Showing posts with label Source Quality. Show all posts
Showing posts with label Source Quality. Show all posts

Wednesday, July 8, 2015

Can NDepend 6 and SONAR work together?

Introduction

As I wrote in this post, one of the greatest feature of NDepend were its “great Visual Studio integration in order to display your technical debt directly inside the IDE”.

NDepend can also be integrated as part of your continuous integration pipeline in order to make the analysis of technical debt results public for the whole team (or just break the build under certain conditions). There are a lot of official documentation about how integrate NDepend 6 with Team City (as a build server) or SONAR (as a quality metric tool).

But let’s start with my own experience setting up NDepend 6 and SONAR and checks the benefits of integrates both tools.

Integrating NDepend with SONAR

NDepend 6 comes with support for SONAR integration. The process is pretty forward and is well described on the documentation. After follow such steps you will get all NDepend’s rules imported into SONAR and you can activate them into a Quality Profile for instance the Full Analysis for C#

NDepend rules imported in SONAR

The issues could start when you run an analysis for large projects with several violations. If you run (the runner) with –X the stack trace will show you the java.lang.OutOfMemoryError as the exception. But nothing that can’t be solved following this recommendations: 
  1. Run sonar-runner with x64 JRE. 
  2. Increase the heap size by turn this line:

%JAVA_EXEC% %SONAR_RUNNER_OPTS% -cp "%SONAR_RUNNER_HOME%\lib\sonar-runner-dist-2.4.jar" "-Drunner.home=%SONAR_RUNNER_HOME%" "-Dproject.home=%PROJECT_HOME%" org.sonar.runner.Main %*

             into this one

%JAVA_EXEC% -Xmx3062m -XX:MaxPermSize=512m -XX:ReservedCodeCacheSize=128m %SONAR_RUNNER_OPTS% -cp "%SONAR_RUNNER_HOME%\lib\sonar-runner-dist-2.4.jar" "-Drunner.home=%SONAR_RUNNER_HOME%" "-Dproject.home=%PROJECT_HOME%" org.sonar.runner.Main %*

            in the sonnar-runner.bat file.

The results

SONAR is an isolated server that receive the results from “inspection agents”. Actually the inspection results are committed directly into SONAR database and the SONAR web application or dashboard displays the results in a centralized way. 

So, as you expected (and so do I), after run an inspection via sonar-runner, the NDepend's rules violations are displayed as SONAR's issues, just like this.

NDepend's violations as SONAR's issues

So, now you can manage (assign, resolve, or comment) such issues trougth SONAR interface. 

Conclusions

As you should know at this point, the answers is yes. NDepend 6 can work together with SONAR. But as you can also see I have a lot of work to do. So, I’m not sure what I’m doing writing this blog post ;).

SONAR dashboard
PS: This is not a "Do as I say, not as I do" post. As I also said, the "important thing is, not to accumulate technical debt and fix it as soon as it is detected". The sample reports shown on this post intentionally includes source with a tons of defects. Most of them comes from tests / PoC assemblies and auto-generated code.

Monday, January 19, 2015

Why should you start using NDepend?

Introduction

This weekend I finished painting my apartment. Then I laid on the floor, looking at the ceiling, started taking some shots and talking to myself:

A) Yes, it looks great and with this new lamp in the middle of the living room, everything looks perfect. B) But what is that I see at the corner? Let me get a closer shot. C) Oops!!! I made a mistake, I need to fix it ASAP ;)

Yes, I know, I’m not a professional painter. Therefore, I don't have the right tools to alert me about these technical debts while I’m painting. 

Such experience reminded me that I’m a software developer and recently acquired the right tool to detect such “dark spots” – a.k.a technical debt – of the source code while I’m coding. Its name is NDepend.

What is NDepend?

SONAR Web Report
NDepend is a static analysis tool for .NET managed code. As you should know static analysis is about analyzing code without executing it and is generally used to ensure conformance with the coding guidelines.

NDepend is not the only tool available for static analysis code for .NET, there are several tools including Code Violation Detection Tools like Fxcop, Clocksharp, Mono.Gendarme or CodeIt.Right,  Quality Metric Tools like Nitriq, SONAR or NDepend itself, or just Checking Style Tools like StyleCop, Agent Smith.

Actually, I currently use SONAR with its seamless integration with the build process in order to continuously manage code quality in centralized reports of technical debts.

NDepend also has integration with the build process, but from my point of view, one of its key features is the great Visual Studio integration in order to display your technical debt directly inside the IDE.
NDepend Dashboard in Visual Studio
Let's take a look at a very quick start with NDepend.

A very quick start with NDepend


Quick access
to the violation results
After installing a plugin and setting up your project, you should run a code analysis just by clicking the option from the menu NDEPEND => Analyze => Run Analysis or moving de mouse over a circle in the notification bar and click in Run a First Analysis on this NDepend Project.

If you move the mouse again - once the analysis finished - over the circle in the notification bar you should see the Code Queries and Rules Summary, with fast access to the Critical and Rules Violated

Such results, categorized into Code Quality, Object Oriented Design, Design, ArchitectureLayering, Dead Code, and so on, are displayed on the Query and Rules Explorer panel and allow us to navigate from the violation directly to the source.
Categorized violation query results on the Query and Rules Explorer
For instance, let me check from Code Quality category, the rule Methods with too many parameters - critical.  

The rule description is the following: Methods with more than 8 parameters might be painful to call and might degrade performance. You should prefer using additional properties/fields to the declaring type to handle numerous states. Another alternative is to provide a class or structure dedicated to handle arguments passing.

The analysis found 16 violations of this rule, by clicking it you can navigate to the method. In this case, I selected one with 9 parameters and found out that indeed, it must be refactored. Now, thanks to the integration of Visual Studio and Git,  you can also see who's the author of this violation. 

Navigating from rule 'Methods with too many parameters - critical' result to StartSiteCreationProcess method
Let me take a closer shoot to see who that is:


Oops!!! it's me, I need to fix this ASAP ;)

Conclusion

The important thing is, not to accumulate technical debt and fix it as soon as it is detected. For .NET developers, NDepend is the right tool to start with.

You can make mistakes (critical or not), but being aware of your code quality constantly makes the difference between the apparent and intrinsic quality of your sources and consequently your products; even when untrained eyes may only see the beautiful lamp.

Btw, It seems like I've got similar skills as a painter than as a software developer ;)

X-ray StoneAssemblies.MassAuth with NDepend

Introduction A long time ago, I wrote this post  Why should you start using NDepend?  which I consider as the best post I have ever...