Bludit Code Review

Post Reply
Tango
Jr. Bludit
Posts: 2
Joined: Thu Mar 08, 2018 8:09 pm

Thu Mar 08, 2018 8:28 pm

Hello,

I've noticed that the Bludit project, doesn't use any tools for code analysis.
This is a bad thing, as sometimes bugs and vulnerabilities that are hard to spot, sneak in.

Now here's CODACY, which is free to use for open source projects.
It's an invaluable tool for checking the code quality, that should be added to the project asap.

Also, I've noticed that it's used by many high-profile CMS's.

Thanks!
User avatar
Edi
Site Admin
Posts: 1287
Joined: Sun Aug 09, 2015 5:01 pm
Location: Zurich
Contact:

Thu Mar 08, 2018 10:47 pm

Thank you for your remarks. Codacy could be an interesting tool.

On the other hand keep in mind that the development of Bludit is not as complicated as other projects. Look at the numbers of commits, issues etc. GitHub gives a good overview without any additional tool:

https://github.com/bludit/bludit

This is my opinion, not the one of the developer.

I will give Codacy a try for my own projects related to Bludit, and give some feedback.
Planet Bludit, Tipps, Snippets und nützliche Links. - Newsletter, Informationen zu Bludit (auf Deutsch).
User avatar
diego
Site Admin
Posts: 699
Joined: Sat May 16, 2015 2:53 pm
Contact:

Fri Mar 09, 2018 9:33 am

Hi,
thank you for your comments, I going to try this CODACY.

Regards
Tango
Jr. Bludit
Posts: 2
Joined: Thu Mar 08, 2018 8:09 pm

Mon Apr 23, 2018 1:56 am

I hope it's obvious now, how valuable CODACY really is.
It's main advantage is that it pinpoints the exact issue and offers suggestions on how to fix it.

The analysis revealed a lot of issues regarding stability and security, so I think those should be the main concerns for the Bludit v2.4 release.

Thanks!
User avatar
Edi
Site Admin
Posts: 1287
Joined: Sun Aug 09, 2015 5:01 pm
Location: Zurich
Contact:

Mon Apr 23, 2018 2:14 am

No idea what I should think about Codacy... I gave it a try for two of my plugins some weeks ago.

First problem: After starting the analysis, it looped... No analysis of the tool itself? Anyway, the support excused afterwards.

Second problem: Issues that are not real issues.

Therefore it makes no sense to warn here about security problems that do not exist.
Planet Bludit, Tipps, Snippets und nützliche Links. - Newsletter, Informationen zu Bludit (auf Deutsch).
User avatar
diego
Site Admin
Posts: 699
Joined: Sat May 16, 2015 2:53 pm
Contact:

Mon Apr 23, 2018 10:44 am

Tango wrote:
Mon Apr 23, 2018 1:56 am
I hope it's obvious now, how valuable CODACY really is.
It's main advantage is that it pinpoints the exact issue and offers suggestions on how to fix it.

The analysis revealed a lot of issues regarding stability and security, so I think those should be the main concerns for the Bludit v2.4 release.

Thanks!
Yeap, as Edi said, I don't see any security issue, only warnings and best practices to archive. Anyway, for the moment I don't have time to check in deep this warnings, but you are welcome to improve the code and let me know what can I do better.
Regards
Post Reply