There once was a time in software development where developers could design, build and then think about their software's security. However in today's highly connected, API-driven application environment, this approach is simply too risky as it exposes the software to vulnerabilities ...
The latest release of Redgate Software’s most popular tool, SQL Prompt, elevates it from helping to develop and standardize new code to discovering problems in legacy code.
The winner of the Visual Studio Magazine 2017 Reader’s Choice Gold Award in the productivity tools category, SQL Prompt plugs into SQL Server Management Studio and Visual Studio and enables developers to write, format, refactor and analyze SQL code.
When SQL Prompt v9 launched in November 2017, it introduced a code analysis feature which spots code issues and hidden pitfalls as users type. It parses the code, as a compiler would, but rather than compile the code, it checks the syntax for compliance with a built-in set of over 90 rules. It then highlights each issue, or ‘code smell’, by underlining the offending line of code with a green squiggle.
Developers can see immediately any issues they’ve introduced, and clear explanations and suggestions to improve their code and fix the errors are provided, along with links to further reading online. This ensures that all code committed to source control complies with a common set of coding standards and practices, and prevents issues from creeping into the build that might, now or eventually, cause performance, maintenance or security problems.
That’s not the end of the story. The latest update to SQL Prompt allows users to analyze an entire script of legacy code, no matter how large, and see a list of all the issues contained within it. If users double-click on an issue, they’ll see that line highlighted in the code and can view more details. Code issues can also be grouped by type and exported to a CSV file which can be shared across a team or attached to a ticket in bug-tracking or task management software.
This makes it easy to learn about the health of certain sections of the database code, or assign clean-up tasks, with each developer on a team assigned a set of issue types. By acting as a worklist for improving overall code quality, it makes it much easier to do code reviews, discover technical debt, and resolve small errors before they become big problems.
It thus helps teams prevent technical debt from entering the code base, remove it from existing code, and ensure that released code conforms to the team’s defined coding standards.
As Grant Fritchey, Microsoft Data Platform MVP, concludes: “When code analysis was introduced to SQL Prompt less than a year ago, it was a big move. As well as helping you write SQL code faster, it helped you write SQL code better. Extending the feature to legacy code means anyone can now use it to improve code that was written months, even years ago, as well as the code they’re working on right now.”
Existing users of SQL Prompt can start using the new functionality immediately by updating to the latest version using the Check for Updates link in the Help menu. New users can explore the feature by downloading a fully-functional trial version of the software from the Redgate website. Once installed, SQL Prompt will appear in the standard menu of SQL Server Management Studio or Visual Studio and can be used just like any other feature of the IDE.