Ruby is an object-oriented programming language, most commonly demonstrated by a bit of code which applies an action to a number. Ruby supports exception handling, features a true mark-and-sweep garbage collector for all Ruby objects, and loads extension libraries dynamically.
RuboCop is a style and linting tool that analyzes Ruby code using rules. Each rule, also referred to as “cops”, examine the code for warnings, deviations from patterns, potential errors, and fatal errors.
The types of cops available in RuboCop are:
- Style: Style cops examine stylistic problems in the code. The style cops have configuration options to support different popular coding conventions.
- Lint: Lint cops check for possible errors and codes written with bad practices. RuboCop implements all built-in checks and also adds extra lint checks of its own. The command to run lint cops is like this.
$ rubocop –l
The –l can be used with –-only command to run all the enabled lint cops plus a selection of other cops.
- Metrics: Metrics cops checks for source code properties in terms of measurement such as class length, method length, etc. When running rubocop –auto-gen-config, this parameter will be set to the highest value found for the inspected code.
- Performance: Performance cops catch Ruby idioms that are slower than another equivalent idiom.
- Rails: Rails cops are supported specifically for the Ruby on Rails framework. These cops are not used by default. A request needs to be made to call these cops.
The command / request is
$ rubocop –R
To enable/disable certain cops in RuboCop, the .rubocop.yml configuration file is used. It is also used to alter their behavior if they accept any parameters. The file can be placed either in the home directory or in some project directory.
Formatters option in RuboCop is used to change the output format of RuboCop. The developer can create own formatter. The built-in formatters produce machine-parsable output and they are considered public APIs. The rest of the formatters are for humans, so parsing their outputs is not recommended.
Different formatters are loaded in RuboCop as per specific requirements. Some of them are:
- Progress Formatter (default)
- Clang Style Formatter
- Fuubar Style Formatter
- Emacs Style Formatter
- Simple Formatter
- File List Formatter
- JSON Formatter
- Offense Count Formatter
- Worst Offenders Formatter
- HTML Formatter
If your requirements are to keep the code clean and as per style guide, RuboCop is the tool that you can use.
Reek is used to detect code smells. It checks for Control Couple, Data Clump, Feature Envy, Large Class, Long Parameter List, Simulated Polymorphism, Too Many Statements, Uncommunicative Name, Unused Parameters and more.
The Reek checks are in the form of warnings. A developer can configure to suppress specific smells for specific methods and classes. The configuration option can also be used to suppress smells till a certain threshold is reached.
Every smell has some basic options that allow you to enable detection or exclude parts of the project. The configuration options are:
|enabled||Boolean||Determines the status of the smell detector, whether is active or inactive. Defaults to true|
|exclude||an array of strings or regular expressions||Ignores any context whose full description (see %c in Command-Line Options) matches any element of this array.|
Reek checks for following types of code smells:
- Class Variable
- Control Couple
- Data Clump
- Duplicate Method Call
- Irresponsible Module
- Large Class
- Low Cohesion
- Nested Iterators
- Simulated Polymorphism
- Too many statements
- Uncommunicative Name
- Unused Parameters
- Unused Private Method
If you are looking for signs of potential problems, Reek is the best choice to go with.
Brakeman is a static code analyzer for Ruby on Rails applications. It is also referred to as vulnerability checker. It produces a report of all security issues it has found in the application. Based on your code analysis requirements, you can pick the static analysis tool for your ruby applications.
There are advantages of this tool. They are as below:
- Brakeman doesn’t require any installation process.
- Brakeman can be executed at any stage of development process.
- Brakeman provides more coverage of an application. It can find vulnerabilities before they become exploitable.
- Brakeman can easily check configuration settings for best practices.
- Brakeman is much faster than “black box” website scanners. Large applications do not take much time to scan.
If you need to check security aspects of the application, Brakeman is the tool that you can use.
Flay is a statics analysis tool that checks for structural similarities. The tool provides the features below:
- Reports differences at any level of code
- Provides conservative and liberal pruning options.
- Provides –fuzzy duplication detection.
- Ignores differences in literal values, variable, class, and method names.
- Ignores differences in whitespace, programming style, braces vs do/end, etc
- Works across files and projects by adding the flay-persistent plugin.
- Includes FlayTask for Rakefiles.
Flog detects the most torturous code the developer has written. It provides the highest score to the worst code. Flog scores and ABC metrics: Assignments, Branches, Calls, with particular attention placed on calls.
It checks the code’s complexity instead of its performance. The reasons why you need to check the code’s complexity and how it will be helpful for the developer are listed below:
- Code reviews will become easier as it prioritize and shows the most complex code on the top. To know where the real complexity is, the tool is used.
- The bugs reside in the most complex code. So, flog shows the focus area of code testing.
- Complex code demands refactoring. It is always easier to debug, optimize and add features to the code where complexity is found by flog.
Roodi refers to “Ruby Object Oriented Design Inferometer”. It works as parser of Ruby code and gives warnings about design issues based on the checks configured.
Supported checks in Roodi are:
Traceroute is a route cleaning tool for Rails applications. It is used to check which routes are mapped to non-existing controller actions and finds out which controller actions are not reachable. Developer needs to keep controller helper methods and various before/after filters private as they should not be exposed to public APIs. Sometimes, it shows false positives on mountable engines but they can be overlooked.
The tool is used to find bottlenecks of the Ruby applications. It does a live speed analysis of your application’s request processing, page rendering time, database query processing time and DOM loading time. It gives you a quick view of speed and performance analysis of the application.
The tool is used to optimize the applications. The bullet gem allows the developer to kill all the N+1 queries and unnecessary loaded relations. Once installed, it starts checking routes, warnings, alerts indicating database queries that need to be optimized will come out.
Deadweight is a tool that analyzes CSS selectors and cleans unused CSS selectors. You need to bring a set of stylesheets and HTML pages and the tool will report which CSS selectors are safe to remove.
It is recommended to remove all the vendor/third-party css files (such as Bootstrap) while running Deadweight as there are chances that clog up the output.
Rails Best Practices
It is a static code analyzer for checking code smells. It provides suggestions, use scope access, restrict auto-generated routes and add database indexes. It sometimes reports false positives such as unused methods. By providing suggestions, it helps you in giving direction on how to refactor the code and learn some best practices.