Sep. 2012
Welcome to the roundup of blog posts and pages that mentioned Sonar last month…
Improving Code Quality – Scheduling Technical Debt and the Bucket Parable
By Mike Van, 13 August 2012
Please read the previous post on improving code-quality using LCOM4 and Cyclomatic Complexity before reading this entry. Below I present two ways of thinking about technical debt in your organizations. The first is the old-school approach, and the second is the approach preferred once the vast amount of cyber-fraud was detected.
Separating Integration and Unit Tests with Maven, Sonar, Failsafe, and JaCoCo
By Jakub Holy, 2 August 2012
Goal: Execute the slow integration tests separately from unit tests and show as much information about them as possible in Sonar.
Sonar’s Quality Alphabet
By Patroklos Papapetrou, 31 August 2012
Sonar (by SonarSource.com) is getting more and more popular among developer teams. It’s an open source platform measuring software quality in the following 7 axes: Architecture and Design, Comments, Coding Rules, Complexity, Code Duplication, Potential Bugs, Unit Tests.
Improving Code Quality – LCOM4 and Cyclomatic Complexity
By Mike Van, 13 August 2012
One of the reasons that open-source software is so solid is that we use some of the most cutting-edge open-source code analytic-tools available to ensure our software does what we intend in a bug-free manner. In this post, I will talk about one tool we use, Sonar, and two specific metrics I’ve found useful in focusing the resolution of our technical debt.
Visualize JavaScript code quality and code coverage with Sonar
By Benjamin Seber, 8 August 2012
It is hard to imagine a web project without JavaScript code today. JavaScript is an easy to learn and very performant script language. In the past we have used JavaScript mostly for eye-candy and form validation. Recently we have been asked more often to implement complex user interfaces with trees, sortable tables and things like that. So we decided to rely more on JavaScript to improve the feedback of the website to user actions.
Welcome to the roundup of blog posts and pages that mentioned Sonar last month…
Improving Code Quality – Scheduling Technical Debt and the Bucket Parable
By Mike Van, 13 August 2012
Please read the previous post on improving code-quality using LCOM4 and Cyclomatic Complexity before reading this entry. Below I present two ways of thinking about technical debt in your organizations. The first is the old-school approach, and the second is the approach preferred once the vast amount of cyber-fraud was detected.
Separating Integration and Unit Tests with Maven, Sonar, Failsafe, and JaCoCo
By Jakub Holy, 2 August 2012
Goal: Execute the slow integration tests separately from unit tests and show as much information about them as possible in Sonar.
Sonar’s Quality Alphabet
By Patroklos Papapetrou, 31 August 2012
Sonar (by SonarSource.com) is getting more and more popular among developer teams. It’s an open source platform measuring software quality in the following 7 axes: Architecture and Design, Comments, Coding Rules, Complexity, Code Duplication, Potential Bugs, Unit Tests.
Improving Code Quality – LCOM4 and Cyclomatic Complexity
By Mike Van, 13 August 2012
One of the reasons that open-source software is so solid is that we use some of the most cutting-edge open-source code analytic-tools available to ensure our software does what we intend in a bug-free manner. In this post, I will talk about one tool we use, Sonar, and two specific metrics I’ve found useful in focusing the resolution of our technical debt.
Visualize JavaScript code quality and code coverage with Sonar
By Benjamin Seber, 8 August 2012
It is hard to imagine a web project without JavaScript code today. JavaScript is an easy to learn and very performant script language. In the past we have used JavaScript mostly for eye-candy and form validation. Recently we have been asked more often to implement complex user interfaces with trees, sortable tables and things like that. So we decided to rely more on JavaScript to improve the feedback of the website to user actions.
Sonar voor de architect (Dutch)
By Mylene Reiners, 23 August 2012
Ik hoop dat iedereen Sonar kent, een (voor mij) onmisbaar tool om de code kwaliteit van een project te meten. Echter: meten is leuk, maar wat moet je vervolgens met die waarden?
