So you’ve built an application, and all the features seem to be working properly. Now you can simply ship the source code and final invoice to the client, right? Not quite. Before you send out the application for final sign off, it’s vital that you perform a number of checks. This guide will walk you through how to test for code quality in your applications.
How to Test for Code Quality
When it comes to testing for code quality I analyze two key focus areas. I test for:
- Security vulnerabilities
- Best practices
So knowing what needs to be tested is great. But how exactly can you test for code quality? Simply giving the code a final review isn’t enough. For this task I turn to automated tools that can perform a number of quality checks on a codebase and compile a comprehensive report of fixes.
Tools for Testing Code Quality
In this guide I’ll walk through the tools that I use for testing Ruby and Ruby on Rails applications. However if you work with another programming language a quick Google search will reveal that every popular language has similar tools that you can utilize.
When it comes to analyzing a Ruby/Rails application, RubyCritic is a powerful tool. This code quality Rubygem pulls in three different code analysis tools (Reek, Flay, and Flog) and generates a comprehensive report.
I like using RubyCritic because it searches for a number of issues that developers tend to overlook. For example it looks for:
- Code smells
- Duplicate code
- Poorly named classes/methods
And instead of simply printing out the issues, RubyCritic generates an interactive reporting website that provides diagrams, visuals, and links to the lines of code that it suspects can be refactored.
Next on the list of code quality tools is RuboCop. The RuboCop gem is a great tool that analyzes a Ruby code base and focuses on verifying that the code follows the Ruby style guide. If you are not familiar with your language’s style guide, essentially it represents a set of recommendations for how your code should be structured. This includes items such as:
- Capitalization rules
I’ve discovered that RuboCop is a great tool for ensuring that your codebase follows the accepted practices for your language/framework.
Last on the list of code quality tools that I use is the Brakeman gem. One of the most difficult items to test for in an application is security. The main challenge is that if you knew of a security vulnerability… you’d have already fixed it (hopefully). So Brakeman helps uncover potential security issues that you may have not even thought about.