Code Quality Management Tool Sonar Provides Design and Architecture Metrics
The new version of open source code quality management tool Sonar provides design and architecture metrics. Sonar 2.0 introduced the analysis of design, architecture and object-oriented metrics for Java applications. And Sonar 2.1 version, which was released recently, supports the detection of unused methods.
Architecture metrics feature includes a new visual tool called Dependency Structure Matrix (DSM) which is a way to represent and navigate across dependencies between the components. It can be used to remove cycles between packages by cutting undesired dependencies and to identify the classes that have too many responsibilities (which is a violation of Single Responsibility Principle (SRP) pattern). The object-oriented metrics include Chidamber & Kemerer metrics like Depth of Inheritance Tree (DIT), Number of Children (NOC), Response for a Class (RFC), Afferent/Efferent Couplings (CA/CE), and Lack of cohesion in methods (LCOM). The latest version also includes a new rules engine on top of Squid, a parser within Sonar which works on both source code and byte-code and comes with pre-built rules which can be used to detect unused private and protected methods and the client calls to deprecated methods. Squid analyzes the application source code, Java API and external libraries bytecode to determine which methods, classes and fields are deprecated. Other new features in Sonar 2.1 release are:
- A new "Libraries" page to display all the project libraries and dependencies. This feature requires the project to be built with Maven application build tool. Once a project has been selected on Sonar site main page, this service allows to visualize the dependency tree of the project. There is also an optional dynamic filter available to filter the libraries by name to navigate through transitive dependencies of the application.
- The "Dependencies" page which is used to search for library usages; for example to get all the projects which depend upon a third-party framwork like Commons Logging version 1.1.
- Sonar functionality can be extended using various plugins that are available for integration with the tool. There is a new "System Info" page that displays the system properties, installed plugins and Java Virtual Machine (JVM) memory statistics. This page also provides detailed information about Sonar configuration and database statistics.
- An administration console of installed plugins and system information.
The new release of Sonar includes a test framework and a custom Maven lifecycle for these plugins. It also includes a web service for integration with the project events and a new metrics module in the project size widget.
Freddy Mallet of Sonar team wrote about managing the cycles between packages and the clean up of design at a class level using the new version of the framework. The Sonar development team is also working on a plugin for Eclipse IDE, version 0.1 of which was released last month. The readers can also check out the Project Nemo which is an online instance of Sonar with the code analysis statistics on open source projects like Apache Commons frameworks, Apache Tomcat, Struts2, Esper and others.
Interesting plugin for technical debt
Re: Interesting plugin for technical debt
I have used Sonar technical debt plugin before. I found it to be very useful in visualizing the amount of debt (in person dollars) after every release of the project. That project managers and team leads at my company rely heavily on this report to keep up with the changes in technical debt and code quality issues.
Brandon Holt, Preston Briggs, Luis Ceze, Mark Oskin May 21, 2015
Kai Kreuzer, Olaf Weinmann May 21, 2015