INDIA +91 964 309 2571 | USA +1669 327 4700 info@navyuginfo.com

As per Wikipedia Static program analysis is the analysis of computer software that is performed without actually executing programs. In most cases, the analysis is performed on some version of the source code.

WHY USE STATIC CODE ANALYSIS?
Not every software developer has decades of experience in the programming language or platform he/she is working on rather very few do. A static code analyzer can take care of test coverage, complexity, duplication, security, style, and more.
Caveat: This analysis must not be considered the final code review but the very first one. MOST OF THEM DO NOT CHECK YOUR LOGIC OF CODE.

Who should use?
Anyone who wants to improve the way he writes code, decrease security flaws (as static code analyzer may not be able to figure out every security flaw) etc. Even if you are a pro getting an analysis done does no harm.

Code Climate:
Homepage: https://codeclimate.com/1

There are three options to use it:
Local – Use it on your local system (free)
Hosted – Hosted by Code Climate (free from open source)
On-premise – Deploy at your own data center (contact sales)

What we used:
We used the “Local – Use it on your local system (free)” option.
We used Jenkins to achieve the results similar to the “Hosted” option.

What needs to be done:
(Note: If you don’t know what Jenkins is just going through it once. Not necessary to dive in deep)
– Install Jenkins on a server.
– Install Code Climate CLI version on the same system (the Local option)
– Configure Jenkins to run the analysis on the machine and email the result to the recipients. To achieve the same just execute the analysis command as a bash script whenever someone pushes a branch to the server.
VOILA !!! wink

Obviously, you need not follow the same. Make changes as per the requirement.

Installation:
Installing it on your system and using it is a cakewalk. Ideally, you should not face any difficulties if you follow the guides. Don’t forget to install Docker first.

Sneak peek:
What Code Climate actually does is, it uses a bundle of other gems:

Screenshot of the report that code climate provides: