7.3. How to Integrate Static Analysis into Your Process
A number of static analysis tools (and all of the specific ones discussed previously) are built to be integrated into an automated build process. However, you need to think carefully before you take that step. To integrate a tool like NDepend into a Continuous Integration build process, you must be cautious about which metrics you include. Will a report from every build on afferent versus efferent coupling be useful? Or confusing? Is every member of the team likely to benefit from the information? Will you fail the build if afferent coupling gets too high? Probably not.
Other metrics, such as cyclomatic complexity or percentage of comments, might make more sense to include as part of a CI build process. It is perfectly reasonable to set a threshold for cyclomatic complexity and fail the build if that threshold is exceeded. You want the whole team to be alerted if a method with a CC number of 50 suddenly shows up — that is something that is worth reporting and failing the build on, in order to draw immediate attention to it and get it fixed. The same might be true of percentage of comments. That is a measure of how many lines of comments your application contains in relation to the total number of lines. If that number suddenly declines, it means that your developers have stopped commenting their code. Better to know about it right away and get it fixed.
Another thing that can form a useful part of a CI build report is an ...
Get Code Leader: Using People, Tools, and Processes to Build Successful Software now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
