자바 정적분석 도구들.
- PWD : PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex, PLSQL, Apache Velocity, XML, XSL.
- Include CPD the copy-paste-detector. CPD finds duplicated code
- command :
mvn pmd:pmd pmd:cpd
- Checkstyle : Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. It automates the process of checking Java code to spare humans of this boring (but important) task. This makes it ideal for projects that want to enforce a coding standard. Checkstyle is highly configurable and can be made to support almost any coding standard. An example configuration files are supplied supporting the Sun Code Conventions, Google Java Style
- 각 회사의 스타일엘 맞게 check_style.xml 을 정의할 수 있음
- command
mvn checkstyle:checkstyle
- FindBugs : Find Bugs in Java Programs
- Cobertura : A code coverage utility for Java. Cobertura is a free Java tool that calculates the percentage of code accessed by tests. It can be used to identify which parts of your Java program are lacking test coverage. It is based on jcoverage.
- Packages, Files, Classes, Methods, Lines, Conditionals 의 기준으로 커버리지 측정
- command
mvn cobertura:cobertura
Jenkins에 연결하기
- 플러그인 설치
- Checkstyle Plug-in
- Cobertura Plugin
- FindBugs Plug-in
- JUnit Plugin
- PMD Plug-in
- 각 플러그인에 맞게 설정! 설명은 젠킨스 플러그인 을 설치하면 잘 나와있습니다.
- CI + Static Analysis는 필수!
Reference
https://notion-ga.astrocket.vercel.app/collect?tid=UA-170846618-2&host=notion.so&page=/engineering/Java_Static_Analysis
https://notion-ga.astrocket.vercel.app/collect?tid=UA-170846618-2&host=notion.so&page=/engineering/Java_Static_Analysis