In deze post een eerste aanzet: de “package tangle index” en de “dependencies to cut”. Eigenlijk de twee belangrijkste metrics waar ik – als architect – me verantwoordelijk voor voel.
OCT-2012
By Patroklos Papapetrou, 21 September 2012
This article aims to show you how to quickly fix the most common java security code violations. It assumes that you are familiar with the concept of code rules and violations and how Sonar reports on them. However, if you haven’t heard these terms before then you might take a look at Sonar Concepts or the forthcoming book about Sonar for a more detailed explanation.
Nov-2012
By Migue Langel Oliver, 22 November 2012
On 15th of November the HTML5 Builder QA Team was in the VLCTesting where we learned very good experiences and shared knowledge, amongst this was the software Sonar, Right now in HTML5 Builder we are not using that tool but we found interesting to add a continuous inspection method to our continuous integration method and we decided to dig a little in that tool.
By Jean-Pierre FAYOLLE, 4 November 2012
My blog Qualilogy is almost one year old (at the end of the month), and I found that almost all the posts that I have written are about quality of code and applications and are intended primarily for two types of audiences: People familiar with the concepts of Quality, and the use of metrics, often beyond the field of code quality. They are often consultants or Quality managers, usually with the experience of various technologies and languages, able to interpret a dashboard and make audits. However, they are not all experienced in the use of code analysis tools, and sometimes feel that the J2EE world and Open Source tools are too technical for them.
Sonar & ABAP – What you need to know
By Jean-Pierre FAYOLLE, 10 November 2012
We started in the previous post this new serie about ABAP code analysis, with the help of Walter Strobl, Director of Quality in Vision IT and specialist of SAP environments. Today, we will see what is necessary to know to implement a process of ABAP code analysis with Sonar.
By Mylene Reiners, 23 August 2012
Ik hoop dat iedereen Sonar kent, een (voor mij) onmisbaar tool om de code kwaliteit van een project te meten. Echter: meten is leuk, maar wat moet je vervolgens met die waarden?
In deze post een eerste aanzet: de “package tangle index” en de “dependencies to cut”. Eigenlijk de twee belangrijkste metrics waar ik – als architect – me verantwoordelijk voor voel.
OCT-2012
Posted: 10 Oct 2012 05:42 AM PDT
Welcome to the roundup of blog posts and pages that mentioned Sonar last month…
Improving code quality with Sonar and Jenkins
By Stéphane Nicoll, 7 September 2012
Last year, we started an ambitious internal project and since we started more or less greenfield we thought it was a good opportunity to test and integrate new development methodologies. At the time we were already using Jenkins and Sonar but we felt we could get more from those tools and that they were definitely not the only things to consider to achieve our goal.
By Stéphane Nicoll, 7 September 2012
Last year, we started an ambitious internal project and since we started more or less greenfield we thought it was a good opportunity to test and integrate new development methodologies. At the time we were already using Jenkins and Sonar but we felt we could get more from those tools and that they were definitely not the only things to consider to achieve our goal.
Continuous Delivery Using Maven
By James Betteley, 3 September 2012
I’ve recently been working on a Continuous Delivery system using Maven as the build tool. Many people who have used Maven in the past might well consider it to be a poor fit for a Continuous Delivery model, but with a bit of perseverance, I think we’ve finally got the makings of a pretty good system, which I would like to share with you in this article.
Fixing common Java security code violations in SonarBy James Betteley, 3 September 2012
I’ve recently been working on a Continuous Delivery system using Maven as the build tool. Many people who have used Maven in the past might well consider it to be a poor fit for a Continuous Delivery model, but with a bit of perseverance, I think we’ve finally got the makings of a pretty good system, which I would like to share with you in this article.
By Patroklos Papapetrou, 21 September 2012
This article aims to show you how to quickly fix the most common java security code violations. It assumes that you are familiar with the concept of code rules and violations and how Sonar reports on them. However, if you haven’t heard these terms before then you might take a look at Sonar Concepts or the forthcoming book about Sonar for a more detailed explanation.
