Code Analysis

.deepsource.toml

This section covers .deepsource.toml configuration specific to the go analyzer. Please make sure to read the general configuration guide first.

name

  • Type: String
  • Presence: mandatory
  • Description: Shortcode of the analyzer.
  • Example:
name = "ruby"

enabled

  • Type: Boolean
  • Presence: optional
  • Description: Toggle whether this analyzer should be run.
  • Example:
enabled = true

meta

  • Type: Table
  • Presence: optional
  • Description: Any supported metadata to pass to the analyzer.
  • Example:
[analyzers.meta]
skip_doc_coverage = ["module", "class"]

skip_doc_coverage

  • Type: Array
  • Presence: optional
  • Description: Specify which artifacts to skip when calculating documentation coverage.
  • Available Values: class, module, method, singleton_method
    • class - Ignore documentation coverage for class definitions
    • module - Ignore documentation coverage for module definitions
    • method - Ignore documentation coverage for method definitions
    • singleton_method - Ignore documentation coverage for singleton method definitions
  • Default Value: []
  • Example:
skip_doc_coverage = ["module", "singleton_method"]

cyclomatic_complexity_threshold

  • Type: String
  • Presence: optional
  • Description: Specify the acceptable risk category for your project as the threshold. All functions with complexity beyond this threshold will raise an issue. For example, setting the threshold to low will flag all functions that have a cyclomatic complexity of more than 5, while setting the threshold to critical will not flag any function.
  • Available Values: low, medium, high, very-high and critical
Risk categoryCyclomatic complexity rangeRecommended action
low1-5No action is needed.
medium6-15Review and monitor.
high16-25Review and refactor. Recommended to add detailed comments if the function absolutely needs to be kept as it is.
very-high26-50Refactor to reduce the complexity.
critical>50Must refactor this. This can make the code untestable and very difficult to understand.
  • Default Value: medium
  • Example:
[analyzers.meta]
cyclomatic_complexity_threshold = "high"

Sample config

version = 1

test_patterns = [
  "test/**",
  "*_test.rb"
]

exclude_patterns = [
  "vendor/**",
  "**/examples/**"
]

[[analyzers]]
name = "ruby"
enabled = true

  [analyzers.meta]
  skip_doc_coverage = ["module", "singleton_method"]

We currently support Ruby 2.0 and above.

Code Coverage

SimpleCov

First, install simplecov if it is not already installed:

gem install simplecov

Follow these steps to generate a test coverage report:

  1. Add the following lines to the spec_helper.rb file inside the tests folder of your project:
# frozen_string_literal: true

require 'simplecov'

SimpleCov.start
  1. Add --require spec_helper.rb to the .rspec file.
  2. Run rspec using bundle exec rake rspec to generate a coverage report.
  3. The coverage report will be available inside the coverage folder.

Once you have a coverage report, you can upload it to DeepSource:

# Install deepsource CLI
curl https://deepsource.io/cli | sh

# Set DEEPSOURCE_DSN env variable from repository settings page
export DEEPSOURCE_DSN=https://sampledsn@deepsource.io

# From the root directory, run the report coverage command
./bin/deepsource report --analyzer test-coverage --key ruby --value-file ./coverage/.resultset.json

SimpleCov writes coverage results to a .resultset.json file. This is what you need to upload to DeepSource.

Code Formatter (Transformer)

RuboCop

Format all incoming Ruby code with RuboCop.

This section covers .deepsource.toml configuration specific to the rubocop transformer. Please make sure to read the general configuration guide first.

name

  • Type: String
  • Presence: mandatory
  • Description: Shortcode of this transformer.
  • Example:
name = "rubocop"

enabled

  • Type: Boolean
  • Presence: optional
  • Description: Toggle whether this transformer should be run.
  • Example:
enabled = true

StandardRB

Format all incoming Ruby code with StandardRB.

This section covers .deepsource.toml configuration specific to the standardrb transformer. Please make sure to read the general configuration guide first.

name

  • Type: String
  • Presence: mandatory
  • Description: Shortcode of this transformer.
  • Example:
name = "standardrb"

enabled

  • Type: Boolean
  • Presence: optional
  • Description: Toggle whether this transformer should be run.
  • Example:
enabled = true

Vulnerability Scanning

Supported target files:

  • Gemfile
  • Gemfile.lock

Was this page helpful?