A static code analysis tool for the WSO2/synapse files would have some important benefits:
- It is much easier to check if the project/naming conventions are followed (that’s important to keep the code maintainable).
- Since it can scan all code – even the code that’s rarely executed, it makes it easier to detect areas with code quality issues.
- It helps to identify design issues like too complex sequences.
- Code quality issues will be found earlier.
I searched the web for existing code analysis tools, but didn’t find any, so i decided to do a proof of concept. I created a small tool to scan a folder-structure. All rules to check are hardcoded – no configuration options. The plain text output looks like this:
CancelOrders.xml: Warning: artifact name different from filename OrderEntry.xml: Warning: Unexpected mediator. Drop, Loopback, Respond or Send should be the last mediator in a sequence error.xml: Warning: filename should end with '.sequence' prj: Warning: artifact CancelOrder not specified in artifact.xml 0 errors, 4 warnings.
The implemented rules at this moment are a combination of the project naming conventions and some best practices as described here. This first version already helps in keeping the code base clean, but there is still a lot left to do, like:
- detecting unused properties.
- detecting when messages are send to a jms queue without specifying the transport as OUT_ONLY.
- applying the testability checklist to the WSO2 code
- calculating code metrics