What is code analysis?
Code analysis is a formal automated process of scanning a piece of software code and deducing potential problems, issues and faults that may not be apparent to programmers at first glance.
These could include mistakes that are easy to make for but hard to detect (such as copying and pasting something that is incorrect), the usage of obsolete elements in the code, or bad practices that, while technically correct, don’t produce the best or expected results.
You could think of code analysis as a machine-assisted code review. The rules that are used to check your code point out questionable areas that might be missed during regular testing.
The advantages of using code analysis:
- Early detection of bugs and code smells in the development cycle, which means less time and money spent on fixing them.
- Discovery of problems in related or adjacent areas of code.
- Detection of anti-patterns and deprecated elements in code.
- Detection of security or performance issues.
- Use as a learning tool that shares knowledge across the team. This can be of particular value for more junior members and people new to SQL development.
- Identification of areas in the code that need to be refactored or simplified.
- Highlighting of areas of the code that may need more testing or a deeper review.
- Propagation of best practices and team standards, which ensures codebase consistency.
- Identification of potential software quality issues before the code moves to production.
Introducing code analysis in SQL Prompt 9
There is a distinct lack of code analysis tools in the SQL development world, despite their wide availability in other programming languages and environments (such as .Net, C/C++ and Java).
In June 2017 we acquired SQL Code Guard, with the aim of adding code analysis functionality to our existing tools. We’ve already added performance rules in SQL Monitor, and now you can get fast and comprehensive code analysis in SQL Prompt as you type.
When you upgrade to SQL Prompt 9 you will start to see the new features in your SSMS or Visual Studio query window as you start typing.
You will get a green wavy line under any parts of your script that have a code issue.
These can be selected by clicking on them, with a quick tip displayed when you hover your cursor over the issue:
For a more detailed description of the issue, click on the blue lightbulb icon that appears to the left of the line you are on. This brings up the Issue details panel, which gives you more information on what the problem might be and how you can fix it.
The Issue details panel also contains a link to further online documentation, in the form of a library, that provides further reading and learning resources on code issues.
If you find this particular rule isn’t helpful or you don’t need it right now you can click on Disable rule to stop it displaying.
This can be done for individual suggestions as they appear, but a quicker way of managing your rules is through the Manage code analysis rules… options that can be found in the SQL Prompt menu.
From here you can turn rules on and off using the check boxes alongside them. The settings file for this can also be shared amongst your team, so you can all work with the same rules active, which can help with code consistency.
What’s next for code analysis in SQL Prompt?
We will continue to expand code analysis functionality in SQL Prompt by adding new rules until we have parity with SQL Code Guard.
We are also keen to hear about new rules you’d like added to SQL Prompt code analysis. Head over to UserVoice and add your suggestions for future releases.
Also in Hub
We can use SELECT…INTO in SQL Server to create a new table from a table source. SQL Server uses the attributes of the expressions in the SELECT list to define the structure of the new table.
Also in Product learning
In this article, I'll discuss how I use the SQL Prompt actions that you can apply as part of the Format SQL command. These actions are designed to help improve the overall quality of your SQL code, in...
Also in SQL Prompt
Most of us in the data management industry will have learned to adapt, in recent years, to 'agile' development and deployment practices. Many organizations have invested heavily in the tools and proce...
Also about SQL Prompt
When writing functions or procedures, a common chore is to devise and implement the tests that ensure that the routine always works as expected. The best way to do this is to define the tests in a bat...
Also about static code analysis
It used to be that the EXISTS logical operator was faster than IN, when comparing data sets using a subquery. For example, in cases where the query had to perform a certain task, but only if the subqu...