Scertify is a code analysis tool chain created and maintained by Tocea. It provides development teams with efficient solutions to tackle technical debt. One of the key features of Scertify is its ease of use with existing development environment like Maven, Eclipse, Jenkins… This allows teams to easily get started without disrupting their usual development process.This article presents Scertify’s Maven plugin.
Why a Maven Plugin for Scertify?
Nowadays Maven is everywhere for dependency management, especially in the Java world. Furthermore, to perform accurate code analysis, Scertify needs the whole set of a project’s dependencies. Hence we created this tool to help any Maven user to run code analysis, refactoring and beautifully formated reports.
How simple is it?
You need to configure your Maven’s settings in order to seek the plugin on Tocea’s plugin repository. As for any repository, you just need to add it to your settings.xml in Maven’s directory. Once it is done, you can just run Scertify as any plugin :
Simple huh ? Did I already say it ?
We launched Scertify on OpenKM, an open-source software available on gitourious : https://gitorious.org/openkm
What do I get ?
A cool site report and refactored source-code ready to replace the old one.
The report encloses a lot of useful information concerning the number of rules launched, the number of errors detected, the application’s overall conformity. The report is built as a “zoom-in”, which means that with a look on the first result page, you get a good overview of the application’s quality. Then, as you keep reading, you get into more details. You can get errors by classification (security, fiability…), by criticity (blocker, criticical…) or you can just go to the most detailed section and see a comprehensive list of violations.
While auditing the application, Scertify produces a refactoring trace that automatically corrects many errors (take a look at OpenKM, the Debt Write-Off we recently published). You can choose to apply all the refactoring propositions on your application, or you can validate/reject them individually. To do so, you could use a tool such as Meld to compare your code with the refactored trace.
meld openkm/src/ openkm/target/refactored-sources/[...]/src/
It will open a window that allows to select code and apply the refactoring.
We found that the file src/main/java/com/openkm/dao/ActivityDAO.java is a very good example of what Scertify Code can do for you. It has violations on three Rules :
- Use literals first in comparison
- Method parameter could be final
- Local variable could be final
And that’s how you quickly get ready to tackle technical debt with Scertify and Maven. Of course, more configuration is available to finely tune the plugin’s behavior, but that will be the concern of another article.
And you, do you think such tool could benefit to your development process?