Using Sonar to Evaluate Your Project
Sonar is the tool that the Church uses to evaluate a project's code quality. We have configured it to a degree to accommodate development patterns that are unique to Church projects. To visit the Sonar install for Community Projects, go to http://code.lds.org/sonar. For internal projects, go to http://sonar.ldschurch.org.
The custom Stack profile builds off of Sonar's default FindBugs + Checkstyle + PMD profile.
Certain rules have been downgraded, though they are still reported for your information. Checkstyles, for example, warns about APIs that are unprotected from extension. However, to protect them (with
final, for example) is to keep Spring from dynamically extended them at runtime. This could definitely cause a lot of bugs in someone's code if they are unaware of it. Thus, it is only an Informational warning, just in case it is not a Spring-managed bean.
Custom rules can also be added to Sonar, and several custom rule plugins for ICS are already under development. Visit Current Sonar Plug-in Efforts to learn, to contribute, or to provide ideas for code checks.
A few alerts have been added to highlight code that may be in danger of brittleness.
The list of alerts is currently:
- Coverage > 50%
- Duplicated Lines > 20%
- Package Cyclic Dependencies > 20%
- Documentation < 50%
- Quality Rules Compliance < 60%.
We have added the Technical Debt and Emma plugins.
The Technical Debt plugin is a great plugin to help a Project Manager see the changing need for extra time to "clean up" the code. It gives a rough time and resources estimate for resolving all violations and concerns highlighted by Sonar. Read more at http://www.sonarsource.org/evaluate-your-technical-debt-with-sonar/
The Emma plugin allows Sonar to use Emma for Code Coverage analysis, a free alternative to Clover.
To read more about how to use Sonar, please refer to their documentation site.