DACI Decision


Status
ImpactThis decision affects the level of quality of the application code developed and deployed by the Lab Booster team, that can in turn affect the level of security of the application, its performance , and the end-user experience.
DriverKRONTIRAS-ext, Pavlos 
ApproverKRONTIRAS-ext, Pavlos 
ContributorsWho is directly impacted and must be consulted?
InformedWho should be informed of this decision?
Due date
OutcomeWhat did you decide?



Tips and info

Contributor? Add your recommendation and reasoning here.


Contributors: I am seeking the right people to get involved in the decision. Add your comments to this page, let's get the conversation started.

Please add:

  • The people directly impacted by this so we can include them.
  • Any references to previous work and investigations that we can leverage.
  • Any constraints and challenges we need to consider to make this decision and following action plan.



Here's an example you can use as a guide.

Decision characteristics
  • The decision will have a material impact on the customer experience OR
  • will significantly impact the roadmap OR
  • will adversely disrupt an internal business process.

  • The decision will involve a less than material change to customer experience OR
  • will impact the roadmap OR
  • will impact an existing internal business process

  • All other decisions





Background

The code of the DataLab application may include inefficiencies, error prone code, or coding errors (bugs). Code Quality tools evaluate the quality of the code and can raise alerts for performance risks, inefficiencies, logical errors, unnecessary code etc. and suggested corrective actions that will improve the quality of the code.

Current state

No standardized code quality tools are used.

Data for decision support

Using code quality tools can reduce development time up to 20% (https://medium.com/@ISHIRInc/top-7-code-quality-tools-you-cant-miss-in-2025-for-cleaner-safer-code-1ec1edde4e72)


Options considered

 


Option 1: Do nothingOption 2: SonarQubeOption 3: QodanaOption 4: Crucible

Description



https://www.sonarsource.com/products/sonarqube/

https://www.jetbrains.com/qodana/https://www.atlassian.com/software/crucible


Rollout plan






Pros and cons

(plus)

(plus)

(plus)

(minus)

(minus)

(minus)

(plus)

(plus)

(plus)

(minus)

(minus)

(minus)

(plus) Supports multiple languages include Javascript, Typescript, and Python

(plus) Based on 20+ years of data & feedback from users

(plus) 2,500+ inspection checks

(plus) Identifies issues + suggests fixes
(plus) Identifies vulnerabilities from dependencies and imports
(plus) Integrates with CI/CD pipeline tools (including GitLab) to enforce quality gates, i.e. build fails if quality standards not met
(plus) Low cost
(plus) Can be self-hosted (i.e. more secure)
(plus) Unlimited lines of code analyzed
(plus) Integration with IntelliJ IDEA and MS Visual Studio Code

(minus)

(minus)

(minus)


Risks






Estimated cost and effort




Starts at €5/month/user (min 3 users)

  • €15/month or €180/year

https://www.jetbrains.com/qodana/buy/?billing=yearly



FAQ

Q1.

A1.


References



RelevanceLink
Why is this relevant? Add a link 











Follow-up action items

  • Type your task here. Use "@" to assign a user and "//" to select a due date.


Learn more: https://www.atlassian.com/team-playbook/plays/daci

Copyright © 2016 Atlassian

Creative Commons License
This work is licensed under a Creative Commons Attribution-Non Commercial-Share Alike 4.0 International License.