TheSharperDev

Educating about C# and F#

Reviewing NDepend

I received a free 1-year license in exchange to use and review NDepend. Rest assured, these thoughts and opinions are my own.

Gaining visibility into your code base is hard. It’s hard for developers. It’s hard for people who have a technical background. I’ve also found it next to impossible for non technical people to understand it.

That being said, if you work in or make decisions about software, it’s critical that you understand what you’re dealing with.

Is my architecture going to scale? Are there security holes? How much technical debt is out there? What are the developer’s productivity today versus last year, five years ago?

While tools can’t answer all those questions, they can answer some of them. NDepend is one such tool. Here are my thoughts after playing around with it for about a month.

Installing

To download, head over to the NDepend website. NDepend is a licensed product, so you’ll either have to trial the 14 day trial or buy a pro edition license. I’m using the 2019.3 edition.

Steps to install as VS Extension:

  1. Download NDepend
  2. Unzip
  3. Run the NDepend.VisualStudioExtension.Installer.exe
  4. Select which version of VS you want to install on
  5. Click install, wait half a minute
  6. You should see a dialog box saying it was installed correctly.

Adding to Project

Whichever project you want to use NDepend for, open it in Visual Studio.

From the menu bar click Extensions => NDepend => Attach New NDepend Project to Current VS Solution.

A dialog box will pop up specifying the path to the NDepend Project File and which assemblies will be analyzed.

Click the analyze button, then after a short amount of time you should see your report.

You can view in either VS or a html based report. The VS report is more interactive. Here is the main screen of the VS report for me on my TinRoll project.

TinRoll Report

Since this is a pretty small project, there’s not a lot of information to find and display. Debt at 1.22%, not bad, only 9 rules violated.

I wanted to get a better sense of what this would find on a bigger project. So I downloaded nopCommerce, a well known open source shopping cart solution built on ASP.NET. nopCommerce Report

There’s a lot of information to cover here, so I’ll just cover some basic cases. Please check out their website for more information.

You’ll notice that most stat lines have a “no diff” next to them. This tool will track your stats as your application evolves, helping you know whether your heading in the right direction.

If you click on the High Issues in the bottom right, it leads to the following dialog showing which rules have been violated.

The rules that were violated.

Most of those rules I’d agree are not best practices, but things that I do from time to time because I can. You can click into each one and see which specifically is causing a rule violation.

NDepend will also identify which namespaces have the lowest tech debt score. Which can help you know where to focus cleanup activities.

NDepend Enhances Your Project’s Visibility

The one thing I really like about NDepend is it gives me a lot of information about my code base. I might not agree with some of the things that it marked as critical (I can customize rule severity), but it gives me the chance to review and interact with my code base.

After generating this initial report, I spent about 30 minutes just review the report. I wanted to know what it thought.

Tech Debt Visibility

Front and center of the NDepend report is a Debt percentage, Rating, how many days are required to reach an A.

In my young career, I’ve worked in code bases containing a lot of tech debt. They’re not very fun to work in.

One way they get that way is technical debt is hard to quantify and most non-technical people don’t understand it. Yet a lot of times, non-technical people drive the schedule and budget. There’s never “time” or “money” to refactor, so tech debt continues to grow.

Minor Quirks

The UI can be a bit non-intuitive at times. I could access the necessary information that I needed, but there was an initial ramp up time.

Some of the text didn’t have the right color scheme (black on black) and was hard to read.

Not open source friendly, because it does require a license to use.

Doesn’t support F#, which probably isn’t a huge issue for a lot of people. But I use it from time to time and would find stats on it useful as well.

NDepend’s Sweet Spot

I believe NDepend’s target audience is enterprise development shops. If I worked in teams that had this tool, I believe we would be a lot more cognizant of the code we were producing. A lot less likely to make that small change that we know we shouldn’t because its easy.

NDepend also provides support for Azure DevOps, but I didn’t have the opportunity to try it out.

Final Thoughts

NDepend is a useful tool for understanding what your code base currently looks like and where it can improve. It provides a lot of information and context to you, hopefully giving you visibility into areas where improvement are needed.

Managing a code is hard. We preach the necessity of tools such as git, IDEs, and build pipelines, but often times there’s nothing checking the quality of our code. NDepend is a tool that can fill that gap.