Eliminate bugs and vulnerabilities.
Champion quality code in your projects.
SonarCloud has dashboard view also to monitoring how many quality code that should we repair.
Make sure we’re already have account in SonarCloud the logged in. On the home page, click
Organization settings menu and
Choose the organization on Github.
Check in the repo Settings. We can also configure what can SonarCloud do to our repo.
When we create the pull request, SonarCloud bot will comment the quality result.
Dangerfile is also a support to our pull request. But unlike SonarCloud which is useful for code analysis only, dangerfile can also to tidy up our pull request format. Want to auto assign reviewer? We can do that with help from Dangerfile.
Prepare the Dangerfile file. Looks like this.
Let’s initiate the Dangerfile content!!! (Be aware it’s dangerous :D)
The syntax for Ruby is right here https://danger.systems/reference.html. We can choose another different language for an example JS, Swift, Kotlin and Python.
If we don’t want the pull request title to contain some word then we can use.
failed ‘PR title can't be named ASD123’ if github.pr_title.include? ‘[ASD123]’
We can use Ruby Gems for Dangerfile. As an example, we want to auto assign reviewer if PR creator not assigned any reviewer. Using this https://rubygems.org/gems/danger-review_requests/versions/0.0.4 and put it in the Dangerfile.
We can use array and random the reviewer then assign to the pull request. We also can add a Rubocop for Ruby, example https://github.com/mpermperpisang/golang-automation/blob/master/Dangerfile#L14.
Novoda has so many repositories. One of them is gradle-static-analysis-plugin.
A Gradle plugin to easily apply the same setup of static analysis tools across different Android, Java or Kotlin projects.
This plugin supports many static analysis tools for different language, especially for Java. The list are :
- FindBugs — [DEPRECATED] [Removed in Gradle 6.0]. Unfortunately this is no longer supported
- Android Lint
We can choose some of supporting tools to support the code analysis with the gradle checker in our pull request.
Let’s make the pull request fun to be created or reviewed. — MperMperPisang