Monday, July 27, 2015

.NET Code Quality Analysis with NDepend: 1 - Introduction

This post is part of a series of posts which I will do on the tool NDepend ( http://www.ndepend.com/ ). NDepend is the most advanced tool ( that I know of ) for analyzing .NET code quality. 

I've been asked to review the new version of NDepend: NDepend 6.0. It's available for download from the website and although I'm not an NDepend expert (yet) I can tell that it gives you a lot of deep insights on your code quality. If you're serious about code quality, I think you should have this in your toolchain.

Over the last weekend I've been thinking hard about how I'll approach this, because I've never been asked to review anything. Also - I'm very much honored and flattered by the fact that mr. Patrick Smacchia himself ( https://www.youtube.com/watch?v=vjXSg_FkR8I ) contacted me to review NDepend and gave me a pro license. I must admit: I'm a bit afraid to disappoint now.

I decided to give it my best shot, because I'm very interested in code quality. Mr. Bob C. Martin ( 'uncle Bob' ) is very high on my list of software engineering idols and I'm happy to say that I attended his talks at NDC Oslo 2014.

So - what I'll try to do go back and think how I think about and deal with code quality and how I would therefore use this tool. Therefore, this series of posts will probably not be full review of all the features in NDepend, but a walkthrough of how I use the tool and what conclusions I will draw from it's analyses.

What am I currenlty doing for code quality?
Let's quickly look at what I'm currently doing for code quality.

  1. StyleCop
    Actually, I'm using style cop with ReSharper to check for comments, indentation, methods, class layout, naming conventions etc. This is not real code quality analysis, but it does help with more maintainable code if you stick to certain conventions.
  2. Run Code Analysis on Solution (alt-F11).
    This will analyze the code and give an overview of the violations. So this is also a static analysis tool built into Visual studio. You can also run it during the build process, so that you see the errors and warnings in Visual Studio or on the CI server output.
  3. Calculate Code Metrics
    Like the previous method - this is available when you right-click on the solution file. This will calculate a maintainability index and the cyclomatic complexity, among other things. 
  4. User SonarQube
    I've integrated it with our build process and it runs code analysis on every build. It's a blogpost by itself - so check it out here: http://www.sonarqube.org/ 

However - I want to take this to the next level and do some serious cool analysis with NDepend. I've thought of two bigger posts: 
  1. In the first post I'll take you through analysing a codebase that ( IMHO ) has room for improvement. I'm going to analyse it, and see if my hunches can be visualised with NDepend, whether I'm missing things or whether I'm wrong.
  2. Then I'll run it over my latest series of assemblies that I've worked on and see how I score myself and what I need to improve to become a better dev. That's going to be painful ... 
So stay tuned for these posts !

No comments:

Post a Comment