DeepSource static analysis of a large golang codebase
What do you like best?
DeepSource fits easily into InsurTechnix's workflow, and gives us confidence in the quality of the code we deploy to our customers. InsurTechnix builds software for advanced cross-platform cyber-hygiene. Because our customers trust InsurTechnix to analyse their most sensitive data we believe in defence-in-depth at all levels of our product. DeepSource's highly detailed automated analysis is a excellent complement to high-level peer review of source code PRs.
What do you dislike?
Only cosmetic issues - e.g. the need to log in to DeepSource even when clicking through a link from GitLab. We find that the quality of the automated reviews is very high.
Recommendations to others considering the product:
DeepSource is extremely easy to set up and trial, so definitely worth including in any short list for a head-to-head comparison. Currently we are using DeepSource in a small scale-up, and are very happy with it in that context. The technical code analysis is solid, but I recommend that large enterprises should verify that DeepSource's reporting fits with their workflows.
What problems are you solving with the product? What benefits have you realized?
It is critical to make the most efficient use of our dev team's time. DeepSource's detection of "anti-patterns" eliminates bugs before they occur. The detection of deprecated APIs is another nice feature that gives early heads-up on necessary refactoring.
