Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - February 2011

Thursday February 10th, 2011

The Good Old Way...

The JUGL Way

  A head-to-head live comparison   But don’t expect any winner...

  A quick overview of the market   The leading products (*)   Showcased by experts

  An introduction to software assessment and software quality management

  A first contact with vendors   If you would like to start tomorrow...

(*) CAST, a clear leader, is missing. They unfortunately declined our invitation.

Tonight « Wrestlers »

Alan Perkins Sales Engineering Manager EMEA

Chris Chedgey CEO

Bogdan Czwartkowski Professional Services Manager

Freddy Mallet Co-director & co-founder

Henri Tremblay Senior Architect

Their Mission

  No fluff just stuff   A maximum of time dedicated to demos, 2-3 slides max.

  Have each vendor assess the same application   An open-source application

  Select an application close to (y)our daily work   A web application, not a framework

  All issues are interesting   At all levels: code correctness, logic, architecture, performance...   In all codes: Java code, DB code and schema, HTML/CSS...   Detected in any ways, static or dynamic

The Target

“ IceScrum is an J2EE application for using Scrum while keeping the spirit of a collaborative workspace ”

IceScrum: www.icescrum.org Scrum Alliance: www.scrumalliance.org

Some Background and Architecture

IceScrum 1: Desktop application in Java / Swing

IceScrum 2: Web application in Java / JSF

IceScrum 3: Web application in Grails

Link to SVN repository on SourceForge

JSF / IceFaces

Spring

Hibernate M

Agenda

  Introduction: 5 minutes

  20 minutes by vendor to assess IceScrum2, in this order:   Sonar   Parasoft   XDepend   Headway   Coverity

  Discussion panel: 20 minutes

  Conclusion: 5 minutes

  Aperitif

You are here

  Aperitif

Agenda

You are here

SONAR - Dashboard

SONAR - SQALE Quality Model

  Aperitif

Agenda

You are here

Parasoft JTest - Metrics

Parasoft JTest – Static Analysis

Parasoft JTest – Duplications

Parasoft JTest – Flow Analysis

Parasoft JTest – Runtime Error Detection

  Aperitif

Agenda

You are here

XDepend - Fonctionnalités

Fonctionnalités Support Règles de nommage ✓ Règles d'architecture ✓ Structure du code ✓ Erreur de logique ✗ Analyse dynamique ✗ Intégration des tests ✓ Intégration continue ✓

Fonctionnalités Support Intégration IDE ✗ Historique ✓ Langage de requêtage ✓ Implémentation de nouvelles règles

Règles de sécurité ✗ Dashboard pour le manager

Richesse de l‘éco-système

Prix: 299 € dégressif en fonction du nombre de licences

XDepend - Vue principale

XDepend - Métriques

  Aperitif

Agenda

You are here

  Aperitif

Agenda

You are here

This session has not been recorded according to Coverity’s will !

Coverity Integrity Center

Precision Software Analysis Across Lifecycle

• Increase customer satisfaction by eliminating product delays and recalls caused by software problems

• Speed time to market by making software changes faster and with less risk

• Innovate rapidly by reducing time developers spend fixing software design, code, and delivery problems

Steps To Mitigate Risk

Code base

Project 1

Project 3

Project 2

Browse code

Integrity Analysis Engine

Scan your software

Find priority defects List of Defects

_  10001 critical _  10002 major _  10003 major _  10004 critical _  10005 major

Impact Rankings

Map defect impact

Fix priority defects

Report defect remediation

PRODUCTS

Mainline/Trunk/Head/Development

2.4 release

2.4.1 release

2.6 release

2.6.2 release

2.6.2.1 release

Merge fix

Defect in the original development branch and never fixed affects all products

Defect introduced in a release branch before a merge

Defect introduced in a release branch after a merge

Shared Code Branching & Defect Impact

2.4 release

2.4.1 release

2.6 release

2.6.2 release

2.6.2.1 release

Branch of a codebase: Project 2.4 2 streams

Analyze 2.6, 2.6.2 and 2.6.2.1 releases

2.4 release

2.4.1 release

2.6 release

2.6.2 release

2.6.2.1 release

Branch of a codebase: Project 2.4 2 streams

Common Defects are merged by CIM

Stream 1

Stream 2 Project 2.6

Stream 3

Agenda

  Aperitif

You are here

Agenda

  Aperitif

You are here

What the IceScrum Team Says

  Pain points – Interview with Vincent Barrier   Much pain with JSF

  SW architecture leading to difficult and costly evolutions

  Strong performance issues

  Tooling issues (m2 plugin)

  Difficulty to take new developers on board

  Heterogeneous code and quality issues

Share It!

  Find these + the vendors’ slides on the JUGL web site   http://jugl.ch

  Live it on Parleys   http://parleys.com/#id=102931&st=4

  React and follow further discussions on Twitter   #jugl or @cyrilpicat

  Read Kalistick report and SQuORING report on IceScrum2

http://bit.ly/eB7oRM

http://bit.ly/gDtmnj

Agenda

  Aperitif

You are here

Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - February 2011

Technology

Transcript of Session dédiée à l'analyse de la qualité du code Java - Cyril Picat - February 2011

February 2015 french

Texworld Paris February 2012 Act 1

"Very Fake Store" Cyril le Van

Aw february 2014 french

Romain DIDIO / Cyril FOURNIER

Cyril Billard - La Rose-Croix[1]

LLG corporate presentation february 2017 francais

Btp 07-2015 (February)

MED-Amin Newsletter n°2 - February 2015

02 february 2013 / clippings

Monte Carlo Journal N°8-february-2013

Freshwater News February 2010 French

Cyril Fiévet - Comprendre Bitcoin

DG 1 French February 2010

GPO 2008 Server - Tintillier Cyril

Templavoila_framework Une révolution 30.06.2011 Cyril Wolfangel.

Journée dédiée à l’ESS

Dossier Veille DéDiéE 4

Présentation Cyril Paglino - Atelier FrenchWeb

February 2015 investor presentation fr