RuboCop for Code Review

Transcript

1. RuboCop for Code Review Code Review Meetup #1 Jan. 19,

   2018

2. User.find(name: "pocke").inspect • Masataka Kuwabara • Engineer at Actcat, Inc.

   / SideCI ◦ Rubyist, Gopher and Vimmer. • RuboCop's core developer. ◦ Today, I'll talk about RuboCop.

3. Goal • Improve code review with RuboCop. • RuboCop is

   not a “Silver Bullet”. ◦ When RuboCop reviews your code, you should review RuboCop's warnings.

4. Note • I’ll talk about Ruby today, but we can

   apply the practices to projects that is written in other languages.

5. Agenda • What's RuboCop? • The internal of RuboCop •

   RuboCop for Code Review

6. Questions

7. Questions • Are you Rubyist? • Do you know RuboCop?

8. What's RuboCop?

9. What's RuboCop? • A static analyzer for Ruby. • It

   has 3 type checks. ◦ Style ◦ Lint ◦ Metrics

10. Style Check coding style

11. Style: check coding style • White spaces ◦ Indentation width

    ◦ White spaces around brackets • Syntax vs Method call ◦ alias vs alias_method ◦ for vs each

12. Style checks based on one of the style guides. •

    https://github.com/bbatsov/ruby- style-gudie ◦ If your coding style has differences, you can configure RuboCop.

13. Style: example # Use `def foo(arr)` def foo arr for

    x in arr # Use each bar # Bad indentation end end

14. Lint Check bugs

15. Lint: check bugs • Unreachable code • Debug code •

    Unused variables • etc...

16. Lint: example def foo binding.irb # debug code return true

    # It’s never executed. puts 'hi' end

17. Metrics Check complexity

18. Metrics: check complexity • ABC size ◦ Assignment, Branches, Conditional

    • Line length • Class length • etc...

19. The internal of RuboCop

20. How does RuboCop check code? • RuboCop analyzes each file

    individually. • RuboCop does not execute code. See “Writing Lint for Ruby” in RubyKaigi 2017.

21. Analyzing each file individually

22. Analyzing each file individually • RuboCop does not check relations

    between files. ◦ e.g. db/schema.rb and models. • For simplicity and performance. ◦ RuboCop can analyze parallelly.

23. Do not execute code

24. Do not execute code • RuboCop doesn’t execute your code.

    ◦ Pros: If your code has system('rm -rf /'), it does not remove. ◦ Cons: RuboCop cannot understand application completely. ▪ e.g. eval, method call

25. RuboCop for Code Review

26. RuboCop for Code Review • What does “RuboCop for Code

    Review” mean? • Advantage of RuboCop in Code Review. • Action for RuboCop Review

27. What does “RuboCop for Code Review” mean?

28. What does “RuboCop for Code Review” mean? • RuboCop also

    reviews your code. ◦ Human Review + RuboCop Review

29. How does RuboCop review • rubocop $(git diff --name-only) before

    human review. • I recommend using CI to run RuboCop. ◦ e.g. SideCI, CodeClimate and Reviewdog.

30. Advantages of RuboCop in review

31. Advantages of RuboCop in review • Reduce human reviews. •

    Enhancement reviews.

32. Reduce human reviews • Layout and style reviews by human

    are no longer necessary. ◦ e.g. “Remove the spaces”, “Use each method instead of for”. ◦ It’s a RuboCop job, not a human job.

33. Enhancement reviews • RuboCop can find bugs that human will

    overlook. ◦ Duplicate method definitions. ◦ binding.irb(debug code)

34. Action for RuboCop Review

35. Action for RuboCop Review • You should review “RuboCop Review”.

36. Action for RuboCop Review For Style Reviews

37. Action for Style Review • Check your coding style. ◦

    If the review does not match with your coding style, you should configure or ignore the review. ◦ http://rubocop.readthedocs.io/en/stabl e/

38. Action for RuboCop Review For Lint Reviews

39. Action for Lint Review • Lint reviews has false positives.

    ◦ In other words, Lint review has a mistake sometimes. ◦ Because RuboCop does not know your application completely. ▪ See the slides above. • It is not a bug, it is a restriction.

40. How to start and/or continue to use RuboCop?

41. Start and/or continue to use RuboCop • You can get

    knowledges from WEB+DB PRESS vol.102. ◦ “RuboCopできれいで安全なコード” written by me. ◦ http://amzn.asia/fZ9cgZO

42. Conclusion

43. Conclusion • RuboCop is not a “Silver Bullet”. ◦ In

    many cases, the default coding style doesn't match your coding style. ◦ RuboCop has false positives. ◦ So when RuboCop reviews your code, you should review RuboCop Review.