Natixis minimise sa dette technique (French)
By Bertrand Lemaire, 6 September 2012
En travaillant sur la qualité de son système d’information avec la méthode Sqale et le logiciel Open-Source Sonar, Natixis a réduit sa dette technique…
By Bertrand Lemaire, 6 September 2012
En travaillant sur la qualité de son système d’information avec la méthode Sqale et le logiciel Open-Source Sonar, Natixis a réduit sa dette technique…
Sonar’s Quality Alphabet
By Patroklos Papapetrou, 3 September 2012
If you’re a Sonar newbie then you might find this blog post very useful. On the other hand if you’re an experienced user then you can refresh your memory and what you’ve learned so far. Sonar’s Alphabet is not a user manual. It’s a reference to help you learn (and teach others) some basic terms and words used in the world of Sonar.
By Patroklos Papapetrou, 3 September 2012
If you’re a Sonar newbie then you might find this blog post very useful. On the other hand if you’re an experienced user then you can refresh your memory and what you’ve learned so far. Sonar’s Alphabet is not a user manual. It’s a reference to help you learn (and teach others) some basic terms and words used in the world of Sonar.
Sonar Rules !
By Stéphan Mestach, 3 September 2012
Post about advanced usage of Sonar rules and functionalities
By Stéphan Mestach, 3 September 2012
Post about advanced usage of Sonar rules and functionalities
Nov-2012
Posted: 14 Nov 2012 07:56 AM PST
Welcome to the roundup of blog posts and pages that mentioned Sonar last month…
Sonar at Eclipse.org !
By Mickael Istria, 8 October 2012
It’s been awhile since I started bugging around with having Sonar at Eclipse.org. But there has been a lot of progress recently, enough progress to share them in a blog post and get you start using Sonar. So let’s get started evangelizing the fight against technical debt.
By Mickael Istria, 8 October 2012
It’s been awhile since I started bugging around with having Sonar at Eclipse.org. But there has been a lot of progress recently, enough progress to share them in a blog post and get you start using Sonar. So let’s get started evangelizing the fight against technical debt.
BSB Develops Innovative IT Solutions for the Finance Sector, Raises Product Quality By Analyzing 5.75 Million LoC with Sonar
By Stéphane Nicoll, 15 October 2012
BSB is a provider of business solutions and IT services for the finance sector. In 2009, BSB implemented Sonar to analyze and manage the code quality of its core software framework, used by more than 80 developers in three countries. Today, BSB’s Sonar implementation analyzes more than 5.75 million LoC daily.
By Stéphane Nicoll, 15 October 2012
BSB is a provider of business solutions and IT services for the finance sector. In 2009, BSB implemented Sonar to analyze and manage the code quality of its core software framework, used by more than 80 developers in three countries. Today, BSB’s Sonar implementation analyzes more than 5.75 million LoC daily.
SonarSource Newsletter, Issue #3
By SonarSource, 9 October 2012
Welcome to our third newsletter. We’re pleased to announce the launch of Sonar 3.2, which adds new languages and productivity features. Some of the key new features in Sonar 3.2 include complete support for C++ and Python, PDF reporting and enhancements to administration tools. Keep reading to find out more about these and other newsworthy items.
By SonarSource, 9 October 2012
Welcome to our third newsletter. We’re pleased to announce the launch of Sonar 3.2, which adds new languages and productivity features. Some of the key new features in Sonar 3.2 include complete support for C++ and Python, PDF reporting and enhancements to administration tools. Keep reading to find out more about these and other newsworthy items.
Technical Debt Sonar Analysis
By John Heintz & Israel Gat, 10 October 2012
Presentation of Technical Debt at Austin JUG
By John Heintz & Israel Gat, 10 October 2012
Presentation of Technical Debt at Austin JUG
Improve and measure your code with Sonar
By GetStreaming, 2 October 2012
I recently started to measure the code quality of my projects. Sonar is a popular tool for this, it basically scans your (Java) source code and gives you various different metrics regarding code size, quality and improvements. See this sample screen for the Apache project…
By GetStreaming, 2 October 2012
I recently started to measure the code quality of my projects. Sonar is a popular tool for this, it basically scans your (Java) source code and gives you various different metrics regarding code size, quality and improvements. See this sample screen for the Apache project…
Through the eyes of sonar: Immutable Objects
By Stéphan Mestach, 29 October 2012
Sonar is an open platform to manage code quality. Sonar is combining various java quality tools and collect these possible defects as violations. Let’s see how sometimes we misuse immutable objects.
