Quality rules
Required role | Rule Management |
Access | CodeChecker Server → Rules Configuration → Quality Rules |
Quality rules are conditional expressions used to determine an application's code quality.
A quality rule is built around a metric and a validation expression. A metric is a numeric value deduced from the analysis of a source code, and a validation expression defines a logical condition. The quality rule compares the metric with the validation expression:
- If the metric complies with the condition of the validation expression, the quality rule succeeds.
- If the metric does not comply with the condition, the quality rule fails.
ARCAD CodeChecker supplies a number of quality rules via its standard rule sets. All the quality rules included are fully documented. You can create and document your own quality rules from the CodeChecker Studio.
For more information about metrics, refer to Metrics.
For more information about validation expressions, refer to Validation expressions.
The Quality Rules view is accessed from the Rules Configuration node in the Navigator.
Enter any combination of the above search criteria, then click the Search button to display the results. To display the complete list, click the Search button without entering any search criteria.
Follow the subsequent steps to create a new quality rule.
Step 1 To access the Create Quality Rule wizard, either click the Create icon in the toolbar of the Quality Rules search view, or right-click anywhere in the search list of the view and select Create Quality Rule.
Step 2 Define the quality rule's Code, Name and Quality rules. These values are required to create a new quality rule. The Code cannot be changed once the quality rule is created, but the Name and Description can be edited later.
Click Finish.
Result The new quality rule is created and its editor opens automatically. It is displayed in the search list in the Quality Rules search view.
It is required to edit new quality rules before using them.
To open a quality rule's editor, locate it in the Quality Rules search view, then either:
- double-click on the item in the view,
- right-click on the item in the view and select Edit, or
- select the item in the view and click the Edit icon in the toolbar.
The editable values are all located in the Quality Rule tab in the quality rule's editor.
The Rule Sets tab displays the list of rule sets that employ the quality rule. Double-click on a rule set to access its editor.
- Code
- This code is the quality rule's unique ID and is defined when creating the quality rule. Once a rule is created, it is not possible to edit this code.
- Name
- The quality rule's name should reflect the condition checked during the code review process to be easily identified.
- Activated
-
When this box is checked, the quality rule is activated. A quality rule must have valid parameters to be activated.
Deactivated quality rules cannot be added to a rule set, and if they are deactivated after being added, they cannot be executed in a campaign.
Warning!When a quality rule is activated, it cannot be edited anymore.
ReferenceFor more information about activating quality rules, refer to Activating quality rules.
-
Category
-
Each rule has a corresponding category, that can be changed directly from the CodeChecker Studio. This category value is mainly used when the quality rules are intended to be imported in SonarQube, as they match their rule types.
The four categories available are the following:
- Code smell (maintainability),
- Bug (reliability),
- Vulnerability (security),
- Security hotspot (security).
ReferenceFor more information about the types of rules in SonarQube, refer to the corresponding documentation.
- Exploited Metric
-
Select the metric to use from the drop-down list. The metric must already exist to be added to a quality rule. You can click the Exploited Metric hyperlink to open its editor.
This metric represents a numeric value deduced from the analysis of your source code. The value is compared with the validation expression also defined in the quality rule. If the metric does not comply with the validation expression, the quality rule fails.
ReferenceFor more information about metrics, refer to Metrics.
- Failure Message
- This failure message is displayed in the ARCAD CodeChecker plug-in for RDi to provide additional information if the quality rule fails.
- The failure message should give information about the logical condition that was not respected and that made the quality rule fail. It should also explain how to fix the issue so the quality rule no longer fails.
- Failure Level
- Select the failure level of the quality rule from the drop-down list.
-
There are three hierarchical levels of failure in ARCAD CodeChecker:
- FATAL, the most critical,
- WARNING, and
- NOTICE, the least critical.
The failure level given to a quality rule depends on the code quality that needs to be achieved.
