Java Code Quality Tools

by Orest Ivasiv

Twitter: @halyphBlog: halyph.blogspot.com

CodePro Analytix• Code Analysis• Metrics• Code Coverage • Dependency Analysis• JUnit Test Generation• Similar Code Analysis

PMD• Possible bugs - empty try/catch/finally/switch statements• Dead code - unused local variables, parameters and private

methods• Suboptimal code - wasteful String/StringBuffer usage• Overcomplicated expressions - unnecessary if statements, for

loops that could be while loops• Duplicate code - copied/pasted code means copied/pasted bugs

FindBugs• Correctness bug - Probable bug - an apparent coding

mistake resulting in code that was probably not what the developer intended. We strive for a low false positive rate.

• Bad Practice - Violations of recommended and essential coding practice. Examples include hash code and equals problems, cloneable idiom, dropped exceptions, serializable problems, and misuse of finalize. We strive to make this analysis accurate, although some groups may not care about some of the bad practices.

• Dodgy - Code that is confusing, anomalous, or written in a way that leads itself to errors. Examples include dead local stores, switch fall through, unconfirmed casts, and redundant null check of value known to be null. More false positives accepted. In previous versions of FindBugs, this category was known as Style.

Code Coverage• Cobertura

o eCobertura – Eclipse Plugin

• EMMAo EclEmma and JaCoCo – Eclipse Plugins

Coding standard analysis

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. It automates the process of checking Java code to spare humans of this boring (but important) task. This makes it ideal for projects that want to enforce a coding standard.

Tattletale• Identify dependencies between JAR files• Find missing classes from the classpath• Spot if a class/package is located in multiple JAR files• Spot if the same JAR file is located in multiple locations• With a list of what each JAR file requires and provides• Verify the SerialVersionUID of a class• Find similar JAR files that have different version numbers• Find JAR files without a version number• Find unused JAR archives• Identify sealed / signed JAR archives• Locate a class in a JAR file• Get the OSGi status of your project• Remove black listed API usage

Consolidated Tools• Sonar

• Xradar

• QALab

UCDetector• Unnecessary Code Detector is a eclipse PlugIn

to find unnecessary (dead) public Java code. For example public classes, methods or fields which have no references. UCDetector creates markers for the following problems, which appear in the eclipse problem view:o Unnecessary (dead) codeo Code where the visibility could be changed to protected, default or

privateo Methods of fields, which can be final