Code Quality
All effort has been made to ensure the code and architecture of the PIMS solution is of the highest quality. All Stories with testable features require unit-tests to be created and auto-run in all builds of the DevOps pipeline. Best practices and standards are followed and enforced through continual peer-review and code-review.
There are a number of tools used to aid code quality.
| Name | Description |
|---|---|
| Coding Standards | Common standards for syntax and tooling is enforced for all languages used (C#, javascript, Typescript, MSSQL ) |
| IDE Configuration | Common configurations to enforce line-endings and other editor options. |
| Linters | All source code is parsed automatically to ensure standardization through linting. |
| SonarQube | 3rd party tool to review code quality. Not presently hooked up to DevOps pipeline |
| Code Coverage |
 3rd party tool to review testing coverage. Reports are generated for every Pull Request. NOTE - coverage % for the backend is unable to scan our dynamic tests and as such does not correctly present the true coverage (approximately off by 20%). |
| Code Quality | 3rd party tool to provide insight into the quality or maintainability of the code. NOTE - this tool doesn't handle the backend code very well, and as such is not entirely reliable. |
| Unit Tests | Automated tests to ensure functionality is valid and helps with regression testing. |
| Functional Testing | Test Plans are created for each sprint to ensure new enhancements, features and bugs are manually tested. |
| Integration Testing | We have limited integration testing. The API automates an in-memory database to test the Data Access Layer (DAL). |
| Automated Functional Testing | There is currently no automated functional testing. |
| ZAP | 3rd party tool to review code security quality. Not presently hooked up to DevOps pipeline. |
| Snyk | Tool to review code dependencies and vulnerabilities. |