loading...
Cover image for Smart Labeling of Suggestions
DeepCode.AI

Smart Labeling of Suggestions

cu_0xff profile image cu_0xff 🇪🇺 Originally published at Medium ・2 min read

When using DeepCode, you might see the following effect:
Same suggestion twice?

On the first glimpse, it looks like the same suggestion. The difference is actually in the tags. One of them is Info and one is InTest. How comes?

Suggestions in Test Code

When you run tests, you probably want to to check for unsupported conditions and when mocking environments, you will use static elements. As an example, you can test your code by providing a wrong type to a function call, or mocking by using a hard-coded password. Obviously, DeepCode’s rule would point out this problem.
While we are providing the option to exclude certain directories from a scan using .dcignore (see here ) but what if you scan a repo for the first time. It might clutter the whole result set. So, DeepCode applies some smartness to flagging suggestions.

Smart Flags

DeepCode tries to understand if the code is actually part of the test suite. This is done by applying some rules including scanning the path and file name. Since DeepCode cannot finally decide if you want to skip the test code analysis results. If you see the example above, it might make sense to touch the tests, too. Therefore, we add a flag that enables you to decide to have testing code in or not.

Summary

Filter Options

A best practice is to keep all results in but watch out for the InTest flag. If you see a security issue like a hardcoded password in a test, you can relax. But sometimes, you will find nuggets in your test code that you should have a look at because it might break your tests. Btw, simply clicking on a tag, makes it a search query. If you click on the filters in the top right corner, you can deselect InTest to suppress all suggestions in test files.

Posted on by:

cu_0xff profile

cu_0xff 🇪🇺

@cu_0xff

Veteran in IT, Xoogler, Ex-Microsoft, works in Static Program Analysis

DeepCode.AI

DeepCode learns from GitHub project data to give developers AI-powered code reviews

Discussion

markdown guide