Bitrot
|So from hardware failure back to software failure.
Bitrot is defined in The Jargon File as
I would measure bitrot by the amount of effort required to get a formerly perfectly functioning piece of software that used to work three years ago to do the same thing in, say, Windows 8, or your new cloudy environment thats going to save you money by making you rebuild everything again, whilst locking your data into a third-party vendor’s environment that will be extraordinarily difficult to extricate yourself from at a later point in time when they decide to charge per individual CPU opcode.
Assuming you’ve got maven running (and therefore bamboo, nexus or something similar), I think it would be interesting to make charts of the following things over time:
- number of inconsistent artifacts within an environment (i.e. same artifact at different version levels)
- same classes/resources in multiple JARs/in different locations in classpath (and/or different precedent levels)
- artifacts that don’t match their md5/sha1 hashes in your repository (probably local builds, patched builds, or multiple branches/directories building to the same version number)
- number of dead branches in your source control system
- number of active branches in your source control system (i.e. old branches still in production or the number of active maven builds)
- number of undocumented classes / packages
- number of untested classes / packages
- number of active APIs
- some measurement of maven dependency complexity (e.g. number of dependent packages per artifact or the total number of JARs within a WAR/EAR )
- time since last update of each maven artifact (may indicate no owner/maintainer of code)
- code size / file size
- changes to release branches that have not been integrated into HEAD in source control
- changes to old branches that have not been integrated into HEAD
- changes to HEAD that have not been integrated into branches being actively developed
- maven groupIds/artifact names that bear no relation to their java package structure
- maven groupIds/artifact names that bear no relation to their position relative to HEAD in source control
- xml namespace inconsistencies
- any use of AOP
- the number of levels of configuration before you hit something that isn’t a dereferenced property
- projects that aren’t in bamboo
- projects that aren’t in nexus
- inconsistent version numbers across a branch
- groupIds/artifactIds that are not consistent between maven1/maven2 files in the same folder
- inconsistent bamboo build config (e.g. java versions)
- maven build plan descriptions that bear no relation to their locations in source control
- inconsistent bamboo config for plans within a project (java versions, clover-enabled…)
- project dependency artifact versions that override parent dependency versions (mvn2) or vice versa (mvn3)
- SNAPSHOT project dependency artifact versions that are in a parent pom xml
- inconsistent parent pom version numbers between projects
I wrote most of this list a few years ago when I was working in a much, much larger company but I still think it’s relevant today, so if anyone wants to go and write up some anthropological software that generates some metrics out of, say, everything that’s currently sitting on central, then I would find that sort of thing fascinating.
So someone go and do that.