Details
-
Task
-
Status: Closed
-
Minor
-
Resolution: Implemented
-
2.9.0
-
None
-
None
Description
Without having knowledge of internal implementation details our team has been using Findbugs [1] and/or Sonar [2] as a rough indicators of internal code quality.
[1] http://findbugs.sourceforge.net/
[2] http://nemo.sonarqube.org/dashboard/index/176172
Where practical to do so, as many of the issues reported by these tools should be eliminated (prioritise by severity). It's a win-win exercise:
- At worse, better rule compliance improves confidence in the code
- At best, real bugs are fixed before they occur and get reported
For example, at time of creating this task we see ~30 "critical" issues in Android Java code. Granted that most of them could be benign, deliberate, or even false positives, but OTOH it would be better to reduce this number to remove any doubt that maybe some of them really are critical.