← All posts

Introducing, DeepSource for Scala

Find and fix issues in your Scala code. Currently in beta.

Header image
By Pawan on 
Share on Twitter Share on LinkedIn Share on Facebook

Scala is one of the most exciting languages out there. It offers the goodness of both functional and object-oriented programming paradigms. Aimed to address the criticisms of existing languages, it is designed to be concise yet very powerful. In fact, frameworks like Spark, Play, and Akka have helped Scala gain immense popularity, especially in the fields of data engineering and web services. Although Scala looks slightly familiar to those coming from Java, the learning curve is steep especially when compared to other languages such as Go or Python.

One of the most powerful aspects of languages like Scala is the ability to take advantage of compiler plugins. Compiler plugins integrate directly into the build process/tools and are invoked at certain stages to emit or show certain behavior. There exist plenty of tools, both open source and proprietary that take advantage of this feature. One such category is the static analysis tools. In fact, almost every static analysis tool written for Scala out there is a compiler plugin. They detect about 90-100 unique issues across your codebase. Although admirable, this practice brings certain issues with it. As the codebase, build process and the team size grows, getting these tools integrated into the workflow becomes difficult - especially with different build tools, people using their choice of IDEs, code editors, and operating systems.

DeepSource for Scala

At DeepSource, our philosophy is that developers should never have to worry about getting such tools integrated in the right manner. In general, code is often judged both by the style and its logic. Therefore, at DeepSource, we engineer tools that integrate directly into the VCS of your choice and your development workflow to help take care of these issues for you. DeepSource builds on top of the innovation that has already been done by the community and makes the results of static analysis more accessible and actionable to you. We guarantee less than 5% of false-positives in the issues, help you run analysis continuously on every commit and pull-request with almost zero configuration, and make the overall experience of finding and fixing quality issues in your code more enjoyable.

Therefore, we are extremely proud to announce the availability of DeepSource’s Scala analyzer, beta. In this beta release, we currently track approximately 50 issues across different categories such as performance bugs, security risks, bug risks, and anti-patterns.

Apart from the usual static analysis that other Scala tools offer, we offer contextual analysis as well. Rather than simply raising a red-flag for every questionable practice, we run some additional checks to determine and set the appropriate warning level. Whenever we believe that a certain part of the code can be refactored, our analyzer runs additional contextual-analysis to determine the best possible recommendation, if any. The next section talks about how we go a step further to provide you with better and personalized recommendations.

Sample issues

  1. If you’re relying on is/asInstanceOf[T] to perform cast-related operations and if our analyzer can prove that the type T will certainly be erased at compile-time as part of type-erasure, we raise a critical warning - to signify that there’s a high chance your code might break in that specific scenario.

Example -

// Problematic `if`
if (items.isInstanceOf[List[Int]]) {
  // do something with list of integers
}
  1. Scala has a certain style/approach of getting things done, just like every other language. If you’re using an approach that is different from what Scala usually takes, our analyzer will make appropriate suggestions to help you adopt the best approach possible! If a particular method can omit the parentheses and follow the 0-arity convention, because it does not have any side effects, i.e. state does not mutate, our analyzer will make the right recommendation for you.
class Person {
  // ...
  //
  // This method can be refactored accordingly
  def getIntro(): String = {
    s"Hi! My name is ${this.name}! I work in the Scala team at DeepSource."
  }
}

println(pawan.getIntro())   // works
println(pawan.getIntro)     // parentheses dropped, suggests that this is a pure function and has no side effects

How to use the Scala analyzer?

You can begin using the Scala analyzer by adding an entry to the [[analyzers]] table in the .deepsource.toml file in your repo. Alternatively, you can activate your Scala repo from the DeepSource repository dashboard after using the configration generator.

Sample configuration

version = 1

[[analyzers]]
name = "scala"
enabled = true

Over the coming few months (in fact weeks!), we’ll be expanding the analyzer’s detection capabilities, further reducing the false positives and will be improving the analyzer’s performance - all just so that you can remain productive and write the best code possible. We’ll also be rolling out support for Autofix - so that you can roll out fixes for your code with just 1 click.

We will continue to make additional improvements to help offer the best recommendations possible for you. Give it a try and tell us what you think over on Twitter! If you have any questions, you can always reach out to us on the discuss forum or our Discord server. The DeepSource Scala analyzer guarantees a false positive rate of less than 5%. If you ever find a false positive in an issue detected by the analyzer, please make sure to report it. We’ll resolve it within the next 72 hours.

About DeepSource
DeepSource helps you automatically find and fix issues in your code during code reviews, such as bug risks, anti-patterns, performance issues, and security flaws. It takes less than 5 minutes to set up with your Bitbucket, GitHub, or GitLab account. It works for Python, Go, Ruby, and JavaScript.
Get started for free

Keep reading...