Neutral Quality metrics for your code

Disclaimer - I am not in any ways affiliated with Sonar Source, I just happen to be using their product(s), and the stuff I've seen so far, is simply amazing as far as I am concerned!

As software developers, we are non-stop fighting the never ending recurring battle against "code rot". Code rot often implies that our Program Manager asks us for a feature, and we sneak in an additional "if" statement in one method, and a couple of "while" statements in another method, and our program manager is pleased with the effect. Slowly over time of course, the effect this approach has on our code, is less cohesion, clarity, and readability, in our classes, methods, and modules - And our code slowly mutates over time to become "a big ball of mud", until it reaches that point where it's no longer possible to maintain.

The problem is really condensed into two words: "Code quality" - And its solution either dictates having an Adolph Hitler type of Technical Project Lead, or alternatively, as I will propose here, simply using better tools.

To a carpenter with only a hammer, every problem looks like a nail

The above statement cannot be emphasised enough. If you get stuck in a specific toolchain, having only a handful of solutions at your disposal - Slowly over time, every problem you encounter will appear to be a nail. If you however, try to keep your mind open, and your assumptions to a minimum, you might realise there exists other alternative paths to solving your problems, that actually solves them, and not only shuffles them ahead of you. This is called accumulating "technical debt" for those interested in the concept.

For a couple of weeks lately, I've used SonarCloud for my Open Source projects. SonarCloud is one of SonarSource's products, which allows you to neutrally measure code quality over time. The idea is that it contains hundreds of pre-defined quality measures, such as for instance the following.

• Are you repeating segments and blocks of code?
• Are your methods too complex, and hence difficult to maintain?
• Is your Unit Test coverage too small?
• Etc ...

After having statically analysed my code, SonarCloud will create a report for me as follows. If I mess up my code, I will get to instantly know about exactly where I messed up, and how I can fix it. No need for having Adolph Hitler in my development department to review my pull requests, and pure Software Development Anarchy comes within reach of my project.

In fact, I've started loving SonarSource's products so much lately, due to having tested it in my Open Source projects - That I have already started implementing it in my day job, where I'm an architect, handling some 10-15 developers myself. Maybe I'm different, but if I can avoid it, I'll try to avoid quarrelling and arguing, when I can present neutral data and metrics to prove that I'm right (or wrong for that matter) - After all, we are scientists, right ...?

If you don't have a budget for purchasing tools, you can use the community version of SonarQube, and probably install it in your Azure or AWS account in half a day. This version is 100% Open Source, and free to use - Even for commercial and proprietary projects. However, this will not give you reports for your pull requests, and can only be integrated into your default/master branch of your repository. But for a couple of bucks per month, you can also get reports on every pull request created, which allows you to prevent bad code from even reaching your non-feature branch - Assuming you're using GitFlow or some similar type of process in your organisation.

No need to argue, just use SonarQube ;)