Amazon CodeGuru that finds your most expensive lines of code is now officially available
AWS today announced that CodeGuru, a set of tools that use machine learning to automatically review code for bugs and suggest potential optimizations, is now generally available. The tool launched into preview at AWS re: Invent last December. Even for the most seasoned engineers, it can be difficult to detect some types of code issues even through peer code reviews and unit testing.
It can also be challenging to identify the most resource-intensive code methods without needing performance engineering expertise. CodeGuru helps you catch code issues faster and earlier, and improve application performance. CodeGuru Reviewer detects and flags wide-ranging issues in source code such as thread safety issues, use of un-sanitized inputs, inappropriate handling of sensitive data, and resource leaks.
It also detects a deviation from best practices for using AWS APIs and SDKs, flagging common issues that can lead to production issues, such as detection of missing pagination or error handling with batch operations.
CodeGuru Profiler is always searching for application performance optimizations, recommending ways to fix issues such as excessive recreation of expensive objects, expensive deserialization, usage of inefficient libraries, and excessive logging. CodeGuru Profiler runs continuously in production, consuming minimal CPU capacity so it does not significantly impact application performance.
Below are the features of the CodeGuru Reviewer and Profiler as stated by the company.
The CodeGuru Reviewer includes the following features:
- Support for Github Enterprise – You can now scan your pull requests and get recommendations against your source code on Github Enterprise on-premises repositories, together with a description of what’s causing the issue and how to remediate it.
- New types of recommendations to solve defects and improve your code – For example, checking input validation, to avoid issues that can compromise security and performance, and looking for multiple copies of code that do the same thing.
CodeGuru Profiler, you can find these new capabilities:
- Anomaly detection – We automatically detect anomalies in the application profile for those methods that represent the highest proportion of CPU time or latency.
- Lambda function support – You can now profile AWS Lambda functions just like applications hosted on Amazon Elastic Compute Cloud (EC2) and containerized applications running on Amazon ECS and Amazon Elastic Kubernetes Service, including those using AWS Fargate.
- Cost of issues in the recommendation report – Recommendations contain actionable resolution steps that explain what the problem is, the CPU impact, and how to fix the issue. To help you better prioritize your activities, you now have an estimation of the savings introduced by applying the recommendation.
- Color-my-code – In the visualizations, to help you easily find your own code, we are coloring your methods differently from frameworks and other libraries you may use.
- CloudWatch metrics and alerts – To keep track and monitor efficiency issues that have been discovered.
To use CodeGuru, developers continue to commit their code to their repository of choice, no matter whether that’s GitHub, Bitbucket Cloud, AWS’s own CodeCommit, or another service. CodeGuru Reviewer then analyzes that code, tries to find bugs and, if it does, it will also offer potential fixes. All of this is done within the context of the code repository, so CodeGuru will create a GitHub pull request, for example, and add a comment to that pull request with some more info about the bug and potential fixes.
Amazon CodeGuru is available today in 10 regions, and we are working to add more regions in the coming months. For regional availability, please see the AWS Region Table. AWS CloudFormation support is coming soon.
For more news on tech and cybersecurity stay tuned at Android Rookies by subscribing to our newsletter from here.