Friday, January 31, 2014

Sonar - Effective code Reviewer

Well we all know that code analysis is a very basic and important part of software development process .  It doesn't matter how much experience we have in software development , we usually end up in a code that contains some bugs ( though it is not our intention ) . 

Though we use tools like debugger or profiler to ensure the code quality , the use of such tools comes late in the development process . I believe that code quality analysis should be done right after you write the source code , even without executing it . Such work can be done effectively by static code analysis tools . One should not take it as an alternate to code review process but can think it as an add-on to improve the code quality. 

What is Code Analysis ?
Code analysis is analyzing the source code without executing it . The purpose is  to find bugs or ensure conformance to coding guidelines . For example - Compiler showing lexical, syntactic and even semantic mistakes . 

The code analysis is either done by the code reviewer or a static code analysis tool . I would say that both are equally important but this post is dedicated to the latter . The tool we are going to discuss here is Sonar.

There are various benefits of code quality analysis . Some of them are :

  • Code becomes more readable
  • Less error prone
  • More reliable

Introduction to Sonar
Sonar is an open source code quality analysis tool that analyzes the source code , gather metrics about code quality and put them in a dashboard . Apart from analyzing the code , it also provides some tips to make the code better .

According to SonarQube , it covers seven axis of code quality :

  • Architecture and Design
  • Complexity
  • Potential bugs
  • Code Duplication
  • Unit tests
  • Comments
  • Coding rules

Sonar can be downloaded from

Sonar Dashboard

Sonar provide a comprehensive dashboard that provides high level metrics of a project .

The sonar comes with a lot of features but all can't be discussed here . But we can have a look at some basic features :

Unit tests inspection
Sonar inspects and validates the unit tests and provides the metrics on the dashboard .
Sonar also identifies the line coverage along with the uncovered conditional statements.

Quality Profiles
Can create quality profiles with different quality objectives on projects.

Issues Drilldown
Sonar provides a feature to drilldown the individual classes and identifying the problematic area . Sonar does a rule based defect identification and all the defects have a severity ( for example Blocker , Major ).

Application Lifecycle Management
Sonar integates easily with the Application Lifecycle Management tools like Maven , Jenkins , Eclipse and enables faster development.

For example-

Build Integration : Maven
Continuous Integration : Jenkins
IDE integration : Eclipse
Version Control : SVN 
JIRA integration 

Time Machine
Examine progress of the code using Time Machine . Motion Chart and Timeline and all these components can be dynamically customized . 

Sonar supports numerous other features and to see all of them , click here.

No comments :

Post a Comment