Source code analysis is not an end in itself, but a means to an end

by freddy mallet|

    A lot of work was done during the last 40 years to enable the emergence and formalization of models in order to evaluate software quality. SEI Maintainability Index and ISO 9126 standard (9126-3 for source code quality) are the results of several decades of research. Those models bring value in the field of software analysis and they should be respected for that. When discussing source code quality, I often see people referring to those models as bibles. They do not make their own judgment and sometimes simply forget to use the models with common sense.

    About a year ago, I met an expert in charge of implementing a commercial tool to evaluate source code quality. After he explained to me the advanced model used to calculate metrics on usability, reliability, maintainability... I asked him a naive question : how do you integrate Continuous Integration (CI) and Test Driven Development (TDD) practices or even latest emerging object oriented metrics in your quality evaluation process ? The answer came straight back with a smile : "that is a developer thing". In other word, the model is the model and should be taken as is.

    But what's about evolution of practices, improvement of build infrastructure and new languages ? Should it simply be ignored when evaluating the quality of source code with a model that was established 15 years ago ?

    I have been working on Sonar for several years now and I do believe in the product and do see the value that the platform brings to development teams on a daily basis. But increasing the quality of development does not simply consist in analyzing the source code quality.The approach we prone is very much Return On Investment oriented. At any time, you should know what is the next action you are going to take base on ROI. Now that I have implemented a solid development infrastructure including a CI engine, now that TDD is part of the culture of developers, now that functional traceability is part of my process, I can focus on improving quality of the source code and have a real action plan.

    We call it : walking before you can run !