philips-software / cerberus Goto Github PK
View Code? Open in Web Editor NEWA tool to measure various quality parameters of source code
License: MIT License
A tool to measure various quality parameters of source code
License: MIT License
Currently Code metrics diff hound, provides report in PSV and CSV format. So we need to add Markdown and HTML format of reports so that metrics could be consumed easily by various projects
This was identified during some demo of consuming Cerberus in Build gates.
I found that some intelligent developers are putting suppressions especially with C and C++ as
This cannot be caught be Cerberus because cerberus just assumes that suppression does not start with white space, Offcourse that is true with java it throws a compilation error. But with C and C++ it does not matter so we need to handle this.
Reported by one of the teams using JCMD-DIFF, the output generates a column called "CLASS", content of the class is more often than not, too long to read! This creates a distortion, where the necessary values (before/after/metrics) are pushed to the extreme right, and we are unable to easily view the output.
Since the filename is sufficient, i think skipping class would help in improving readability of the generated output!
It's difficult to comprehend the meaning of all the metrics reported as part of JCMD. If we can have a hyperlink to the MD page calling out the description of each of the metrics, it'll be good as a quick reference.
Consider different modes of operations for Cerberus:
User can choose the mode of operation of Cerberus via configurations!
Ability to filter files based on regex patterns and then apply the gating/violations/reports on the resultant set of files.
Right now, the output of JCMD-DIFF doesn't sort any value. The request here is to sort the values by the highest difference in the oldValue and the newValue. Also, group by the same class-name.
This will ensure that the leads/reviewers are always looking at the highest difference from the same class, and take quick decisions.
Example below (language=cs). Ideal would be to give message that language name is not supported and give a list of valid language names to the user at command line instead of hard crash-out with raw exception. Also, do you want language name to be case sensitive?
$ java -jar cerberus-executable.jar SWD --language=cs --files=.
java.lang.IllegalArgumentException: No enum constant com.philips.swcoe.cerberus.cerebellum.swd.SuppressedWarningDetectors.cs
at java.base/java.lang.Enum.valueOf(Enum.java:240)
at com.philips.swcoe.cerberus.cerebellum.swd.SuppressedWarningDetectors.valueOf(SuppressedWarningDetectors.java:11)
at com.philips.swcoe.cerberus.hounds.SuppressedWarnings.call(SuppressedWarnings.java:50)
at com.philips.swcoe.cerberus.hounds.SuppressedWarnings.call(SuppressedWarnings.java:30)
at picocli.CommandLine.executeUserObject(CommandLine.java:1783)
at picocli.CommandLine.access$900(CommandLine.java:145)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2141)
at picocli.CommandLine$RunLast.handle(CommandLine.java:2108)
at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:1975)
at picocli.CommandLine.execute(CommandLine.java:1904)
at com.philips.swcoe.cerberus.Cerberus.main(Cerberus.java:40)
NFRs have to be defined for Cerberus, and gated with every commit.
@simaos, @aravind666 - can you please add to NFRs that we'd want to automatically gate?
Sample NFR:
Ability to report violations for different metrics of JCMD, based on:
For all the hounds, currently Cerberus only reports violations. Can we consider adding gating on the violations reported so that the # of violations can be configured & we can report a "pass" or a "fail" based on breach of threshold.
Also to consider - relative gating, ie. if the previous violation count was x, and the threshold is set to x+5, if the subsequent violation count goes to x+3, we should have consider failing the build for this increase in threshold. If the threshold decreases, then automatically set the acceptable threshold to the lower value.
SWD works only if the language is specified in caps. Ideally it should work with any combination of capital/lower-case letters. May be worth adding equals.ignoreCase() when comparing the language input.
PMD CPD supports ignore annotations, please enabled this argument for cerberus CPD
--ignore-annotations
With many teams implementing legacy build systems which may not support checkstyle violations, can we include a hound to do checkstyle check based on:
Why do we have "java-version"? and language option?
Eg: If i specify language as cpp, what does "java-version" for cpp mean?
Project already includes a Dockerfile so it should be published to Dockerhub as part of the action build.
Cerberus scans and gates itself. There is value here in both testing, feedback on real use cases and role modelling that we trust this tool enough, and beleive in its value enough, to scan itself.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.