As developers, we ensure code quality with the help of unit and functional testing. We can complement these test plans with static analysis through which we can now check the code before its execution to assess its quality and its adherence to coding standards. Static analysis helps us find the issues in our code that we humans can’t always spot by ourselves and thus, ensures code quality throughout the project along with maintaining developer efficiency.
Supported Frameworks and Language Standards
- All the versions of ECMAScript (ES3, ES5, ES2015 - ES2020)
- React JSX
- All major module systems ( CommonJS, ES modules and AMD)
ESLint Rules & Plugins
We are working to add support for more plugins in order to improve the analysis further.
Sample Configuration (.deepsource.toml)
Here’s a few issues detected by the analyzer:
Debugger should not be used in production code
Prevent reassigning function declarations
Overwriting/Reassigning a function is often indicative of a mistake or issue. It can cause bugs in the code at runtime.
Using constant condition in conditional statements
A constant expression (for example, a literal) as a test condition might be a typo or development trigger for a specific behavior. It may break the code during the runtime.
Prefer the usage of === and !== instead of == and !=
It is considered good practice to use the type-safe equality operators === and !== instead of their regular counterparts == and !=. For instance, these statements which ideally should be false are
considered true :
Prevent the usage of alert
Prevent the usage of new for Side Effects
We use new with a constructor to create an object of a particular type and store that object in a variable, such as:
var car = new Car();
It is of no use to use new like this :
In this case, the created object is thrown away because its reference isn't stored anywhere
Prevent the usage of eval
Prevent the usage of Script URLs
Prevent the usage of implied-eval
Try to eliminate implied eval() through the use of setTimeout(), setInterval() or execScript(). As such, it will warn when either function is used with a string as the first argument.
Detect unreachable code after return, throw, continue, and break statements
Because the return, throw, break, and continue statements unconditionally exit a block of code, any statements after them cannot be executed. Detecting and removing them helps to improve the performance of the code.
Detect the unused variables
Variables that are declared and not used anywhere in the code are most likely an error due to incomplete refactoring. Such variables take up space in the code and cause confusion.
Detect empty function declarations and block statements
Empty functions can reduce readability and also end up taking up space which is of no use. Empty block statements, while not technically errors, usually occur due to refactoring that wasn't completed. They can cause confusion when reading code and can affect the performance too.
We're continuously improving the analyzer and here's a near future roadmap:
- Add support for Angular, Flow, Vue and other popular frameworks.
- Autofix support for commonly occurred issues.
- Automated code formatting support for Prettier and Standard JS.