end to end quality
play

End to End Quality with the Sonar Ecosystem and the Water Leak - PowerPoint PPT Presentation

Aug 11, 2023 •157 likes •553 views

End to End Quality with the Sonar Ecosystem and the Water Leak Metaphor G. Ann Campbell @GAnnCampbell | ann.campbell@SonarSource.com @SonarLint | @SonarQube | @SonarSource SonarLint Leak Period Quality Gate 20+ Languages The <3 of the

  1. End to End Quality with the Sonar Ecosystem and the Water Leak Metaphor G. Ann Campbell @GAnnCampbell | ann.campbell@SonarSource.com @SonarLint | @SonarQube | @SonarSource

  2. SonarLint Leak Period Quality Gate

  3. 20+ Languages

  4. The <3 of the ecosystem Static Analysis

  5. What is Static Analysis? Analyzing code, without executing it!

  6. A Means to an End Detecting Bugs, Vulnerabilities, and Code Smells

  7. Why use Static Analysis Catch new problems ASAP ● the longer it takes to catch a bug, the more it costs ● no one writes perfect code every time ● rule description and precise issue location cut research time

  8. Why use Static Analysis Changing A might have added bugs in B ● peer review misses new issues in untouched code ● static analysis is machine-assisted code review; it looks at every file every time

  9. Why use Static Analysis Provide coaching ● language best practices ● team coding style

  10. SonarSource’s Toolbox

  11. Lexical Analysis Only two things are infinite, the universe and human stupidity, and I am not sure about the former.

  12. Syntactic Analysis Only two things are infinite, the universe and human stupidity, and I am not sure about the former. Subjects Verbs Albert E.

  13. Semantic Analysis Only two things are infinite, the universe and human stupidity, and I am not sure about the former. Albert E.

  14. Semantic Analysis Only two things are infinite, the universe and human stupidity, and I am not sure about the former. Albert E.

  15. Beyond Semantic: Symbolic Execution Object myObject = new Object(); if(a) { myObject = null; } ... if( !a ) { ... } else { myObject.toString(); }

  16. Beyond Semantic: Symbolic Execution Object myObject = new Object(); if(a) { myObject = null; } ... if( !a ) { ... } else { myObject.toString(); } //NPE

  17. Beyond Semantic: Symbolic Execution Object myObject = new Object(); Program State#0 myObject != null if(a) { myObject = null; } ... if( !a ) { ... } else { myObject.toString(); } //NPE

  18. Beyond Semantic: Symbolic Execution Object myObject = new Object(); Program State#0 myObject != null Program State#2 myObject = null a = true if(a) { myObject = null; } Program State#1 ... myObject != null a = false if( !a ) { ... } else { myObject.toString(); } //NPE

  19. Beyond Semantic: Symbolic Execution Program State#1 Program State#2 myObject != null myObject = null a = false a = true ... if( !a ) { ... } else { myObject.toString(); // NPE }

  20. Beyond Semantic: Symbolic Execution Program State#1 Program State#2 myObject != null myObject = null a = false a = true ... if( !a ) { ... } else { myObject.toString(); // NPE }

  21. Beyond Semantic: Symbolic Execution Program State#1 Program State#2 myObject != null myObject = null a = false a = true ... if( !a ) { ... } else { Program State#4 myObject = null a = true myObject.toString(); // NPE }

  22. SonarAnalyzer for Java and JavaScript Cross-Procedural Analysis

  23. What is Static Analysis ? Analyzing code, without executing it. by (symbolically) executing all possible paths!

  24. Symbolic Execution Almost Everywhere ▪ SonarAnalyzers for C#, C/C++, Java, and JS ○ Dereferences of Null Pointers ○ Unconditionally True/False (sub)conditions ○ Division by zero ○ Resource leaks ■ Unclosed resources (Java) ■ Unreleased memory (C/C++) ○ Double free (C/C++)

  25. Fewer slides, more code!

  26. Full Cycle Full Analysis IDE SonarQube

  27. Full Cycle IDE SonarQube

  28. Fix the Leak SonarLint Leak Period Quality Gate

  29. Reimbursing the Debt

  30. This is Hard ▪ Total amount of Technical Debt can be depressing ▪ How to get a budget to fix old Technical Debt? ▪ Risk of injecting functional regression ▪ This is not fun!

