Expert system for source code analysis and improvements



Shane Gau

Lead Digital Transformation Consultant

Take a look at why Softarex is the best choice for creating custom-tailored applications, new products, and individual services. Schedule a live demo with Shane Gau, our Lead Digital Transformation Consultant, who will answer your questions and describes how Softarex can help your business grow bigger?

Call Duration 30 min

Time Zone

    • Skype
    • Hangouts
    • Zoom
    • Phone




    You have successfuly scheduled a
    demo with Shane Gau

    Date & Time

    Call Duration

    Means of Communication

    Alexander Lipanov, PhD in Computer science, Softarex Technologies Inc

    What is a modern code quality?

    It is well known that quality assurance is a crucial step in the software product lifecycle. And it is not
    surprising that there are plenty of sophisticated concepts, approaches, standards (including ISO), models,
    methods, and tools aimed at facilitating and improving the testing processes. At first glance, all software
    developers and QA teams are free to choose whatever they like or whatever best fits their internal workflows.

    However, there are two major problems that still exist:

    • The first problem is that most of these methods, standards, and tools are more about formal QA indicators,
      such as functionality, performance, reliability, and security, rather than source code quality, such as
      extendibility, scalability, reusability, understandability, compliance with the object-oriented paradigms,
      and so on.
    • The second problem is that even formal checks of the source code quality and possible improvements are
      often difficult and time-consuming and, therefore, many QA teams are forced to minimize them or even
      skip entirely.

    Unfortunately, the importance of source code quality is often underestimated by many software companies
    that focus on saving development costs and reducing time-to-market. But we still believe that clear,
    concise, and supportable source code is a cornerstone of each premium-quality software product. This
    basic concept has laid the foundation of our flagship product, codeNforcer.

    How can codeNforcer help?

    Our codeNforcer is a powerful QA system for both centralized and
    distributed teams with a focus on source code quality and improvements.

    Basically, it offers three large groups of indicators (or metrics) that represent the results of source code
    analysis and provides you with a comprehensive picture of the source code quality:

    • Statistical metrics – this group contains metrics that assess the number of entities on the
      application level and on the method level. Statistical metrics, in turn, comprise two subgroups, which are
      quantitative metrics and complexity metrics. The quantitative metrics indicate the number of
      classes, methods, structures, interfaces, lines of code, number of comments, etc., while the complexity
      metrics are calculated using special formulas, including various algorithm complexity evaluations.

      The entities supported on the application level include: packages, namespaces, types, classes,
      interfaces, structures, methods, properties, fields, lines of code and lines of comments, density of
      comments, public data percentage, Halstead complexity, and more.

      The entities supported on the method level include parameters, overloads, functions, and more.

      Statistical metrics are provided for source code written in Java, C++, C#, and PHP. Most of them are
      language-specific, as shown in the table below:

    • Object-oriented metrics – this group contains metrics that assess the compatibility with the
      object-oriented paradigms: coupling, afferent/efferent coupling, instability, relational cohesion,
      distance from main sequence, abstractness, association between classes, cyclomatic complexity, depth
      of inheritance tree, etc. Just like the statistical metrics, most object-oriented metrics are also

    • CISQ metrics – these are the traditional QA indicators proposed by the Consortium for IT Software
      Quality (CISQ), such as Reliability, Performance Efficiency, Security, and Maintainability.
      CodeNforcer providing abilities for source code checking with using CISQ metrics and show all
      CISQ metrics violations for Reliability, Performance efficiency, Security and Maintainability.

    Certainly, many of the above-mentioned indicators are not the common purpose and sometimes not so informative,
    but taken generally and with all their mutual dependencies, they can give very useful insights to QA teams.

    Tools for source code analysis in CodeNforcer

    In addition to a variety of source code quality metrics, CodeNforcer provides a powerful set of tools for QA
    checks and source code improvements. These include:

    • Code review tools – convenient software modules for automatic and semi-automatic assessment of
      large and sophisticated source code, when manual checks are too hard or time-consuming to perform.

    • Source code style checkers – tools that automatically check the source code for style errors.
      Most development teams and companies have their own style guides that must be strictly followed by
      each developer, since the style is not about code aesthetics – it’s about code readability. CodeNforcer
      can help maintain the proper style of the entire source code and even automatically correct certain errors, e.g. remove unnecessary variables and unused methods, as well as resolve security issues in SQL constructions and event handlers.

    • Tools for architecture quality checks – these tools are used for the proper assessment of the
      software architecture quality that is always a challenge especially when you need to restructure the
      basic design of your software without losing any of its features. CodeNforcer provides everything
      you need to objectively assess and seamlessly restructure the application design without sacrificing its
      functionality or performance.

    And how do all of the above work together?

    codeNforcer integrates all of the features described above into a
    streamlined and easily configurable workflow shown in the picture below.

    If you want to quickly get started with codeNforcer and perform a rapid,
    yet thorough, check of your source code base, this workflow is just for you. And once all the checks are
    finished and all the improvements are done, the source code can be easily submitted to your GitHub, Git or
    TFS repository directly from CodeNforcer