What tools do you use to static analysis and to check the code quality?

What tools and approaches are you using to static analysis and to check the code quality in your development and automation projects?

Iโ€™m learning about this subject and I would like to know some use cases.

Also, I found this interesting repository: https://github.com/mre/awesome-static-analysis

Thanks.

Never used it myself but I had colleagues who swear by Microsoft FX Cop

1 Like

We use SonarQube; devs can use the tools built-in to Visual Studio as well.
As a tester, I look at the analysis and see:

  • Where code has changed a lot (churn) -> prone to bugs
  • Where code coverage is lacking -> help to fix that or find bugs there
  • Where โ€œbugsโ€ or โ€œsmellsโ€ are as identified by the tool
  • Where we see cyclomatic complexity and make sure weโ€™ve covered every scenario
  • Where code has been duplicated -> prone to regressions, needs to be consolidated
1 Like