Analyse your code with NDepend

Patrick Smacchia, the creator of NDepend, gave me a license of its product, so I can test it on my projects. After using it for a few days, here's a summary of what I like and don't like about NDepend.

What is NDepend

From the product website http://www.ndepend.com:

NDepend is the only Visual Studio extension that is able to tell the developer that over the past hour, the code just written has introduced debt that would cost for example about 30 minutes should it have to be repaid later. Knowing this, the developer can fix the code before even committing it to the source control.

With NDepend code rules are C# LINQ queries that can be created and customized in a matter of seconds. These queries contain C# formulas to compute accurate technical debt estimations.

The default rule-set offers over a hundred code rules that detect a wide range of code smells including entangled code, dead-code, API breaking changes and bad OOP usage.

What I like

  • NDepends is available as a standalone application and can integrate into Visual Studio, VSTS (build task and full dashboard), TeamCity, Jenkins, SonarCube
  • NDepends give you a summary of your application in a dashboard containing key metrics, rules execution summary, and the evolution over the time of some metrics

NDepend Dashboard

  • You can easily navigate from rules to your code in one click, so you can fix them quickly.
  • You can create your own rules using Code Query LINQ (CQLinq) or edit one of the 150 existing CQLinq rules. CQLinq is a linq syntax to query a model of your code enhanced with additional information such as the cyclomatic complexity, the number of lines of code, the diffs with the baseline, the usage of methods, etc. Here's an example of a custom rule that detect complex methods:

NDepend Query

  • Each rule has a description which help you understand why you should fix your code and how to fix it.
  • The Dept metric helps you focus on the parts of your code that need the most attention, and about how many times you'll need to fix all violated rules.
  • Baseline allows to compare your code with a previous version of the application. You can detect if you are introducing dept or, on the contrary, reducing it. The trends are also visible in the dashboard. I think this is one of the most interesting feature of NDepend. Indeed, actual number of violated rules is not the most important thing when you start using NDepend on an existing project. You know you'll have thousands of warnings you cannot fix in one day. Instead, being able to known where you are going is better.
  • Thanks to the baseline, you can detect breaking changes between two version. I think library authors will like this functionality 😃
  • Queries run fast. In a few milliseconds or maybe a few seconds on a large projects, all the rules are evaluated. It's important because if it takes too long, you won't use NDepend on a daily basis, and your code can drift over the time.
  • Great documentation

What I don't like

  • NDepend cannot fix your code automatically. There are some rules that are easy to fix like bad naming or changing the visibility of a method. As a developper, I prefer using a Roslyn analyzer, Resharper or JustCode for these kinds of rules as they can fix them in a click.
  • NDepend tells you which method or class violate a rule. However, it doesn't tell you which lines of code in a method is concerned when applicable. For instance, the rule "Boxing/unboxing should be avoided" doesn't show the actual statement.
  • By default, there are, to my mind, too much warnings. Some rules are not relevant and are dependant of your way of coding, or what you want to achieve. So, you'll have to edit or disable rules, unless you want to see hundreds of warning. If you are starting using NDepend on an existing project, you'll need some time to adapt the rules to your expectations.

Conclusion

NDepend is a great product. It allows you to easily query your code and ensure it match your rules, so your application stay maintainable over the time. It well integrates into the .NET ecosystem (Visual Studio, VSTS, Jenkins, etc.). While I love Roslyn Analyzer which also allows you to analyze your code, NDepend goes further. Anyone can write a CQLinq query in a few minutes, which is not true for an analyzer. Also, NDepend has the ability to compare the evolution of your code between two versions, and ensure you're not increasing the technical debt. Finally, NDepend aggregate data from the source code, the binaries and the code coverage data, so you can create very advanced queries.

You can download the trial version of NDepend on the official site: http://www.ndepend.com

Leave a reply