What automatic tools can I add to keep code quality high?
CodeQL
CodeQL is a tool that runs variant analysis on code. The idea is that we create a query from a known vulnerability, e.g., SQL injection, and then run it against a codebase to find instances of that vulnerability. GitHub authorizes the use of CodeQL for public repos, and so we are covered . ql-analysis.sh has a recipe for running the analysis locally in the repo. CodeQL also runs on every PR, and blocks check-in if new vulnerabilities are discovered.
Formatting
Ensuring a consistent format is one of those things that should be set once and automated. While I don’t have collaborators who would come with their own style, going through the exercise should help in future collaborative endeavors.
I’ve had prior experiences with , but is the front-runner for JS/TS . dprint’s selling point is speed; it can even incorporate
Prettier as a plugin with a 3X speed boost due to parallelism .
Interesting that “built in Rust” is becoming more of a selling point. Is Rust the new hacker’s language?
StackOverflow’s 2023 Developer Survey has an “Admired and Desired” section for technologies. “Desired” captures the % of respondents that want to use a technology. “Admired” captures the % of users that have used the same technology in 2023, and want to keep using it. The top 5 admired languages of 2023 were Rust (84.66%), Elixir (73.13%), TypeScript (71.7%), Zig (71.33%), and Clojure (68.51%).
Integrating dprint was a matter of (1) installing it as a dependency
and adding its config, (2) formatting the code base, and (3) enabling a
CI check and adding (2) to .git-blame-ignore-revs for a better
git-blame experience. Unlike linters,
formatters do not change the semantics of your code, and so adding their
effects to .git-blame-ignore-revs is not error-prone.
Linter
A linter enforces statically-defined rules that discourage bug-prone constructs. captures adding a linter to the project.
floats , and as the top 3 in terms of Github stars. was pretty ambitious, but the company failed, and became its successor. enables and for TypeScript. In terms of downloads over the last month, and dominate. Will try , using its popularity as a proxy for it being worth a shot.
References
- CodeQL documentation. codeql.github.com . Accessed Jun 9, 2024.
- codeql-cli-binaries/LICENSE.md at main · github/codeql-cli-binaries. github.com . Accessed Jun 9, 2024.
- Variant analysis | Human genetic variation. www.ebi.ac.uk . Accessed Jun 9, 2024.
- Prettier · Opinionated Code Formatter. prettier.io . Accessed Jun 9, 2024.
- Best of JS • Formatter projects. bestofjs.org . Accessed Jun 9, 2024.
- dprint - Code Formatter. dprint.dev . Accessed Jun 9, 2024.
- Speeding up Prettier locally and on your CI with dprint. David Sherret. david.deno.dev . news.ycombinator.com . Accessed Jun 9, 2024.
- Consistent styling using dprint · Issue #158 · dchege711/study_buddy. github.com . Accessed Jun 9, 2024.
- [ES] Add linter to catch common TS errors · Issue #162 · dchege711/study_buddy. github.com . Accessed Jun 9, 2024.
- Best of JS • Linter projects. bestofjs.org . bestofjs.org . Accessed Jun 9, 2024.
- Stack Overflow Developer Survey 2023. survey.stackoverflow.co . Accessed Jun 9, 2024.
- JavaScript Standard Style. standardjs.com . Accessed Jun 9, 2024.
- Find and fix problems in your JavaScript code - ESLint - Pluggable JavaScript Linter. eslint.org . Accessed Jun 9, 2024.
- rome/tools: Unified developer tools for JavaScript, TypeScript, and the web. github.com . Accessed Jun 9, 2024.
- Announcing Biome | Biome. biomejs.dev . Accessed Jun 9, 2024.
- typescript-eslint. typescript-eslint.io . Accessed Jun 9, 2024.
Variant analysis is a common term in the medical field for analyzing genetic variants between individuals of a population. Search engine results bias heavily towards the medical interpretation, implying that the use of the term is pretty new in the software field.