By Stéphan Mestach, 29 October 2012
Sonar is an open platform to manage code quality. Sonar is combining various java quality tools and collect these possible defects as violations. Let’s see how sometimes we misuse immutable objects.
An insight into sonar plugin development
By Sumit Bisht, 31 October 2012
In the recent months, I’ve been involved in developing a language plugin for sonar that displays different metrics for a specified language. I am writing this post as there is not much content available for this topic even when sonar is a widely popular tool.
Dec-2012 By Sumit Bisht, 31 October 2012
In the recent months, I’ve been involved in developing a language plugin for sonar that displays different metrics for a specified language. I am writing this post as there is not much content available for this topic even when sonar is a widely popular tool.
Posted: 06 Dec 2012 04:40 AM PST
Welcome to the roundup of blog posts and pages that mentioned Sonar last month…
Working with Dependencies to Eliminate Unwanted Cycles
By Patroklos Papapetrou, 8 November 2012
Dependency Structure Matrix (DSM) is a flexible, colorful and easy-to-use feature that lets you browse dependencies on every level of your projects. You can access it by clicking on any metric on dashboard package widget. This article will show you at first how to navigate the DSM. Then, we’ll show you how to “read” the DSM in order to spot dependencies between software components. We hope that at the end of the article working with dependencies and eliminating cycles will be a piece of cake for you.
By Patroklos Papapetrou, 8 November 2012
Dependency Structure Matrix (DSM) is a flexible, colorful and easy-to-use feature that lets you browse dependencies on every level of your projects. You can access it by clicking on any metric on dashboard package widget. This article will show you at first how to navigate the DSM. Then, we’ll show you how to “read” the DSM in order to spot dependencies between software components. We hope that at the end of the article working with dependencies and eliminating cycles will be a piece of cake for you.
Can you use SAP NetWeaver Cloud to run… Sonar?
By Tobias Hofmann, 14 November 2012
may sound easy, but, actually, Sonar is not a pure Java application. It makes extensive use of Ruby. To be able to run sonar under Neo, it needs be converted to run under Java / JRuby on Tomcat and be able to connect to the Neo database => increasing the complexity.
By Tobias Hofmann, 14 November 2012
may sound easy, but, actually, Sonar is not a pure Java application. It makes extensive use of Ruby. To be able to run sonar under Neo, it needs be converted to run under Java / JRuby on Tomcat and be able to connect to the Neo database => increasing the complexity.
Visualize JavaScript code quality and code coverage with Sonar – part 2
By Benjamin Seber, 22 November 2012
In my previous post I wrote about the Sonar JavaScript-Plugin, JsTestDriver, jstd-maven-plugin and some problems with the configuration. Meanwhile we’ve got a working setup which I want to explain in this blog. For the impatient ones among us, there is a sample project available on github…
Installing Sonar for DelphiBy Benjamin Seber, 22 November 2012
In my previous post I wrote about the Sonar JavaScript-Plugin, JsTestDriver, jstd-maven-plugin and some problems with the configuration. Meanwhile we’ve got a working setup which I want to explain in this blog. For the impatient ones among us, there is a sample project available on github…
By Migue Langel Oliver, 22 November 2012
On 15th of November the HTML5 Builder QA Team was in the VLCTesting where we learned very good experiences and shared knowledge, amongst this was the software Sonar, Right now in HTML5 Builder we are not using that tool but we found interesting to add a continuous inspection method to our continuous integration method and we decided to dig a little in that tool.
