Do you use the best Code Analysis tools?

Updated by Thomas Iwainski 1 month ago. See history

123

Whenever you are writing code, you should always make sure it conforms to your team's standards. If everyone is following the same set of rules; someone else’s code will look more familiar and more like your code - ultimately easier to work with.

No matter how good a coder you are, you will always miss things from time to time, so it's a really good idea to have a tool that automatically scans your code and reports on what you need to change in order to improve it.
Visual Studio has a great Code Analysis tool to help you look for problems in your code. Combine this with Jetbrains' ReSharper and your code will be smell free.


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'You wouldn\'t play cricket without protective gear and you shouldn\'t code without protective tools',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/CricketHelmet.jpg"
/>

The levels of protection are:

### Level 1

Get ReSharper to green on each file you touch. You want the files you work on to be left better than when you started. See [Do you follow the boyscout rule?](/follow-boy-scout-rule/)

You can run through a file and tidy it very quickly if you know 2 great keyboard shortcuts:

* Alt + [Page Down/Page Up] : Next/Previous Resharper Error / Warning
* Alt + Enter: Smart refactoring suggestions


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'ReSharper will show Orange when it detects that there is code that could be improved',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/48bc81_image001.png"
/>


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'ReSharper will show green when all code is tidy',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/ReSharper-green.png"
/>

### Level 2

Use [SSW CodeAuditor](https://codeauditor.com).


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'CodeAuditor shows a lot of warnings in this test project',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/CodeAuditor.png"
/>

**Note:** Document any rules you've turned off.

### Level 3

Use StyleCop to check that your code has consistent style and formatting.


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'StyleCop shows a lot of warnings in this test project',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/StyleCopInVS2010.png"
/>

### Level 4

Run Code Analysis (was FxCop) with the default settings or ReSharper with Code Analysis turned on.


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'Run Code Analysis in Visual Studio',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/CodeAnalysisVS11.png"
/>


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'The Code Analysis results indicate there are 17 items that need fixing',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/codeanalysis.png"
/>

### Level 5

Ratchet up your Code Analysis Rules until you get to 'Microsoft All Rules'.


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'Start with the Minimum Recommended Rules, and then ratched up.',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/image003.png"
/>

### Level 6

Document any rules you've turned off.

All of these rules allow you to disable rules that you're not concerned about. There's nothing wrong with disabling rules you don't want checked, but you should make it clear to developers why those rules were removed.

Create a **GlobalSuppressions.cs** file in your project with the rules that have been turned off and why.


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'The suppressions file tells Code Analysis which rules it should disable for specific code blocks',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/suppressions-file.png"
/>

**More Information:** [Do you make instructions at the beginning of a project and improve them gradually?](/do-you-make-instructions-at-the-beginning-of-a-project-and-improve-them-gradually) and <https://docs.microsoft.com/en-us/visualstudio/code-quality/in-source-suppression-overview>

### Level 7

The gold standard is to use [SonarQube](https://www.sonarqube.org/), which gives you the code analysis that the previous levels give you as wells as the ability to analyze technical debt and to see which code changes had the most impact to technical debt


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'SonarQube workflow with Visual Studio and Azure DevOps',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/2016-06-08_12-59-38.png"
/>


<imageEmbed
  alt="Image"
  size="large"
  showBorder={false}
  figureEmbed={{
    preset: "default",
    figure: 'SonarQube gives you the changes in code analysis results between each check-in',
    shouldDisplay: true
  }}
  src="/uploads/rules/do-you-use-the-best-code-analysis-tools/2016-06-08_12-59-53.png"
/>

Categories

Rules to Better DevOpsRules to Better Architecture and Code Review
acknowledgements
related rules