TL;DR: dbLinter analyzes your Oracle PL/SQL code for common good-practice violations, such as unused variables, insecure patterns, or naming issues. Integrate it into your code editor for real-time feedback or your CI/CD pipelines for automated checks.

What is Linting?

Like a compiler, a linter parses source code to understand its structure. But instead of executing the program, it analyzes for programmatic or stylistic errors.

For instance, after parsing, it recognizes l_timeout_mins as a NUMBER constant used in a function call. It then applies rules, like one requiring constants to start with c_. dbLinter flags the mismatch in l_timeout_mins as a violation:

Linters generally analyze only the provided code (though dbLinter can execute queries for added context). So they can’t tell you that your written code does not match the specification of the project or that your architecture is suboptimal for the estimated user count. Linting falls under “static program analysis”.

The benefits of Linting

Linting is incredibly valuable, especially in bigger teams, as it enforces a certain level of code quality without having a human to manually check. Your senior developers will save a lot of time and can focus on the critical parts of the code instead of making sure the basic code quality issues are addressed.

Additionally, linters are a great help for inexperienced developers. When I learned JavaScript, I was truly grateful for having a nice linter, which immediately gave me feedback on how I could improve my code. Linters typically also provide a link to a website that explains a rule in detail, which ensures that you understand the issue. Typically, a junior would do a code review with another developer and get a huge list of feedback, which can feel overwhelming (use varchar2 instead of char, add char semantics, etc.).

Next to pointing out issues, a linter can also provide fixes for issues. This depends on the rules because some violations require a human to rethink the code. In this example, dbLinter can append the backtrace to the error logging message with a quick fix:

What can dbLinter check?

dbLinter supports over 180 rules. Browse and filter them by tags (e.g., security, performance) or severity on our rules website.

Some rules are objective standards, others are opinionated, and for some, consistency matters. To make dbLinter fit your needs, you can manage configurations in an APEX application. To make the adoption phase smooth, we have built profiles that allow you to start with a smaller subset of issues, fix these violations, and then iteratively enable stricter rules.

Adjust rule severities (errors for must-fixes, warnings for suggestions, hints for nudges) or parameters (e.g., identifier length, logging packages, naming conventions).

dbLinter can additionally run SQL-based checks. For example, rule G-1240 requires every foreign key to be indexed. Since foreign key and index definitions may be in different files or repositories, it's more effective to just query the database to make sure there are no violations.

A successor to Trivadis db* CODECOP

We are collaborating with Grisselbav (Philipp Salvisberg) on this project. He was responsible for maintaining the decommissioned db* CODECOP tool suite, which was based on the Trivadis PL/SQL & SQL Coding Guidelines.

Many dbLinter rules are based on the Trivadis Coding guidelines. Philipp rewrote the software with a new parser and modern integrations using a language server to simplify reuse in other IDEs and further tools of the dbLinter toolsuite, like a CLI and a SonarQube plugin.

Will it cost money?

dbLinter will be a commercial and subscription-based product, but you can get started for free. For the anonymous plan, you just have to install the VS Code extension. To use all free features, you have to sign up. Signing up allows you to manage a personal configuration.

The essential plan allows you to create shared configurations for your whole team, and with professional, you can even implement custom rules.

You can check out the detailed pricing on dbLinters product page.

Get started today

You can try dbLinter today by installing the VS Code extension. If you use another VS Code-based editor like Cursor, please refer to the Open VSX Registry.

In this video I explain how to sign up for an account and configure your rules and parameters.

We welcome your feedback!