We as professional software developers or better Software craftsman are proud of out work. When the product is finished we are delivered a working application that complies to all requirements specified, the functional, non-functional and last but not least of coding standards.
There are plenty of articles that define some form of coding standard is important. It does not matter if you use the Sun code conventions, Maven conventions or some other ‘obscure’ definition. As long as you follow it you are in the clear.
In the wild there are quite a few tools that allow you to verify if the conventions are implemented correctly see the wiki page for a (incomplete?) list of tools available. I think the one of the most popular tools currently is Sonar. Integrated are i.e. CheckStyle, PMD and plugins are available to add others as well.
The current project also uses more formal analysis, SIG. They perform code analysis based on a scientific model. This model (Maintainability model) scores a set of source files. The maximum score you can receive is a 5 start rating (actually the figure assigned can be a 5.5). The model implements the ISO/IEC 9126 specification.
YES, there is a scientific model that allows me to prove in a scientific manner that the application is sound, both on a coding and architectural level. Lets provide the management team with the data provided by this organization. I run the analysis on a weekly basis and I have proof that the software is good and follows all the best practices available on the market. I might even ask for a raise when my application reaches a 4 (5) star rating.
Sounds cool doesn’t?
Well actually it’s not! Both Sonar and SIG are implemented in the company of my current employer. Sure the tools helps us to identify issues. Not following coding guide lines on stuff like code formatting is proving help full and reduces the amount of effort required to merge code, PMD finds basic bugs. More are there benefits but from my point of view those are side effects.
Its is fairly simple to satisfy both Sonar and SIG. For example test coverage is something that is hot (Just have a look at the TDD movement). Both use explicit figures about the test ability of the code. It’s simple to deliver code for the tools to analyse that pass this test with a 100%/5 star score. Is the test code useful? I don’t know, are there asserts in the unit tests, and if so are those asserts useful?
Readability, there are no tools available today that provide any statement of the code at hand. Personally I find that readability of the code is the most important thing there is. A logic part has preference to be readable over syntactically correctness.
Translations, currently the documentation used in the company is both Dutch and English. This combined with non-native Dutch speakers in the team you get creative translations and spelling of terms. Me as a native speakers are confused at times by them (again no tool can find this).
A funny thing happens though when tools like these are in place. When known to a broader public they start talking about it. Among developers in general that is some form of proud when the scores are good. They are the users of the tooling and know how to interpret the numbers in there. A not so funny thing is that the tools get known in the management circle.
Nothing against management, but in general they no jack about developing software. Interpreting the numbers is a specialism and do not stand on their own. For example having duplication in your code can (or rather should) be for a very specific reason. Both tools are quite harsh when reporting duplication. So I have a project that has code duplication and I do have a very good reason to do this. My scores from the tools degrade (big time) and before I know it a walk to the manager is required.
The manager wants an explanation why there is so much code duplication. After elaborating about the reasons I get send home with the assignment to remove all duplication from the code base!? Since when dictates the manager how the software is developed. There is a team of developers, architects and testers behind it. My assumption is that they DO know how to build a software system.
Tool for management or development!?
Primarily the tools are to be used by the development teams. Overall the numbers from the tools can be reported to management. Remember they are not the only absolute truth about the code. When numbers are deviating from the standards set, explanation has to be provided.
I may sound that I disapprove of the tools and the numbers generated. In fact I’m not. It provides a confirmation of the feeling you have when browsing through the code. Numbers that below the goal set in general are a good signal for code smells. But high ratings do not and I repeat do not indicate that the software is of a high quality. (chances diminish with good scores but still).