Replies: 3 comments
-
I wonder if you could take each finding, produce a PR for it, and let's see about getting that change in? |
Beta Was this translation helpful? Give feedback.
-
This looks like it can be very useful! For example, the 800 unused code findings (https://deepsource.io/gh/chsatyap/u-root/issue/SCC-U1000/occurrences), it would take me the better part of a week to open each file, fine each line and delete. And, it seems like it would be easy for the computer to quickly generate a change from these findings. I'd still want to manually scan through, but this would definitely speed up the process. I see there's a blog post about autofix (https://deepsource.io/blog/autofix-future-of-code-reviews/), but I couldn't find the button. |
Beta Was this translation helpful? Give feedback.
-
@rjoleary @rminnich Hey, Ron & Ryan! I'm from the DeepSource team and I came across this discussion related to DeepSource and I thought I should help. Now DeepSource is much better than when the last analysis was run (August 2020), i.e., new rules, better analysis, more Autofixes, and much better UI & UX. So, answering a few questions:
Yes, this is possible.
Yes. It can automatically do this if you use our Autofix feature. Every issue doesn't have Autofix yet (eg. SCC-U1000), but we are working on improving the coverage. Currently, Autofix is available for issues that could be fixed safely and accurately with no side-effects. So, you can do Autofix using the following ways:
Here's a sample run on u-root's fork: https://deepsource.io/gh/subham-deepsource/u-root (~2.4k issues detected and 536 of them are Autofix-able) I hope this helps and let us know if you need any help setting up DeepSource. |
Beta Was this translation helpful? Give feedback.
-
I forked this repo a while ago and ran a DeepSource analysis on it. DeepSource found a variety of different issues categorized based on their types and severity which you can view here.
Brief description -
Anti-Patterns: 120
Bug Risks: 1K
Performance issues: 6
Security Issues: 99
You can find a detailed description and fixes for some of them here.
Please let me know what issues you'd like to focus on fixing and I'd be happy to take a look into it. Also, you can choose to hide certain types of issues too (if you wish to ignore them or you believe it is a false positive). I'd also be happy to send a patch with the DeepSource configuration file with the required fixes.
You can find the required configuration file for DeepSource here.
Beta Was this translation helpful? Give feedback.
All reactions