Maven and Scertify : Easy-Peasy

Scertify is a code analysis tool chain created and maintained by Tocea. It provides development teams with efficient solutions to tackle technical debt. One of the key features of Scertify is its ease of use with existing development environment like Maven, Eclipse, Jenkins… This allows teams to easily get started without disrupting their usual development process.This article presents Scertify’s Maven plugin.

Why a Maven Plugin for Scertify?

Nowadays Maven is everywhere for dependency management, especially in the Java world. Furthermore, to perform accurate code analysis, Scertify needs the whole set of a project’s dependencies. Hence we created this tool to help any Maven user to run code analysis, refactoring and beautifully formated reports.

How simple is it?

You need to configure your Maven’s settings in order to seek the plugin on Tocea’s plugin repository. As for any repository, you just need to add it to your settings.xml in Maven’s directory. Once it is done, you can just run Scertify as any plugin :

mvn scertify:audit

Simple huh ? Did I already say it ?

We launched Scertify on OpenKM, an open-source software available on gitourious : https://gitorious.org/openkm

 

What do I get ?

A cool site report and refactored source-code ready to replace the old one.

The Report

The report encloses a lot of useful information concerning the number of rules launched, the number of errors detected, the application’s overall conformity. The report is built as a “zoom-in”, which means that with a look on the first result page, you get a good overview of the application’s quality. Then, as you keep reading, you get into more details. You can get errors by classification (security, fiability…), by criticity (blocker, criticical…) or you can just go to the most detailed section and see a comprehensive list of violations.

 

 

The refactoring

While auditing the application, Scertify produces a refactoring trace that automatically corrects many errors (take a look at OpenKM, the Debt Write-Off we recently published). You can choose to apply all the refactoring propositions on your application, or you can validate/reject them individually. To do so, you could use a tool such as Meld to compare your code with the refactored trace.

meld openkm/src/ openkm/target/refactored-sources/[...]/src/

It will open a window that allows to select code and apply the refactoring.

Meld Folder diff

Meld Folder diff

We found that the file src/main/java/com/openkm/dao/ActivityDAO.java is a very good example of what Scertify Code can do for you. It has violations on three Rules :

  • Use literals first in comparison
  • Method parameter could be final
  • Local variable could be final

 

Conclusion

And that’s how you quickly get ready to tackle technical debt with Scertify and Maven. Of course, more configuration is available to finely tune the plugin’s behavior, but that will be the concern of another article.
And you, do you think such tool could benefit to your development process?

Posted by
Michael Picovschi (See other posts)

Michaël is an IT engineer who graduated in image processing. He worked in per grammar code generation before joining Tocea's R&D team. He now participates to the development of new tools and algorithm for real-time code analysis, control and enhancement.

3 thoughts on “Maven and Scertify : Easy-Peasy

  1. Armel GOURIOU

    Hi Mak and Stefan,
    Thanks for your interest!
    So far, only the professional version is available. We will provide a repository to try a free demo version soon.
    If you’re interested, I’ll make sure to let you know as soon as it is available.

Comments are closed.