Why use Automatic Code Review Tools?
Codebeat is a dynamically growing tool that covers major technologies and programming languages. It has evolved substantially within the last few months and it’s worth noting that the team is open for feedback and implementation of new features suggested by their users. However, there are still some things missing. The tool does not allow performing any security checks (perhaps a “simple” integration with Brakeman would do the job). It also does not support any open-source tools or linters (in fact, we are still using Hound) and does not support analysing CSS/SCSS.
Pros:
- support for most of the languages we use (Ruby, JS, Swift, Objective-C),
- metrics customization,
- measuring tools with own algorithms nicely described in the docs (not just a bunch of open-source projects combined together),
- very good support from their team,
- small but well-documented API, which facilitates management e.g. it provides accesses to users working on selected projects (via teams),
- unique quick wins tab,
-
codeclimate-test-reportergem that integrates Codebeat with Simplecov coverage reports, - customer suggestions considered and implemented in the product,
- It is a dynamically growing tool,
- support for Kotlin and Elixir (beta).
Cons:
- still missing some things in the documentation (e.g. explanation of code duplication detection here),
- no possible security issues check,
- no CSS/SCSS analysis.
Codacy has an awesome UI, lots of features and it’s very flexible thanks to dozens of options. There is also a tool (in beta) which allows you to define your own patterns and implement it to be checked automatically. Frankly, it wasn’t easy to find disadvantages of this tool or any clients’ complaints. However, there is still some area for improvement and potential to growth for Codacy.
Pros:
- used by big players like Paypal or Adobe,
- great and intuitive UI,
- the possibility to define issue-based goals to improve the codebase,
- checking lots of security issues (like assigning strange values to private APIs which may lead to unexpected app behaviour),
- a nice feature of browsing commits and monitoring related issues,
- docker analysis,
- huge flexibility thanks to disabling/enabling patterns or whole packages and even ignoring certain patterns in selected files,
- time to fix estimation for each issue,
- small company but growing fast, delivering fresh features frequently,
- well-described issues with examples right below each case (no need to browse the documentation to find out why the issue actually occurred).
Cons:
- Incomplete documentation in some parts (some images are hard to read and the amount of information is insufficient sometimes),
- unintuitive one-page charts to track code quality changes over time (it’s a new feature, maybe not fully implemented yet),
- no
hotspotsorquick wins, - no issues searching, only a few dropdown filters.
CodeClimate is a well-developed and very stable solution with a great number of features. It has many advantages over its competitors and many big players recommend it as the best option. However, it lacked some crucial functionalities that we required for the Netguru code review process, so we switched to an alternative solution.
Pros:
- a great number of supported languages, technologies and frameworks,
- used by the biggest players, including Pivotal, New Relic for enterprise and Rails, jQuery for open-source,
- very stable,
- nice new UI,
- well-maintained test coverage feature gem,
- browser extensions,
- trends charts,
- test coverage out of the box,
- hotspots - a
quick winslist.
Cons:
- seemingly an integrated bunch of open-source projects,
- pricing - it seems to be the most expensive tool in this comparison,
- still unpredictable API (in beta),
- no support for Objective-C,
- no distinct types for total issues number,
- no detailed description of the issue, only a header with source code,
- no issue searching/filtering, just a paginated list with all of them
Comparison of Automated Code Review Tools: Codebeat, Codacy, Codeclimate and Scrutinizer