Checkstyle. “Checkstyle is a development tool to help programmers write Java ....
PMD scans Java source code and looks for potential problems like: Possible ...
Software Testing CI Tools for Software Quality Measurement
Beat Fluri
software evolution & architecture lab
Quality Control Tools Coding conventions for readability Checkstyle
Coverage of test code Cobertura
Searching for potential bugs Findbugs PMD
Software measurement (well-known software metrics) Sonar (not only for software metrics)
Checkstyle “Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. It automates the process of checking Java code to spare humans of this boring (but important) task. This makes it ideal for projects that want to enforce a coding standard.” http://checkstyle.sourceforge.net/ Maven plugin http://maven.apache.org/plugins/maven-checkstyle-plugin/
Configure via XML or wizard in Eclipse http://eclipse-cs.sourceforge.net/
FindBugs “[FindBugs] a program which uses static analysis to look for bugs in Java code.” http://findbugs.sourceforge.net/ Over 350 bug patterns http://findbugs.sourceforge.net/bugDescriptions.html
FindBugs Possible bugs are described as code patterns Pattern are categorized: Bad practice Correctness Malicious code vulnerability Performance Security Dodgy and some more
FindBugs Performance Method concatenates strings using + in a loop (use StringBuilder instead) Method allocates a boxed primitive just to call toString new Integer(1).toString(); Integer.toString(1);
PMD PMD scans Java source code and looks for potential problems like: Possible bugs - empty try/catch/finally/switch statements Dead code - unused local variables, parameters and private methods Suboptimal code - wasteful String/StringBuffer usage Overcomplicated expressions - unnecessary if statements, for loops that could be while loops Duplicate code - copied/pasted code means copied/pasted bugs
http://pmd.sourceforge.net/ Over 280 rules http://pmd.sourceforge.net/rules/index.html
Sonar “Sonar is an open platform to manage code quality.” http://www.sonarsource.org/ 7 axes of code quality Architecture and design, Unit Tests Duplications, Complexity, Potential bugs Coding rules, Comments