Sunday, 5 January 2014

Taking a look at the new NDepend version 5

Hello and Happy New Year 2014.  It’s been an eventful year for me; I became an independent contractor in central London and it’s been going well.  I’ve been acting as solution architect and lead developer on a greenfield project for a financial services client, building an application with a variety of technologies including MVC 4 / JavaScript / jQuery with a bit of Knockout, SQL Server 2012, and an ETL solution using SSIS 2012.  It’s coming along nicely, and I’ve really been enjoying this challenge and opportunity.

Incidentally toward the end of 2013 I was contacted by C# MVP Patrick Smacchia; I had previously blogged about his product NDepend, and he’s now asked me to take a look at the new version 5. 

Full disclosure:  I have not received any compensation for this, but he did send me a professional licence for evaluation.  I agreed to take a look at it for a number of reasons of my own.  Having looked at it previously, I think it’s just interesting what it tells you about your code and your application; I figured it wouldn’t take too long to run it; and mainly, I thought if I could eke out a bit more code quality in my application by running NDepend on it, why not give it a try?  Having gone this far I thought, it would also be good to see what new features they’ve introduced since I last looked at it.

The download for NDepend can be found here.  I entered my license key, downloaded the zip file, unzipped it, as specified, to a directory other than “Program Files”, and took a look.  (Note, there’s a 14 day free evaluation version, so you don’t need the license key to do this).  This is what appears:

So the 4 executables seem self-explanatory; you’ve got a console app, a Visual Studio add-in, some PowerTools, and the VisualNDepend.exe.  But I didn’t want to make any assumptions so I went to look at the Getting Started page.  The video shows how to install the Visual Studio add-in. 
I first closed all running instances of VS 2012, then installed the add-in by double-clicking on the NDepend.Install.VisualStudioAddIn.exe.  I had a slight glitch at that point; the NDEPEND menu did not actually appear when I launched VS 2012, but when I reinstalled with VS running, then enabled it via Visual Studio’s Tools / Add-In Manager menu, it worked.  The NDEPEND menu appears.  I continued with the video.

The first step is attaching a new NDepend project to the current solution.  (I did this offline from TFS).  The menu item to attach an NDepend project is shown here:

The following dialog appears (I’ve erased the client’s identifying information in this screenshot, but otherwise in my solution it looks like this):

At this point I clicked the “Analyze” button; but then NDepend gave me a warning about how the solution is not write-able.  It correctly surmised that it was because I was offline with TFS, and gave me a dialog to that effect.  It also suggested that I’ll want to check in the solution to share it with other team members.  However when I clicked OK, it did proceed with the analysis.  This seemed like a good thing to me, since I’m not quite ready to check this into TFS yet; I want to just take a look at this point, and see what NDepend tells me about my code.  So it ran its analysis on my 4 assemblies, and then gave me a kind of “newbie” dialog letting me choose what I wanted to do.  I chose to go the new NDepend “dashboard”.

There were 3 windows displayed, within Visual Studio, as a result of going to the dashboard:  the dashboard itself, a “Queries and Rules Edit” window, and window showing a report on errors, warnings and messages.  In my case the analysis found 0 errors, 16 messages, and 4 warnings.  The windows are floating, dockable windows as you would expect in a VS add-in.  The messages are essentially progress messages that display during the analysis.  The window looks like the following screenshot (I un-clicked “messages” so I could just see the warnings):

So I thought, well, this is interesting; first, why is it warning me about these missing assemblies?  The first one gives a clue; “is the NDepend project missing the containing folder of the .NET assembly?” 
I basically decide, at this point, that the whole point of a “warning” is that you can decide to ignore it, if you choose; those first four warnings don’t really seem like a problem to me; after all, it’s my code I want to analyze; I’m not bothered it can’t load the Microsoft assembly; and the WPF and MVC assemblies seem irrelevant to me.  I click the “Inactive” button and those warnings go away.  This is actually the kind of behaviour I want from a tool; I want it to give me information, but I want to choose what information I care about.

So I focus on the “4 critical rules are violated” warnings.  Let’s take a look at those.

At this point, perhaps you’re thinking, ha ha, Dave’s revealing there are problems with his code, if he were a really good .NET developer, his code wouldn’t have any problems, look, he’s telling the whole world he’s fallible!  What an idiot!

I beg to differ. 

When you acknowledge the fact that maybe you are not infallible, and that maybe you don’t have all the answers, you open yourself up to the possibility that maybe there’s something to be learned here.  This is connected to the idea of “beginner’s mind” or “Shoshin”. 

Not only that, but theoretically, by intelligently utilizing technology, I am actually enhancing my expertise by putting another tool in my arsenal, thus increasing the likelihood of delivering a higher quality product to my client.  I’m giving myself a competitive edge by using a tool, which maybe my competitor thinks they’re too much of an expert to bother with.  Ha ha!  Who’s laughing now?  

But I digress.  Let’s return to the 4 critical errors.  The point is, NDepend is telling me there’s something that could be improved about my code.  That’s exactly what I want to know from a tool of this type.

The screenshot above shows the NDepend “Dashboard” displayed in VS, as well as the docked “Analysis Error List” window below.  It turns out I can click on the hyperlink “Critical Rules Violated” under the “Code Rules” section of the Dashboard, to get more detail, which brings up another window that tells me exactly which code is violating a rule; this one can also be docked, and in fact here I’ve taken some time to play around a bit, and can see one typical NDepend workflow might be as follows: 

You run the analysis; you click on the link to see the rules violated; and, that brings up the “Queries and Rules Explorer” which gives more detail:

Then you click on one of the warnings, e.g. “Methods with too many parameters – critical”, and that brings up the “Queries and Rules Edit” window, that lists the methods in detail; notice above, I’ve got these windows arranged as tabs in Visual Studio, so they don’t take up much real estate.  Here’s the results of that set of steps, which shows the methods in detail:

The above window is really useful, because it’s telling me a) what my problems are, b) why they’re a problem, and c) what I might want to do to fix those problems. 

It shows one of the pre-defined CQLinq commands that drives the rule that tells you there are too many parameters in a method call.  (You can write your own CQLinq queries as well). 

Also, helpfully, it’s giving me comments about why it’s a problem and how I might go about fixing it.  I like the “another alternative” comment; that’s probably how I would go about fixing this particular problem, i.e. create a class to contain my parameters, and pass that object instead.

But what if I don’t like this rule?  What if I don’t want NDepend to nag me about that particular violation, because for whatever reason, I decide I’m happy with methods that have lots of parameters?  Well, as I would expect, I can control that; I click back on the “Queries and Rules Explorer” tab and if I click the “Code Quality” node, it lets me control which rules are run by de-selecting the check box for that rule:

You can see I’m just scratching the surface here of what NDepend can do, but one of my new year’s resolutions is to really give this tool a more serious run for the money, make some of the code changes it’s suggesting and thereby improve my application.  There are at least two major benefits I can see; one is, it will improve code quality, thus benefiting my clients; and secondly, in the same way that Resharper does, it will help improve my skills as a developer, by showing me alternative (and possibly better) ways to code and structure my applications.

I’m open to that.

No comments:

Post a Comment