check-circle-o ruby-plain react-original rails-plain php-plain nodejs-plain jquery-plain java-plain javascript-plain html5-plain css3-plain angularjs-plain android-plain greenvaro finmatex code-n-forcer baby-compy projects-value-delivered project-challenge hardware_design-icon_development hardware_design-icon_software hardware_design-icon_prototype hardware_design-icon_evaluation hardware_design-icon_concept ux_ui-icon_process_colors ux_ui-icon_process_assets ux_ui-icon_process_mockups ux_ui-icon_mockups ux_ui-icon_process_prototype ux_ui-icon_process_architecture ux_ui-icon_process_icons ux_ui-icon_process_layout ux_ui-icon_prototype ux_ui-icon_process_requirements ux_ui-icon_guidelines ux_ui-icon_wireframes ux_ui-icon_analysis support-and-warranty global-delivery research-work experience-in-it hq-location big-data-color mobile-application-color iot-industry-color cloud-solutions-color technologies-methodologies-color computer-vision-color software-engineering-color product-development-color application-development-color ux-ui-design-color qa-automation-testing-color hardware-design-color data-mining-color marketing-seo-color checked iof-industry cloud-solutions big-data computer-vision mobile-application ux-ui-design services-menu-data_mining services-menu-marketing services-menu-hardware_design services-menu-qa application-development date-icon company-menu-education company-menu-products company-menu-terms_and_privacy company-menu-сareer company-menu-blog company-menu-contact-us industries-menu-financial-technologies industries-menu-energy-utilities industries-menu-healthcare-medicine industries-menu-internet-of-things industries-menu-social-media-ecommerce industries-menu-elearning-communications attach qoute-icon link-icon th cog book map-marker twitter facebook wrench cloud linkedin gavel sitemap angle-double-left angle-double-right angle-double-up angle-double-down angle-left angle-right angle-up angle-down desktop mobile play-circle file-text youtube google joomla cube cubes database file-pdf-o codepen share-alt paint-brush clutch heart-o xing xing-hover skype check-circle slick-arrow Solutions arrow-down circle-with-cross what_is_that-icon what_will_you_get-icon what_is_it_for-icon why_IT_GURU-icon_1 why_IT_GURU-icon_2 why_IT_GURU-icon_3 why_IT_GURU-icon_4 why_IT_GURU-icon_5 "

Expert system for source code analysis and improvements

19.10.2015

Alexander Lipanov, PhD in Computer science, Softarex Technologies Inc

What is a modern code quality?

It is well known that quality assurance is a crucial step in the software product lifecycle. And it is not surprising that there are plenty of sophisticated concepts, approaches, standards (including ISO), models, methods, and tools aimed at facilitating and improving the testing processes. At first glance, all software developers and QA teams are free to choose whatever they like or whatever best fits their internal workflows.

However, there are two major problems that still exist:

  • The first problem is that most of these methods, standards, and tools are more about formal QA indicators, such as functionality, performance, reliability, and security, rather than source code quality, such as extendibility, scalability, reusability, understandability, compliance with the object-oriented paradigms, and so on.
  • The second problem is that even formal checks of the source code quality and possible improvements are often difficult and time-consuming and, therefore, many QA teams are forced to minimize them or even skip entirely.

Unfortunately, the importance of source code quality is often underestimated by many software companies that focus on saving development costs and reducing time-to-market. But we still believe that clear, concise, and supportable source code is a cornerstone of each premium-quality software product. This basic concept has laid the foundation of our flagship product, codeNforcer.

How can codeNforcer help?

Our codeNforcer is a powerful QA system for both centralized and distributed teams with a focus on source code quality and improvements.

Basically, it offers three large groups of indicators (or metrics) that represent the results of source code analysis and provides you with a comprehensive picture of the source code quality:

  • Statistical metrics – this group contains metrics that assess the number of entities on the application level and on the method level. Statistical metrics, in turn, comprise two subgroups, which are quantitative metrics and complexity metrics. The quantitative metrics indicate the number of classes, methods, structures, interfaces, lines of code, number of comments, etc., while the complexity metrics are calculated using special formulas, including various algorithm complexity evaluations.

    The entities supported on the application level include: packages, namespaces, types, classes, interfaces, structures, methods, properties, fields, lines of code and lines of comments, density of comments, public data percentage, Halstead complexity, and more.

    The entities supported on the method level include parameters, overloads, functions, and more.

    Statistical metrics are provided for source code written in Java, C++, C#, and PHP. Most of them are language-specific, as shown in the table below:


  • Object-oriented metrics – this group contains metrics that assess the compatibility with the object-oriented paradigms: coupling, afferent/efferent coupling, instability, relational cohesion, distance from main sequence, abstractness, association between classes, cyclomatic complexity, depth of inheritance tree, etc. Just like the statistical metrics, most object-oriented metrics are also language-specific:


  • CISQ metrics – these are the traditional QA indicators proposed by the Consortium for IT Software Quality (CISQ), such as Reliability, Performance Efficiency, Security, and Maintainability. CodeNforcer providing abilities for source code checking with using CISQ metrics and show all CISQ metrics violations for Reliability, Performance efficiency, Security and Maintainability.

Certainly, many of the above-mentioned indicators are not the common purpose and sometimes not so informative, but taken generally and with all their mutual dependencies, they can give very useful insights to QA teams.

Tools for source code analysis in CodeNforcer

In addition to a variety of source code quality metrics, CodeNforcer provides a powerful set of tools for QA checks and source code improvements. These include:

  • Code review tools – convenient software modules for automatic and semi-automatic assessment of large and sophisticated source code, when manual checks are too hard or time-consuming to perform.

  • Source code style checkers – tools that automatically check the source code for style errors. Most development teams and companies have their own style guides that must be strictly followed by each developer, since the style is not about code aesthetics – it’s about code readability. CodeNforcer can help maintain the proper style of the entire source code and even automatically correct certain errors, e.g. remove unnecessary variables and unused methods, as well as resolve security issues in SQL constructions and event handlers.

  • Tools for architecture quality checks – these tools are used for the proper assessment of the software architecture quality that is always a challenge especially when you need to restructure the basic design of your software without losing any of its features. CodeNforcer provides everything you need to objectively assess and seamlessly restructure the application design without sacrificing its functionality or performance.

And how do all of the above work together?

codeNforcer integrates all of the features described above into a streamlined and easily configurable workflow shown in the picture below.



If you want to quickly get started with codeNforcer and perform a rapid, yet thorough, check of your source code base, this workflow is just for you. And once all the checks are finished and all the improvements are done, the source code can be easily submitted to your GitHub, Git or TFS repository directly from CodeNforcer