Sonar OWASP Plug-in
By Meera Subbarao, 19 November 2012
I have done several demos to clients on Sonar. Last week, I did a Brown Bag @ Cigital on Sonar. As I was preparing the Virtual Machine which I created for Sonar, I noticed the OWASP Plug-in. I downloaded the trial version and ran analysis on a few projects. As I was doing the demo, several of our Consultants @ Cigital had tons of questions about how this plug-in worked. Remember, Cigital helps companies improve the security of our clients most reliable applications. :)
By Meera Subbarao, 19 November 2012
I have done several demos to clients on Sonar. Last week, I did a Brown Bag @ Cigital on Sonar. As I was preparing the Virtual Machine which I created for Sonar, I noticed the OWASP Plug-in. I downloaded the trial version and ran analysis on a few projects. As I was doing the demo, several of our Consultants @ Cigital had tons of questions about how this plug-in worked. Remember, Cigital helps companies improve the security of our clients most reliable applications. :)
Use Sonar to Combine Surefire Tests and Failsafe Tests Coverage in a Multi-Module Project
By David gadget, 23 November 2012
As you might already know, using Sonar one can measure code coverage by Unit Tests (UTs) on a maven project. Even better, in multi-module projects, coverage is aggregated at parent-module’s level. That’s great! However, lots of use cases are not covered by this basic behaviour. What if you have UTs in a module covering code in another module? What if a module contains Integration Tests (ITs) that cover, by nature, code in lots of modules? What if those tests are run with maven failsafe plugin?
Sonar & ABAPBy David gadget, 23 November 2012
As you might already know, using Sonar one can measure code coverage by Unit Tests (UTs) on a maven project. Even better, in multi-module projects, coverage is aggregated at parent-module’s level. That’s great! However, lots of use cases are not covered by this basic behaviour. What if you have UTs in a module covering code in another module? What if a module contains Integration Tests (ITs) that cover, by nature, code in lots of modules? What if those tests are run with maven failsafe plugin?
By Jean-Pierre FAYOLLE, 4 November 2012
My blog Qualilogy is almost one year old (at the end of the month), and I found that almost all the posts that I have written are about quality of code and applications and are intended primarily for two types of audiences: People familiar with the concepts of Quality, and the use of metrics, often beyond the field of code quality. They are often consultants or Quality managers, usually with the experience of various technologies and languages, able to interpret a dashboard and make audits. However, they are not all experienced in the use of code analysis tools, and sometimes feel that the J2EE world and Open Source tools are too technical for them.
Sonar & ABAP – What you need to know
By Jean-Pierre FAYOLLE, 10 November 2012
We started in the previous post this new serie about ABAP code analysis, with the help of Walter Strobl, Director of Quality in Vision IT and specialist of SAP environments. Today, we will see what is necessary to know to implement a process of ABAP code analysis with Sonar.
Sonar & ABAP – The questions
By Jean-Pierre FAYOLLE, 18 November 2012
We continue our series on the analysis of ABAP code. We have seen in the previous post what you need to know about the SAP technology and ABAP code. We will now list the questions to ask to the project teams in order to prepare the extraction of code, the analysis and their organization in the Sonar dashboard.
By Jean-Pierre FAYOLLE, 18 November 2012
We continue our series on the analysis of ABAP code. We have seen in the previous post what you need to know about the SAP technology and ABAP code. We will now list the questions to ask to the project teams in order to prepare the extraction of code, the analysis and their organization in the Sonar dashboard.
Sonar & ABAP – The use cases
By Jean-Pierre FAYOLLE, 25 November 2012
Let’s continue the previous post about the questions to prepare for the implementation of a process of analysis of ABAP code, which we have seen that it was largely based on use cases. So I invited again Walter, Quality Director of Drago Solutions, who accompanied us since the beginning of this series of articles, to answer a few questions about this subject.
By Jean-Pierre FAYOLLE, 25 November 2012
Let’s continue the previous post about the questions to prepare for the implementation of a process of analysis of ABAP code, which we have seen that it was largely based on use cases. So I invited again Walter, Quality Director of Drago Solutions, who accompanied us since the beginning of this series of articles, to answer a few questions about this subject.
No comments:
Post a Comment