Users with the Rule Management role in the CodeChecker Studio determine the failure level to give to each quality rule, and give the appropriate meaning to each failure level.
ExampleA quality rule can have a NOTICE failure level if this rule should be followed but can be overruled depending on the source code to analyze.
- Reference Failure level
- Select the reference failure level of the quality rule from the drop-down list.
- There are four hierarchical levels of reference failure in ARCAD CodeChecker:
-
- FATAL, the most critical,
- WARNING,
- NOTICE, the least critical, and
- IGNORED, the default level.
- This reference failure level parameter allows issues found in both the reference and target source codes to be reported with a specific failure level. These issues are usually reported as Ignored, along with the failure level set on the rule.
- If the Reference failure level parameter is set to any other level than Ignored, the issue is then reported using that newly set Reference failure level.
- Formula
-
Select the validation expression to use from the drop-down list. The expression must already exist to be added to a quality rule.
This validation expression is a logical condition. This expression is compared with the metric, also defined in the quality rule, to return a boolean value (true or false) when the rule is executed. The result of this comparison determines if the quality rule succeeds or fails.
- Name, Type & Description
- The Name, Type and Description columns give details about which value to give the parameters of the selected formula.
- Value
- If the validation expression includes specific parameters, enter the Value for each available parameter depending on the logical condition the quality rule should check.
For more information about validation expressions, refer to Validation expressions.
The Batch rule update option allows you to make changes and updates on multiple quality rules at once.
To open the Batch update dialog, select several quality rules in the Quality Rules search view, then either:
- right-click on one of the selected rules and select Batch update rules, or
- click the Batch update rules icon in the toolbar.
Set each parameter with the values available in the drop-down lists. If you leave one parameter blank, the parameter is not modified for the selected quality rules.
The quality rules parameters available for batch update are the following:
- Activated
- Sets the activation status of the selected quality rules. The possible values are Yes and No.
- Category
- Sets the category of the quality rule, to make sure they correspond to the existing rule types when the quality rules are imported in SonarQube.
- Failure level
- Sets the failure level of the selected quality rules. The possible values are Fatal, Warning and Notice.
- Reference Failure level
- Sets the reference failure level of the selected quality rules. The possible values are Fatal, Warning, Notice and Ignored.
Click the Documentation tab in the quality rule's editor to create or modify the rule's documentation. Each rule's documentation should include:
- a description of the rule to summarize what it does and why.
- examples of compliant and non-compliant code.
- any other notes or references to help understand the rule.
The rules' documentation uses the Markdown language. Use [Ctrl+space] to open a contextual formatting helper.
You can preview the documentation created here in a web browser. In the Quality rules view, right-click to select a rule and click the Documentation icon in the contextual menu, or select the rule and click the Documentation icon in the menu. The rule's documentation is displayed in your default web-browser.
Required role | Activation |
Activating a quality rule means this quality rule can be added to rule sets and executed during a code review process. A quality rule must have valid parameters to be activated.
To activate a quality rule, check Activated in the quality rule's editor.
When a quality rule is activated, it is no longer possible to edit its parameters, to avoid consistency issues. If a quality rule is activated but needs to be modified, this rule should be deleted and a new one created with the correct parameters.
Before activating a quality rule, pay attention to the applicable language(s) selected for the exploited metric(s). Active quality rules that can only be applied to specific languages cannot be executed on applications written in another language.
Quality rules must be added to rule sets in order to be executed. The quality rules included in a rule set are managed in the rule set's editor.
For more information about managing included quality rules, refer to Included Quality Rules.
Deleted quality rules cannot be accessed or recovered.
You cannot delete quality rules that are currently being called by a rule set. You must first remove the rule from all of the sets that employ it before deleting it.
To delete a quality rule, either right-click on it in the Quality Rules search view and select Delete, or select it and click the Delete icon in the toolbar. Click OK to confirm or click Cancel to keep the quality rule.