When you’re tired of endless code reviews and debugging, you may start wondering if there are ways to automate tedious tasks without it backfiring on you later in development. If this is something you or your team are interested in, you may want to take a closer look at server-side static analysis. How will you benefit from adding yet another step in the project lifecycle, especially in the age of smart IDEs? What kinds of tasks can you delegate to a static analysis tool? Read this blog post to find the answers to these questions and more!
- Automate code reviews
- Stay confident with external contributions
- Slash time spent on project planning
- Static analysis with Qodana in your project lifecycle
According to the Active State Developer Survey 2019, 61.5% of developers spend four hours or less a day writing code. One of the tasks contributing to the non-coding time is code reviews. The main goal of this process is a direct discovery of quality problems. In many projects, quality means:
1) flawless business logic implementation;
2) elements related to the maintainability of the code: design pattern, naming strategies, code style, etc.
If the process is purely manual, the reviewer should care about both aspects. It can be error-prone and time-consuming. For example, try to spot a deficiency in the code related to the regular expression:
It couldn’t be easy for you, but it’s a trivial task for a static analysis tool. It’s just one example. You can automate many checks for unused imports, dead code, duplicates, spelling problems, formatting issues, and many more – any rules of your choice. For example, if you use TODO’s in the comment, you can automatically check that each of them contains a reference to the issue tracker, as some teams in JetBrains do.
Those checks configured in the editor guide developers, but this guidance becomes a mandatory rule with the server-side static analysis. The server-side quality gate will ensure the code meets specific standards before it moves onto the next phase, like manual code review or deployment to production. The author and the reviewer will spend less time in the feedback loop. Also, you will have a track record for proofs and further analysis.
Code reviewing is good practice, even if all team members are equally skilled, accurate, and have a shared understanding of the code quality. Even professional climbers need belays, don’t they? And a belay becomes vital if you don’t know the actual skill level of the contributor. Accepting an external contribution to your project is precisely the case when you need an additional guarantee that the contributor follows your guidelines. It can be a pull request to the open-source project or tasks you delegate to the subcontractor – the automatic code review will perform routine checks so you can focus on business value.
With server-side static analysis, you can review the created code and plan your code evolution steps. Imagine you want to switch to a newer version of the language or framework. If you’re lucky, you update your dependencies, and your project is up and running. In a less fortunate scenario, you update your dependency, and the IDE highlights tons of places you need to update.
For big projects, the number of changes could be so large that you will need several people to succeed. How will you split the work between them? Static analysis platforms can build a report to split the work between people and estimate the outcome. This goes for any refactoring you need for your code. For example, with checks based on structural searches, you can evaluate all places that require your attention. Technically, this analysis can be done on the developer’s machine, but there will be no option to share the list of issues and track the progress with others.
Qodana, the code quality platform from JetBrains, empowers you and your team to leverage the benefits of a static analysis tool while integrating with your favorite CI/CD pipelines – TeamCity, GitLab, GitHub, and others. The picture below illustrates a typical software build process employed during the software development life cycle and how Qodana can be integrated with this process.
To get started with Qodana, check our previous blog post for detailed instructions, or download the version of the components that are suitable for your technology stack:
Your Qodana team