  32. Project Homepage

  33. Project Homepage: Leak Period

  34. Fix the Leak SonarLint Leak Period Quality Gate

  35. Quality Gate

  36. Project Homepage: Quality Gate

  37. Quality Gate

  38. Fix the Leak SonarLint Leak Period Quality Gate

  39. Thanks! G. Ann Campbell @GAnnCampbell | ann.campbell@SonarSource.com @SonarLint | @SonarQube | @SonarSource

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 QUALITY ASSURANCE - PROCESS QUALITY METRICS PREREQUISITES Top management commitment

1 QUALITY ASSURANCE - PROCESS QUALITY METRICS PREREQUISITES Top management commitment

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and Objective quality component: properties that can certification be measured or approximated objectively

237 views • 5 slides
The objective of harvesting is to pick the fruits at the proper stage of maturity, Genetic

The objective of harvesting is to pick the fruits at the proper stage of maturity, Genetic

4/2/2012 Importance of Quality Influence of Post-Harvest Operations, Packaging The word quality of fresh fruits is used in various ways: (i) market quality (ii) edible quality, (iii) shipping quality, (iv) table quality, (v) nutritional and

401 views • 6 slides
1 QUALITY CONTROL QUALITY ASSURANCE Controlling the software development process

1 QUALITY CONTROL QUALITY ASSURANCE Controlling the software development process

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and Objective quality component: properties that can certification be measured or approximated objectively

228 views • 7 slides
1 Measuring quality Costs of quality assurance Is it possible to quantify software

1 Measuring quality Costs of quality assurance Is it possible to quantify software

Key Points Many different characteristics of quality Quality Assurance and Testing Importance of having independent quality assurance from development The deliverable of QA is information CSE 403 Write it down Lecture 22 QA

359 views • 5 slides
New quality paradigm: New quality paradigm: Quality by Design Quality by Design ICH

New quality paradigm: New quality paradigm: Quality by Design Quality by Design ICH

New quality paradigm: New quality paradigm: Quality by Design Quality by Design ICH Q8- -9 9- -10 10 ICH Q8 QWP: Quality Assessors Training, 26-27.10.09 Evdokia Korakianiti, PhD Quality Sector, EMEA Overview Overview

631 views • 41 slides
Software Quality &amp; Software Quality Assurance p. 1 Software Quality A definition of

Software Quality &amp; Software Quality Assurance p. 1 Software Quality A definition of

Software Quality &amp; Software Quality Assurance p. 1 Software Quality A definition of quality should emphasize three important points: 1. Software requirements are the foundation from which quality is measured. Lack of conformance to

326 views • 13 slides
Quality Systems Frameworks SE 350 Software Process &amp; Product Quality 1 What is a Quality

Quality Systems Frameworks SE 350 Software Process &amp; Product Quality 1 What is a Quality

Quality Systems Frameworks SE 350 Software Process &amp; Product Quality 1 What is a Quality System? An organization uses quality systems to control and improve the effectiveness of the processes used to deliver a quality product or service

501 views • 24 slides
Air Quality and JHWS 2019 Surinderpal Suri 1 Air Quality LBH has extensive Air Quality

Air Quality and JHWS 2019 Surinderpal Suri 1 Air Quality LBH has extensive Air Quality

18 th March 2018 Air Quality and JHWS 2019 Surinderpal Suri 1 Air Quality LBH has extensive Air Quality monitoring programme: 8 continuous monitoring stations &amp; 60 diffusion tubes; Air quality has shown steady improvement generally,

561 views • 15 slides
External Quality Assessment AIM of QUALITY SYSTEM AIM of QUALITY SYSTEM The aim of QUALITY SYSTEM

External Quality Assessment AIM of QUALITY SYSTEM AIM of QUALITY SYSTEM The aim of QUALITY SYSTEM

External Quality Assessment AIM of QUALITY SYSTEM AIM of QUALITY SYSTEM The aim of QUALITY SYSTEM The aim of QUALITY SYSTEM A valid instrument for the self-evaluation of diagnostic quality in laboratories in laboratories. Validation

397 views • 38 slides
SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and certification Objective quality component: properties that can be Jyrki Nummenmaa University of Tampere, CS

438 views • 5 slides
Chapter 14 Methods for Quality Improvement Quality, Processes, and Systems Quality of a good or

Chapter 14 Methods for Quality Improvement Quality, Processes, and Systems Quality of a good or

Chapter 14 Methods for Quality Improvement Quality, Processes, and Systems Quality of a good or service the extent to which it satisfies user needs and preferences 8 Dimensions of Quality Performance Features Reliability

677 views • 40 slides
Welcome to Welcome to 4 th National Quality Conclave Concurrent Session Q Quality in

Welcome to Welcome to 4 th National Quality Conclave Concurrent Session Q Quality in

Welcome to Welcome to 4 th National Quality Conclave Concurrent Session Q Quality in Education lit i Ed ti School Accreditation Initiative By Quality Council of India y Qua ty Cou c o d a Quality Issues in Schools W h t

669 views • 66 slides
MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why

MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why

Luanna Cambas, P.E. LADOTD District 02 Lab Engineer Jason Davis, P.E. LADOTD Field Quality Assurance Administrator MATERIALS AND TESTING QUALITY ASSURANCE QUALITY ASSURANCE What is Quality Assurance? Why needed? Sampling &amp;

1.01k views • 63 slides
Use of a vitaliser in agriculture Water quality What is water quality? Water quality Water

