Return to search

Implementation and Evaluation of a Continuous Code Inspection Platform / Implementation och utvärdering av en kontinuerlig kodgranskningsplattform

Establishing and preserving a high level of software quality is a not a trivial task, although the benefits of succeeding with this task has been proven profitable and advantageous. An approach to mitigate the decreasing quality of a project is to track metrics and certain properties of the project, in order to view the progression of the project’s properties. This approach may be carried out by introducing continuous code inspection with the application of static code analysis. However, as the initial common opinion is that these type of tools produce a too high number of false positives, there is a need to investigate what the actual case is. This is the origin for the investigation and case study performed in this paper. The case study is performed at Ida Infront AB in Linköping, Sweden and involves interviews with developers to determine the performance of the continuous inspection platform SonarQube, in addition to examine the general opinion among developers at the company. The author executes the implementation and configuration of a continuous inspection environment to analyze a partition of the company’s product and determine what rules that are appropriate to apply in the company’s context. The results from the investigation indicate the high quality and accuracy of the tool, in addition to the advantageous functionality of continuously monitoring the code to observe trends and the progression of metrics such as cyclomatic complexity and duplicated code, with the goal of preventing the constant increase of complex and duplicated code. Combining this with features such as false positive suppression, instant analysis feedback in pull requests and the possibility to break the build given specified conditions, suggests that the implemented environment is a way to mitigate software quality difficulties. / 建立和保持高水平的软件质量可以带来经济利益等诸多好处,然而这是一项很困难的任务。其中一种防止软件项目质量下降的方法是通过跟踪项目的度量值和某些属性,来查看项目的属性的变化情况。通过引入持续的代码审查和应用静态代码分析方法可以实现这种方法。然而,在人们的印象中,这类工具往往具有较高的误检,因此需要进一步调查实际情况、研究其可行性,这是本文的初始研究目标。本文在瑞典林雪平的Ida Infront AB公司开展了案例研究,调研了该公司开发人员的意见,并通过访问开发人员,确定持续的代码审查平台SonarQube的性能。作者对持续的代码审查环境进行了配置,分析了公司的部分产品,进而确定哪些规则适用于该公司。调查结果表明该工具是高质量并且准确的,还提供了持续监测代码来观察度量值的趋势和进展等先进功能,例如通过监测环路复杂度和重复代码等度量值,来防止复杂度和重复代码的增加。通过组合误检压缩、对pull requests的瞬间分析反馈、以及分解和建立给定的条件等特征,使得所实现的环境成为一种可以降低软件质量保障难度的方式。

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:liu-130575
Date January 2016
CreatorsMelin, Tomas
PublisherLinköpings universitet, Institutionen för datavetenskap
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0022 seconds