Well, this makes scents: Kotlin code quality smells better than Java

Google-backed language seeps into Android apps, improves programming craftmanship


Kotlin, which Google blessed last year as an alternative to Java for programming Android apps, has already made its way into almost 12 per cent of open source Android apps, and in so doing has elevated their code quality.

So we're told by computer scientists Bruno Gois Mateus and Matias Martinez, affiliated with University of Valenciennes in France, who observed that Google at the end of 2017 said Kotlin had infiltrated more than 17 per cent of Android apps developed with its IDE, Android Studio 3.0.

Kotlin is an open source statically typed programing language that targets the JVM, Android, JavaScript (transpiling to ES5.1) and native platforms (via LLVM). JetBrains, the company that created it, contends Kotlin is more concise and more type-safe than Java. It estimates that apps written in Kotlin require about 40 per cent less code than they would with Java. With fewer lines of code, in theory, one can expect fewer bugs.

In a paper distributed through pre-print service ArXiv, "An Empirical Study on Quality of Android Applications written in Kotlin language," Mateus and Martinez describe how they gathered 925 apps from the open source F-Droid repository, measured the amount of Kotlin code in each, and analyzed the code for "smells" as an indicator of code quality.

"Smells" is a more visceral alternative to "anti-patterns," a term of art used to refer to bad coding patterns. In Java, The Blob (a.k.a God Objects) represents a commonly cited anti-pattern.

The code boffins found that 109 out of 925 applications in their F-Droid dataset had at least one version between 2017 and 2018 written using Kotlin.

Among the most recent versions of each Kotlin-positive app – they looked at multiple versions when available – 35 per cent were written exclusively with the language. And for about 68 per cent of the Kotlin apps, the amount of Kotlin code increased in subsequent versions while the amount of Java code dwindled.

For their code quality sniff test, the researchers relied on Paprika, a toolkit to "detect some code smells in analysed Android applications."

Their conclusion: Java stinks (or more charitably, Kotlin smells like roses).

And yet Java persists

Using Paprika, they tested for 10 distinct smells, 4 related to object-oriented (OO) code and 6 related to Android.

The object-oriented anti-patterns included: Blob Class (BLOB), Swiss Army Knife (SAK), Long Method (LM), and Complex Class (CC). And the Android anti-patterns included: Heavy Broadcast Receiver (HBR), Heavy AsyncTask (HAS), Heavy Service Start (HSS), Init OnDraw (IOD), No Low Memory Resolver (NLMR), and UI Overdraw (UIO).

Kotlin screenshot

Kotlin's killin' Java among Android devs

READ MORE

Among the OO patterns, 3 out of 4 – LM, CC and BLOB – showed up in at least 92 per cent of both Kotlin and Java apps, with OO smells being more common in Kotlin apps.

But the computer scientists found Java apps overall had more entities affected by 4 of the 10 scents than Kotlin, where only 1 in 10 apps induced gagging.

"Regarding the immediate impact of introducing Kotlin on Android applications, i.e., the first version that has Kotlin code, we found that the adoption of Kotlin produces a rise of the quality from, at least, 50 per cent of the applications," the paper declares.

Incidentally, a separate group of researchers – Sarra Habchi, Geoffrey Hecht, Romain Rouvoy, and Naouel Moha – last year conducted a similar sniff test spanning both iOS and Android apps.

Comparing Objective-C apps and Swift apps, they found that iOS apps have roughly the same proportion of bad smells regardless of programming language, but stink less than Android apps. They conclude, "while the results clearly indicate that the Android apps have more outliers than the iOS ones, this does not necessarily mean that Android apps are globally worst in terms of quality." ®

Broader topics


Other stories you might like

  • Mega's unbreakable encryption proves to be anything but
    Boffins devise five attacks to expose private files

    Mega, the New Zealand-based file-sharing biz co-founded a decade ago by Kim Dotcom, promotes its "privacy by design" and user-controlled encryption keys to claim that data stored on Mega's servers can only be accessed by customers, even if its main system is taken over by law enforcement or others.

    The design of the service, however, falls short of that promise thanks to poorly implemented encryption. Cryptography experts at ETH Zurich in Switzerland on Tuesday published a paper describing five possible attacks that can compromise the confidentiality of users' files.

    The paper [PDF], titled "Mega: Malleable Encryption Goes Awry," by ETH cryptography researchers Matilda Backendal and Miro Haller, and computer science professor Kenneth Paterson, identifies "significant shortcomings in Mega’s cryptographic architecture" that allow Mega, or those able to mount a TLS MITM attack on Mega's client software, to access user files.

    Continue reading
  • RISC OS: 35-year-old original Arm operating system is alive and well
    1980s refugee, open source, and runs on modern kit

    RISC OS, the operating system of the original Arm computer, the Acorn Archimedes, is still very much alive – and doing relatively well for its age.

    In June 1987, Acorn launched the Archimedes A305 and A310, starting at £800 ($982) and running a new operating system called Arthur. At the time, it was a radical and very fast computer. In his review [PDF] for Personal Computer World, Dick Pountain memorably said: "It loads huge programs with a faint burping noise, in the time it takes to blink an eye."

    Arthur was loosely related to Acorn's earlier MOS, the BBC Micro operating system but looked very different thanks to a prototype graphical desktop, implemented in BBC BASIC, that could charitably be called "technicolor."

    Continue reading
  • HCL to end all support for old versions of Notes and Domino in 2024
    As if users needed any more reminders they’re stuck on a dying platform

    HCL has given users of versions 9.x and 10.x of its Domino groupware platform two years warning that they'll have to upgrade or live without support.

    Domino started life as Lotus Notes before IBM bought the company and milked the groupware platform for decades then offloaded it to India's HCL in 2018. HCL has since released two major upgrades: 2020's version 11 and 2021's version 12.

    Now it looks like HCL wants to maximize the ROI on those efforts – a suggestion The Register makes as the company today emailed Domino users warning them that versions 9.x and 10.x won't be sold as of December 1, 2022, and won't receive any support as of June 1, 2024.

    Continue reading
  • 1Password's Insights tool to help admins monitor users' security practices
    Find the clown who chose 'password' as a password and make things right

    1Password, the Toronto-based maker of the identically named password manager, is adding a security analysis and advice tool called Insights from 1Password to its business-oriented product.

    Available to 1Password Business customers, Insights takes the form of a menu addition to the right-hand column of the application window. Clicking on the "Insights" option presents a dashboard for checking on data breaches, password health, and team usage of 1Password throughout an organization.

    "We designed Insights from 1Password to give IT and security admins broader visibility into potential security risks so businesses improve their understanding of the threats posed by employee behavior, and have clear steps to mitigate those issues," said Jeff Shiner, CEO of 1Password, in a statement.

    Continue reading

Biting the hand that feeds IT © 1998–2022