Use of a vitaliser in agriculture Water quality What is water quality? Water quality Water

www.agroguide.nl Use of a vitaliser in agriculture Water quality What is water quality? Water quality Water quality often just based on: - type of water source used for irrigaton water - levels of Na+ and Cl- - chemical and fysical analyses

726 views • 34 slides
RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW

RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW

RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY RAW CASHEW NUT QUALITY Mr DAOUDA GON COULIBALY ACE GLOBAL DEPOSITORY 24-26 Jan

306 views • 14 slides
Introduction to Quality Engineering SE 350 Software Processes &amp; Product Quality 1 Quality:

Introduction to Quality Engineering SE 350 Software Processes &amp; Product Quality 1 Quality:

Introduction to Quality Engineering SE 350 Software Processes &amp; Product Quality 1 Quality: Two Views Conformance to requirements (absence of defects). Narrow definition (sometimes referred to as q). Fitness for use (relative to

370 views • 14 slides
G 8243 Entropy and Information in Probability I. Kontoyiannis Columbia University Spring 2009

G 8243 Entropy and Information in Probability I. Kontoyiannis Columbia University Spring 2009

G 8243 Entropy and Information in Probability I. Kontoyiannis Columbia University Spring 2009 What is Information Theory? Born in 1948, it is the mathematical foundation of communication theory; it quantifies the notion of information

426 views • 15 slides
Logic Puzzles Problem Solving Club Birds In Trees There are 2 trees in a garden (tree

Logic Puzzles Problem Solving Club Birds In Trees There are 2 trees in a garden (tree

Logic Puzzles Problem Solving Club Birds In Trees There are 2 trees in a garden (tree &quot;A&quot; and &quot;B&quot;) and on the both trees are some birds. The birds of tree A say to the birds of tree B that if one of you comes to our tree,

237 views • 13 slides
Learning Context Effects in Triadic Closure Kiran Tomlinson SINM 2020 research with Austin R.

Learning Context Effects in Triadic Closure Kiran Tomlinson SINM 2020 research with Austin R.

bit.ly/lcl-slides Slides: bit.ly/lcl-paper Preprint: bit.ly/lcl-code Code: bit.ly/lcl-data Data: Learning Context Effects in Triadic Closure Kiran Tomlinson SINM 2020 research with Austin R. Benson ? What factors drive edge formation?

1.21k views • 73 slides
IBL at SUNY New Paltz David M. Clark Mathematics Department June, 2011 Legacy of R. L. Moore

IBL at SUNY New Paltz David M. Clark Mathematics Department June, 2011 Legacy of R. L. Moore

IBL at SUNY New Paltz David M. Clark Mathematics Department June, 2011 Legacy of R. L. Moore Conference David Clarks Version of IBL Mathematics Department SUNY, New Paltz June, 2011 Legacy of R. L. Moore Conference XXXXXXXXXXXX David

566 views • 30 slides
AN EXTENSIBLE AND PRIVACY- PRESERVING MOBILE ID Michael Hlzl, MSc Institute of Networks and

AN EXTENSIBLE AND PRIVACY- PRESERVING MOBILE ID Michael Hlzl, MSc Institute of Networks and

AN EXTENSIBLE AND PRIVACY- PRESERVING MOBILE ID Michael Hlzl, MSc Institute of Networks and Security, JKU Linz IKT Sicherheitskonferenz 2017 26. September 2017, Villach Digital Identity: State of the Art OpenID: some (large) providers,

1.17k views • 18 slides
Sparse Computations and Multi-BSP Albert-Jan Yzelman October 11, 2016 Parallel Computing &amp;

Sparse Computations and Multi-BSP Albert-Jan Yzelman October 11, 2016 Parallel Computing &amp;

Sparse Computations and Multi-BSP Sparse Computations and Multi-BSP Albert-Jan Yzelman October 11, 2016 Parallel Computing &amp; Big Data Huawei Technologies France Albert-Jan Yzelman Sparse Computations and Multi-BSP BSP BSP machine = {

944 views • 51 slides
Abstraction-Carrying Code an Puebla and Manuel Hermenegildo , Elvira Albert

Abstraction-Carrying Code an Puebla and Manuel Hermenegildo , Elvira Albert

Abstraction-Carrying Code an Puebla and Manuel Hermenegildo , Elvira Albert , Germ ( ) Complutense University of Madrid (Spain) ( ) Technical University of Madrid (Spain) ( ) University of New

570 views • 18 slides
Commitments etc. Bart Geurts Ulterior motives Two aspects of promises Albert to Berta:

Commitments etc. Bart Geurts Ulterior motives Two aspects of promises Albert to Berta:

Commitments etc. Bart Geurts Ulterior motives Two aspects of promises Albert to Berta: Ill do the dishes. 1 . Albert commits himself to doing the dishes. 2 . Albert expresses his intention to do the dishes. Working hypotheses: 1 and 2

593 views • 13 slides

More recommend