Development.pptx
bymissionpassed738
 
DOCX
Software engineering Questions and Answers
byBala Ganesh
 
PPT
Part5 - enforcing coding standard and best practices with jas forge v1.0
byJasmine Conseil
 
PPTX
Continuous Integration & the Release Maturity Model
bycPrime | Project Management | Agile | Consulting | Staffing | Training
 
PPTX
Continuous integration
byNathaniel Richand
 
PPTX
Blackboard DevCon 2012 - Ensuring Code Quality
byNoriaki Tatsumi
 
PPTX
Continuous Integration and development environment approach
byAleksandr Tsertkov
 
PPTX
Software development lifecycle_release_management
bynetdbncku
 
PDF
Continuous Inspection: Fight back the 7 deadly sins of a developer!
bySebastian Marek
 
PPTX
unit 1.pptx regasts sthatbabs shshsbsvsbsh
bysagarjsicg
 
PDF
It is a sunny day
bybcoder
 
PDF
Friday final test
bybcoder
 
PPT
Software Engineering Fundamentals Svetlin Nakov
bynazeer pasha
 
PPT
Softwareengineeringfundamentalssvetlinnakov 1233295163644547-1
bygururguru01
 
Sonar
byNovencia Groupe
 
Continuous Inspection of Code Quality: SonarQube
byEmre Dündar
 
Software Testing and Quality Assurance Assignment 3
byGurpreet singh
 
UNIT 1 - MPP.pptxdfvvnfuvbrrujfvbvndvnbn
byrachanahrr123
 
Software Engineering Fundamentals - Svetlin Nakov
bySvetlin Nakov
 
Introduction-to-Software-Development.pptx
bymissionpassed738
 
Introduction-to-Software-Development.pptx
bymissionpassed738
 
Software engineering Questions and Answers
byBala Ganesh
 
Part5 - enforcing coding standard and best practices with jas forge v1.0
byJasmine Conseil
 
Continuous Integration & the Release Maturity Model
bycPrime | Project Management | Agile | Consulting | Staffing | Training
 
Continuous integration
byNathaniel Richand
 
Blackboard DevCon 2012 - Ensuring Code Quality
byNoriaki Tatsumi
 
Continuous Integration and development environment approach
byAleksandr Tsertkov
 
Software development lifecycle_release_management
bynetdbncku
 
Continuous Inspection: Fight back the 7 deadly sins of a developer!
bySebastian Marek
 
unit 1.pptx regasts sthatbabs shshsbsvsbsh
bysagarjsicg
 
It is a sunny day
bybcoder
 
Friday final test
bybcoder
 
Software Engineering Fundamentals Svetlin Nakov
bynazeer pasha
 
Softwareengineeringfundamentalssvetlinnakov 1233295163644547-1
bygururguru01
 

Recently uploaded

PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PDF
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
December Patch Tuesday
byIvanti
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
TrustArc Webinar - Assessing AI Risk with Confidence
byTrustArc
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Safeguarding AI-Based Financial Infrastructure
byYasir Naveed Riaz
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 

Continuous inspection with Sonar

  • 1.
    JEE Conf Continuous Inspection Fight back the 7 deadly sins of the developer! Olivier Gaudin olivier.gaudin@sonarsource.com @gaudol
  • 2.
  • 3.
  • 4.
    The super hero Aufin fond de l'Univers, à des années et des années-lumière de la Terre, Veille celui que le gouvernement intersidéral appelle quand il n'est plus Capable de trouver une solution à ses problèmes, quand il ne reste plus Aucun espoir : le Capitaine FLAM !
  • 5.
  • 6.
  • 7.
    Industrialisation has enteredthe game... ● Project under version control ● Project under continuous integration ● Technical and functional traceability
  • 8.
    What is themission of today's developer ? ?
  • 9.
  • 10.
    (Almost) Everything ismaintenance ! Creation of an application Maintenance of an application
  • 11.
    Nothing is moreimportant than code But source code is nothing alone
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
    Software factories evolve Makefile Issue Tracker IDE Continuous Refactoring Inspection VI / SCM Continuous Unit Tests Emacs Integration
  • 17.
    Pushed by requirements ConfigurationManager ● No change should be authorized to production system without being in configuration manager ● The complete version of an application should be found easily in the source control manager
  • 18.
    Pushed by requirements ContinuousIntegration ● Projects in SCM can be built by anybody at any time ● Executing unit tests is part of the build process ● The output of a build is an artifact “ready to be used” ● If one of those requirements is not fulfilled, nothing is more important than fixing it
  • 19.
    Pushed by requirements ContinuousInspection ● Any new code should ship with corresponding unit tests ● No new method should exceed a pre-defined level of complexity ● No cycle between packages should be introduced ● ...
  • 20.
    BUT... Maturity steps shouldbe followed ● Insuring technical traceability Configuration Manager ● Insuring functional traceability Issue Manager ● Insuring build stability Continuous Integration ● Insuring source code quality Continuous Inspection (Sonar)
  • 21.
    The end doesnot justify the means Doing the right software Doing the software right
  • 22.
    What is quality? « A well-written program is a program where the cost of implementing a feature is constant throughout the program's lifetime. » Itay Maman
  • 23.
    How to measurequality ?
  • 24.
  • 25.
    The 7 deadlysins of the developer Sins Technical Debt
  • 26.
    The 7 deadlysins ? Applied to source code ● ? ● ? ● ? ● ? ● ? ● ? ● ?
  • 27.
    The 7 deadlysins ? Applied to source code ● Duplications ● Bad distribution of complexity ● Spaghetti Design ● Lack of unit tests ● No coding standards ● Potential bugs ● Not enough or too many comments
  • 28.
    The mission ofSonar Declare open the hunt of the developer's 7 deadly sins
  • 29.
    The mission ofSonar More seriously Augment everybody's capability to reduce, reuse and recycle source code
  • 30.
    Sonar: a reality 6,000+ downloads per month (300 in 2008) 1,300+ subscribers to mailing list 60 plugins in the open source forge 150,000 downloads X?,000 instances in the world
  • 31.
  • 32.
    Sonar is onlya tool ! ● What should happen in case new defects are added ? ● How, when and who should make quality standards evolve ? ● How to train new joiners ? ● Any measure reported must be analysed
  • 33.
    The « Done, Done,Done, Done » ● Developed ● Tested ● Approved by the « Product Owner » ● Technical debt under control
  • 34.
    Roadmap 2012 Review Expand rules Process and metrics Governance dashboards Sonar IDE Quality of Track changes Unit Tests PL/SQL Code Churn Developer Cockpit Sonar-cpd VB .NET ABAP 2.0 C++
  • 35.
    Questions & Answers Thank You ! http://www.sonarsource.org http://www.sonarsource.com