There are several tools to measure the code quality. The ones I have tried with a lot of success are:
- FindBugs (latest version 1.3.8) – uses static analysis to look for bugs in Java code. This is a great tool, it discovered possible NullPointerExceptions and a lot more bugs in my projects. Sometimes I asked myself how this program could have discovered this ‘complicated’ bug.With the maven plugin you can do:
which will use version 1.3.8 out of the box
- PMD (latest version 4.2.5) – scans Java source code and looks for potential problems. The rules are configurable, but at the beginning you will only need the provided one (and spend a lot of time to choose your favourites )In NetBeans 6.5 this tool is well integrated and works like a charme (CTRL+ALT+P).
With the maven plugin you can do:
after you specified the following in the pom.xml under<reporting> <plugins> :
Other tools could be
- JarAnalyzer – Is a dependency management utility for jar files. It’s primary purpose is to traverse through a directory, parse each of the jar files in that directory, and identify the dependencies between the jar files.
- HammurAPI – a code quality governance platform
but I haven’t tried them so far.
For Findbugs and pmd there is a NetBeans plugin (SQE … software quality environment) which looks promising, but fails with a NullPointerException after I installed it via the update center and tried it on my project. Maybe I should use one of the snapshots. (BTW: I successfully used the pmd-plugin and findbugs in the standalone version).
Sonar is another interesting approach to use several code quality tools at a time. With Sonar it is possible to see the violations or possible bugs over das or weeks – so, you are looking at the improvements and you will not get lost in the mass of bugs at the beginning. Another “multi-tooling” project is XRadar.
A little bit offtopic, but a great tool is proguard, which shrinks, optimizes, obfuscates and preverifies Java class files. There is even a maven plugin for that.