Our service Software Intelligence uses the AI tool CodeScene. How does it differ from a static code analysis tool? And do you really have to choose between them? We asked Adam Tornhill, Founder of Empear to clarify the situation.
When the AI tool CodeScene entered the market, many companies that were used to static code analysis tools couldn’t see the value of changing to CodeScene – or why they should use both. What could CodeScene bring that was so unique? According to Adam Tornhill, who is the Founder of Empear and the main developer of CodeScene, a direct comparison between Code Scene and a static code analysis tool does not make sense at all. In a larger organization it may be a good decision to use both. Adam explains why:
“A static code analysis in general, is useful for programmers as a low-level coding verification and to enforce style guides. However, it is not particularly good at managing technical debt, improving team efficiency, or making strategical architectural decisions. CodeScene, on the other hand, specializes in those areas,” says Adam Tornhill and continues:
“The main difference between static code analysis and CodeScene can be illustrated by a person who asks if he needs to use the safety belt as he took his vitamins the same morning? The answer is obvious, and CodeScene represents that safety belt”.
A safety belt for the future
CodeScene is based on forensic science and uses behavioral data mined from version control and machine learning algorithms to identify patterns in the evolution of your code. This gives companies the power to predict its future and to find the code that is hard to evolve and prone to defects.
“Using CodeScene saves companies from future limitations, bottlenecks or maintenance issues. And of course, big costs,” says Henrik Sällman, CEO System Verification Bosnia.
The main strength – machine learning algorithms
Both CodeScene and a static code analysis tool can be used to identify technical debt and bad code, but when it comes to prioritizing technical debt based on business impact, CodeScene is outstanding.
“Absolutely, a static code analysis tool only considers properties of the code. CodeScene visualizes which areas of the code, so called hotspots, that are the most critical based on the company’s KPI,” says Adam Tornhill.
Another main difference is CodeScene’s ability to consider social and personnel risks in the code analysis. CodeScene detects coordination bottlenecks, key personnel risks, knowledge gaps in the code etc., something a static code analysis tool cannot do.
Makes identified technical debt actionable
CodeScene also stands out when it comes to defining a process and workflow for making the identified technical debt actionable. CodeScene supports a workflow based on Intelligent Notes that record contextual information and decisions, and automatically supervises them. Another strength is that CodeScene limits the output to what is actionable.
“CodeScene’s strength is its machine learning algorithms that prioritize small, actionable items based on the most likely return of investment for the business. A static code analysis tool presents detailed metrics on all included source code, which often leads to hundreds and thousands of items, which makes it hard to act on,” explains Adam Tornhill.
Choosing between a static code analysis tool and CodeScene may seem like a difficult task, but it all comes down to what risks a company is willing to take. In that case, Adam Tornhill has only one advice:
“CodeScene gives us the opportunity to avoid problems and prepare for the future. Having said that, I would always prefer the safety belt. Even if I take my vitamins in the morning,” he says without any hesitation.