Getting any insight into the quality of code is challenging. Doing that in a world where everybody wants code yesterday is seen by many as almost impossible. Despite the increasing adoption of DevOps, Agile and phrases such as Shift-Left, faster code does not, necessarily, mean better code. Enterprise Times talked with Francesc Campoy, VP of Product and Developer Relations at Source{d} about this issue.
Source{d} took all the source code from Kubernetes, 2 million lines of code, and ran it through their tool. If produced a report giving a view on the quality and issues with the code base. We talked to Campoy about what Source{d} was doing and why developer teams should be beating down their door.
Campoy opened by saying: “Our tagline is machine learning for large scale code analysis.” in effective, this means extracting information from source code. In a world where we are told everyone is a developer and even investment banks are turning their staff into developers, it’s a good place to start. Source{d} are far from the first to try and extract insights from source code. It is a notoriously expensive thing to do and the insights are rarely acted upon.
What is different here is that once the data has been extracted, it is fed to Source{d}’s machine learning environment. The goal is to understand what is working and what isn’t. What developers are doing a good job and who could improve. It will identify common code errors and help reduce their occurrence. Eventually, it might even allow an organisation, before it starts any software project, to do a risk analysis on the source code, the level of code errors and vulnerabilities and the costs associated with that project.
To hear more of what Campoy had to say listen to the podcast.
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
use the Enterprise Times page on Podchaser
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there