Home

Image represents a media kit with boilerplate, logos and more

Guide

source code: developer's guide

Source code is made up of the instructions developers write to tell a computer what to do, and it’s fundamental to software development. Whether you’re using a mobile phone app, visiting a website, or using an operating system tool on your computer desktop—source code is behind it all.

What is source code in software development?
Why is source code important?
What are the types of source code?
What are source code examples?
What are source code tools?
What is a source code repository?
What is a source code review?
Sonar and source code

Understanding source code isn't just for computer programmers.

Are you interested in the fundamental building blocks of creating and maintaining software? In this post, we’ll unpack the concept of source code—what it is, why it’s important, and more.

Let’s begin by looking at the definition and role of source code in modern software engineering.

What is source code in software development?

Source code is the set of instructions that a programmer writes to create software. Every instruction (also known as an algorithm) is written in a specific programming language, such as Python, HTML, C++, or Java.

Source code is like a detailed recipe for computers to follow. It lays out every action a computer should perform to execute a task or run a software program. And it does so in a language the computer can understand.

Because of this, source code is the DNA of every software application, website, or digital tool that we use.

You might have a simple computer program that adds two numbers, or an immensely complex system that manages billions of transactions.

Either way, source code is the starting point of all software development.

Why is source code important?

As the fundamental building block for computers, source code facilitates the development, maintenance, and enhancement of software.

Here's why it’s so important:

Foundation for software: At its core, every digital tool, application, or system starts as source code written by developers.
Customization, improvement, and optimization: When you have access to the software’s source code, you can tweak, enhance, and fix that software. This flexibility is crucial for adapting software to meet user needs, addressing security concerns, or modifying the software to improve and optimize performance.
Troubleshooting and debugging: When things go wrong, the ability to examine and modify the source code is crucial.
Innovation and collaboration: Source code is at the heart of the open source movement, where developers share their code to collaborate on projects. This plays a huge role in fostering innovation and speeding up technological advancement.
Security: By identifying security vulnerabilities in the source code, developers can take steps to protect software against potential threats and attacks.

What are the types of source code?

There are many different ways to categorize source code, so we’ll just look at three common approaches.

1. Open source versus proprietary

Open source code is accessible to everyone.

Because the open source movement is built on values like collaboration and transparency, open source software can be modified or shared by anyone.

This is, in part, how the software world experiences collective improvements and innovations.

On the other hand, proprietary source code—also known as closed source—is private, and access to it is restricted.

Closed source code is owned by individuals or companies.

Modifying or sharing code without permission is generally forbidden.

Proprietary software is usually found commercially, as companies aim to protect their intellectual property.

2. Categorized by computer programming language

The language in which source code is written greatly affects its design and function.

For example, a language like Python is favored for its simplicity and readability.

In contrast, C++ is chosen for its performance and control over system resources.

Each language has its own set of syntax rules and ways of handling memory.

Every language comes with certain conveniences - and is suitable to certain domains.

Because certain languages fit certain use cases more appropriately, the availability of so many different languages caters well to the many different types of projects and developer preferences.

Compiled versus interpreted

Another way to categorize source code is by whether it is compiled or interpreted. (This is related to the programming language in which the source code is written.)

With compiled languages, the original source code starts as a high-level language (such as the C programming language).

Then, it undergoes a transformation by a compiler into another form called machine language (or machine code or bytecode).

These are executable files containing binary code that is no longer human-readable.

Compilation is an essential prerequisite for executing the software, but the result distinguishes the source code from the executable code.

On the other hand, source code written in interpreted languages—such as PHP or JavaScript—is executed directly by an interpreter, line by line.

This allows for greater flexibility and ease of testing but can result in slower execution times compared to compiled languages.

What are source code examples?

Consider the following simple source code examples in two different programming languages: JavaScript and C.

Both snippets below define a function to add two numbers, displaying and returning the result.

These snippets help to showcase the syntax and structure unique to each language.

