Recently, I’ve been spending time analyzing code from a project I’m working on using NDepend 2.6. NDepend is described as…
…a static analyzer that simplifies managing complex .NET code bases.
It digs deep into your code providing an incredible level of detail. Should you decide to take a look at NDepend be sure to give yourself several hours to spelunk as there’s tons to dive into. For starters here is a screenshot of what you can expect when you load a project:
In this image the mouse (not pictured) is hovering over an assembly name in the Dependencies pane, in the center of this image. Simultaneously the assembly region is is highlighted in the Metrics pane, in the top right.
Querying your code
While I’m still very new to this tool and digging away the thing that’s really caught my attention is CQL. Here’s a closer look at the CQL Query pane:
CQL stands for Code Query Language and it’s exactly what it sounds like, SQL for code, the heart of NDepend. In fact, you can check out the CQL v1.5 spec. In the above image, the queries you see are provided by default when you load a new project. On the left is a list of query groups which is a one to many with the queries listed on the right. In the image at the top I’ve selected a query titled “Methods too big” which equates to this in CQL:
// <Name>Methods too big (NbLinesOfCode)</Name>
WARN IF Count > 0 IN SELECT TOP 10 METHODS WHERE NbLinesOfCode > 30 ORDER BY NbLinesOfCode DESC
// METHODS WHERE NbLinesOfCode > 30 are extremely complex and
// should be split in smaller methods
// (except if they are automatically generated by a tool).
// See the definition of the NbLinesOfCode metric here http://www.ndepend.com/Metrics.aspx#NbLinesOfCode
Notice the blue highlights on the Metrics pane, again the one with the gray sphere’s, which represent methods from the query result set. Double clicking any of the sphere’s opens that method in VS.NET, very nice. Btw, NDepend includes copy/paste syntax highlighting of CQL queries, also a nice touch.
Clearly, CQL is incredibly powerful and the engine that drives the code analysis used in NDepend. I think it’s a very natural approach for .NET developers and if you’ve worked with SQL at all you’ll find picking up CQL straightforward. Although, NDepend does go one step further by providing CQL Intellisense making it easier to get started with the new query language.
While the Intellisense support is nice it would be even better if it listed things like assemblies, namespaces and types (among others) where appropriate rather than just listing “assembly” or “type”.
Continuous Integration Support
If you’ve followed my blog you know I’ve written quite a bit about CruiseControl.NET which NDepend integrates nicely with. Included is a command line tool which will generate your NDepend output for integration with your build results. Here is a short screencast available with more details so I’ll leave it at that.
I’ve already spent numerous hours exploring my code and playing with CQL and I still just scratching the surface. I’ve also managed to find and fix a number of issues and improve and optimize my code. The NDepend website has lots of screencasts on how to accomplish various tasks using NDepend and be sure to read Patrick’s blog for lots more information on NDepend.
What do you use for static code analysis?
In the interest of full disclosure, I was provided a copy of NDepend v2.6.3 for review with no strings attached for which I’d like to thank NDepend’s developer Patrick Smacchia for the license and providing such a great tool to the .NET community!