Static Code Analysis on R Packages with SonarQube [Open]
Automated Static Analysis Tools (ASATs) analyze source-code to diagnose important shortcomings, including Technical Debt (TD), and are usually incorporated in the development process through Continuous Integration (CI). SonarQube is a widespread ASATs tools, which has been adopted by over 85000 organizations world-wide, and is included in over 15000 public open-source projects as a requirement for contribution.
In a recent project, a former student developed a SonarQube plugin for R; this plugin is written mostly in Java and Python. In this project you will be selecting and mining specific R Packages following a systematic proces, and run the existing SonarQube plugin to obtain measurements for the available metrics. Afterwards, you will run a number of comparisons, and prepare reports. You may be required to manually inspect the R code to determine commonalities between the metric's measurements and the code it is related to. You will need to have good data wrangling skills. You will not be expected to write code, however, you will need to be able to install and run SonarQube and the plugin.
This is a project for a single semester, where your artefacts will be more valued than your report.
- Ability to follow systematic methodologies.
- Java+Python skills preferred. R is not necesary, but you need to be able to learn to read it (not code it).
- Ability to mine data data from GitHub using the corresponding API.
- Interest and minimal knowledge of static analysis tools and software metrics.
- Good data visualisation skills.
Please, read the following papers:
The SonarQube Plugin:
- Mining software repositories
- Scientific Software
- Automated static analysis tools
- R Packages