Example 1: JavaScript

In JavaScript, which is commonly used for web and server applications, we can use console.log to display the sum:

function displaySum(a, b) {
    let sum = a + b;
    console.log("The sum is: " + sum);
    return sum;
}

Example 2: C

C is a powerful programming language that's often used for system/software development and embedded systems. Here's a similar function in C:

#include <stdio.h>

int displaySum(int a, int b) {
    int sum = a + b;
    printf("The sum is: %d\n", sum);
    return sum;
}

Here, displaySum calculates the sum, outputs it using printf, and then returns the sum. The %d in the printf statement is a placeholder for the integer sum, demonstrating C's type-specific formatting for output.

These examples illustrate how functions in source code can perform calculations and interact with the user or system environment by displaying output.

Though the languages and specific I/O methods differ, the fundamental concept of executing a task—calculating and displaying a sum—remains consistent.

What are source code tools?

Source code tools are software that help developers manage, analyze, and improve the quality of their source code. Along with helping developers work more effectively, automated tools can also detect bugs, security vulnerabilities, and code smells (poor coding practices that might indicate deeper problems).

They also help ensure code is not only functional but also clean and efficient.

Different kinds of source code tools include:

Code editors and Integrated Development Environments (IDEs): Platforms for writing source code, with built-in text editor features like syntax highlighting, code completion, and debugging support.
Version control systems: For tracking changes to source code over time and allowing multiple developers to collaborate on the same project without conflicts.
Static code analyzers: Automatically perform source code analysis for potential errors, coding standards violations, and security issues.
Continuous integration/continuous delivery (CI/CD) tools: Automate the testing and deployment of code changes, helping teams integrate new code and deliver updates more rapidly and reliably.

SonarSource offers tools that specifically target improving code quality:

SonarQube: A self-managed platform for the continuous inspection of code quality and security by scanning source code. It supports over 30+ programming languages and frameworks (such as Java, Python, PHP, and JavaScript), and infrastructure technologies (such as Terraform and CloudFormation). It also integrates with the most popular CI/CD tools and DevOps platforms.
SonarCloud: Similar in features to SonarQube but offered as a cloud service. Teams don’t need to manage their own infrastructure.
SonarLint: A free and open source IDE plugin that provides real-time feedback on code quality as developers write code. This automates the maintenance of high code standards.

Source code tools do more than just detect potential issues; they help developers be better.

Ultimately, this leads to the development of more reliable and secure software.

By integrating source code tools into their workflow, developers level up their productivity and the quality of their output.

What is a source code repository?

A source code repository is a digital archive for storing, managing, and tracking source code. Fundamental to these software management systems is the concept of version control—a system that records changes to a codebase over time.

Version control allows developers to navigate through previous versions of their source code files.

By enabling detailed tracking of every modification, version control systems ensure that any team member can:

Update code confidently
Recover earlier versions if necessary
Merge changes from other contributors efficiently

Popular version control platforms include GitHub, GitLab, and Bitbucket.

What is a source code review?

A source code review is a process where developers examine each other's code for errors or issues before merging it into the main project. This step is crucial for ensuring source code security and quality, as it allows for the early detection of bugs or coding standard violations.

In addition to bug hunting, code reviews provide an opportunity for knowledge sharing and reinforcing best practices within a team.

What is source code testing?

Source code testing is a systematic (and often automated) process to ensure that the code meets its intended functionality and is free of bugs or vulnerabilities.

Testing comes in multiple phases, with each one designed to assess the source code and the software in different ways:

Unit testing looks at individual components or functions for correctness. This is the most granular level of testing.
Integration testing is next. It validates how well different modules or services work together. It's crucial for surfacing issues in how components interact with one another.
System testing evaluates system behavior as a whole. It tests the complete and fully integrated software product to ensure it meets the specified requirements.
Acceptance testing is the final phase, conducted with end users to assess how the software meets their requirements.

Each type of testing has its rightful place in the development lifecycle, contributing to the creation of high-quality, dependable software.

Sonar and source code

In this guide, we've explored various fundamental concepts related to source code.

We’ve looked at its importance, its various types, and even some examples.

We've also touched on how source code is tracked and reviewed through tools designed to ensure the highest standards of quality and security.

SonarSource offers a suite of tools that provide invaluable support in maintaining source code quality, identifying potential issues early, and fostering best practices among development teams.

To learn more, start working with our tools for free.