Masonite

Masonite ensures software maintainability with DeepSource

Masonite Framework is a modern and developer-centric Python web framework, built with two crucial goals in mind — batteries included and an extremely extensible architecture.

DeepSource is one of those things that are so easy to integrate with, and it saves countless hours immediately but also saves countless potential time down the line with its ability to catch issues before they become issues. I can't wait to see DeepSource reach its full potential as people discover it more and more in the industry.

Joe Mancuso, creator of Masonite

Challenge

As an open-source framework, Masonite strives to have a thriving community. They encourage developers (beginner or experienced) to contribute to their repository. At the same time, Joe, creator of Masonite, wanted to ensure only healthy code is introduced to their framework.

"The unique challenge is that we need to be able to accept code from hundreds of different developers and be able to adhere to a set of standards that some developers may not even know to exist."

Solution

To integrate Continuous Quality in their workflow, Masonite was looking for a static code analysis solution that would help:

  • Enforce coding standards to maintain quality and protect the framework from inconsistencies, bug risks, security vulnerabilities as well as hard-to-spot bugs like overridden variables names.
  • Facilitate timely review of Pull Requests to keep the community engaged as it's sometimes difficult to volunteer time to review pull requests.
  • Deliver reliable software as many businesses rely on it to build stable and efficient applications quickly.

Results

Native integration with GitHub enabled quick turnaround & a seamless workflow integrations

DeepSource's native integration with GitHub requires minimal configuration. It took a few clicks and less than ten minutes to complete the setup, giving Masonite a jump start. Additionally, the checks fit right in the pull request workflow, facilitating detection of issues early in the development life cycle.

Faster code review process with even quicker, in-depth code analysis

Firstly, the analysis time is low. Whenever a contributor raises a pull request, DeepSource automatically runs the analysis and returns results within seconds.

DeepSource is always the first check to come back and I can see it quickly, review it and make changes in a minute or two.

Secondly, it checks the codebase against 520+ types of issues and detects even hard-to-spot issues. This saves Mansonite's maintainers a lot of time that was earlier spent on "manual" code reviews.

We can rely on DeepSource to check a plethora of other things, that we no longer need to spend a lot of time on.

Customizable rules to tailor the analysis and get results that matter

DeepSource analyzer is highly customizable. Joe quickly defined thresholds in the dashboard to ensure the analysis suited the code context. For instance, he tweaked the rules to ignore an issue on the file pattern. It improved the relevancy of issues raised and boosted the confidence while merging a pull request when the check passed.

DeepSource likes to catch all issues, which are great, but not all issues are real issues with the framework. For example, a framework does not know which exceptions will be thrown, so it needs a very broad exception-catching rule, which is generally a bad idea in any application. With DeepSource, we are able to customize these checks down to the file level and ignore these issues. Very quickly we are able to have an extremely powerful tool in our continuous integration process that is tailor-made to our application.

DeepSource also tags verbose explanations with the issues which Joe thinks help them become better developers.

Reading over the issues that DeepSource finds with the code I, and Masonite maintainers generally, have even become better developers because we now know what to look for in our code base when creating new features or fixing issues. We carry this knowledge throughout the community, to other businesses, and other projects.

Along with experienced developers, Masonite also encourages first-time contributors with zero knowledge making the framework more vulnerable to errors & code inconsistencies. Since DeepSource scans the code for style inconsistencies, it creates a virtual synergy amongst contributors encouraging them to adhere to consistent coding standards, and ensure Masonite's maintainability.

Ship clean and secure code.