JADE Environment Development Ideas

What's new in the upcoming JADE release?

IMPROVED DEVELOPER EFFICIENCY. ENHANCED SECURITY. SMOOTHER INTEGRATION

The JADE 2022 release meets tomorrow’s business demands.


Start your update to JADE's latest release

Static Code Analysis

There are a number of tools that provide Static code analysis for a variety of languages but (not suprisingly) nothing for Jade. We use Veracode and SonarQube for our non Jade code. It is a company requirement that we cannot put (non Jade) code live without passing a Veracode scan, this tool focuses on secure coding standards so is deemed essential for any code that our customers may interact with. Currently we do manual Peer Reviews but these are only as good as the developer in question and as we have development teams either side of the globe then quality can be variable. It would be great if Jade either provided a tool to do this or an API that a third party tool could use to provide this functionality.

  • Peter Banyard
  • Jul 16 2019
  • Future consideration
  • Attach files
  • Ashley Bass commented
    August 08, 2019 02:59

    Thanks, Sam. We have moved this to "future consideration" because we think it's highly valuable but we also think it's complex/large and want to learn more.

    Is anyone out there running your own source code analysis, and can you share what you are doing?

    Also, Sam, would be great if you/your colleague could share your automated code reviewer with the community and we will take a look.

  • Sam Stokell commented
    July 16, 2019 22:54

    Having clean consistent code makes our job so much easier. There are so many little things that Jade could be doing for us that would help tidy code up and use better techniques. Similar to https://jedi.ideas.jadeworld.com/ideas/JAD-I-75 - I had a colleague write an automated code reviewer in Jade that is used before it is sent for Peer Review, if he can do that in his spare time I'm sure the gurus at Jade can whip something up. This picked up all the things that you don't need a human for, we also were able to rework the method and tidy up things that have been in place for many years. It seems there is already the bones of it in place. Currently available in Jade you can "Find unused local variables" (and now you can delete them in 2018), there is the "Find possible transient leaks" also which I stumbled upon one day. If you want to bring the quality of Jade devs up give us the tools we need to use better standards when developing. Please :)