4 minute read

以下大部分工具使用样例请访问: https://github.com/jiangxincode/ApkToolBoxGUI

FindBugs

FindBugs, a program which uses static analysis to look for bugs in Java code.  It is free software, distributed under the terms of the Lesser GNU Public License. The name FindBugs™ and the FindBugs logo are trademarked by The University of Maryland. FindBugs has been downloaded more than a million times.

spotbugs

SpotBugs is a fork of FindBugs (which is now an abandoned project), carrying on from the point where it left off with support of its community. Please check the official manual for details.

CheckStyle

Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. It automates the process of checking Java code to spare humans of this boring (but important) task. This makes it ideal for projects that want to enforce a coding standard.

PMD

PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Salesforce.com Apex and Visualforce, PLSQL, Apache Velocity, XML, XSL.
Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Salesforce.com Apex and Visualforce.

p3c

Alibaba Java Coding Guidelines pmd implements and IDE plugin

JDeodorant

JDeodorant is an Eclipse plug-in that detects design problems in Java software, known as code smells, and recommends appropriate refactorings to resolve them.

Jdepend(Not Recommend)

JDepend traverses Java class file directories and generates design quality metrics for each Java package. JDepend allows you to automatically measure the quality of a design in terms of its extensibility, reusability, and maintainability to manage package dependencies effectively.
Jdepend很久没有维护了,后续不建议使用

Metrics

Emma(Not Recommend)

a free Java code coverage tool
Emma很久没有维护了,不支持Java 8+语法,后续不建议使用

JaCoco(Recommend)

JaCoCo is a free code coverage library for Java, which has been created by the EclEmma team based on the lessons learned from using and integration existing libraries for many years.

Cobertura(Not Recommend)

Cobertura is a free Java code coverage reporting tool.

Coverlipse(Not Recommend)

Coverlipse is an Eclipse plugin that visualizes the code coverage of JUnit Tests. It is unique for it integrates seamlessly in Eclipse. The coverage results are given directly after a JUnit run. This makes it the perfect tool for developers to recognize their tests fullfil their task. 

JavaNCSS(Not Recommend)

JavaNCSS - A Source Measurement Suite for Java. 
JavaNCSS很久没有维护了,不支持Java 8+语法,后续不建议使用

Simian

Simian (Similarity Analyser) identifies duplication in Java, C#, C, C++, COBOL, Ruby, JSP, ASP, HTML, XML, Visual Basic, Groovy source code and even plain text files. In fact, simian can be used on any human readable files such as ini files, deployment descriptors, you name it.

注:If you like simian-maven-plugin, you can vote for my answer on http://stackoverflow.com/questions/1077700/how-do-you-use-the-maven-simian-plugin-in-maven2

SourceMonitor

SourceMonitor lets you see inside your software source code to find out how much code you have and to identify the relative complexity of your modules. For example, you can use SourceMonitor to identify the code that is most likely to contain defects and thus warrants formal review.

iPlasma

iPlasma is an integrated environment for quality analysis of object-oriented software systems that includes support for all the necessary phases of analysis: from model extraction (including scalable parsing for C++ and Java) up to high-level metrics-based analysis, or detection of code duplication. iPlasma has three major advantages: extensibility of supported analysis, integration with further analysis tools and scalability, as it was used in the past to analyse large-scale projects in the size of millions of code lines (e.g. Eclipse and Mozilla).

inFusion

Whether you own, are responsible for, or are acquiring software projects in C/C++ or Java, inFusion puts you in full control of architecture and design quality. inFusion makes quality assurance of multi-million LOC systems not merely practical, but effective, successfully handling both object oriented and procedural style code.

structure101

coverity

Coverity® static application security testing (SAST) helps you build software that’s more secure, higher-quality, and compliant with standards.

pinpoint

静态分析,源代码审计

Infer

Infer is a static analysis tool - if you give Infer some Java or C/C++/Objective-C code it produces a list of potential bugs. Anyone can use Infer to intercept critical bugs before they have shipped to users, and help prevent crashes or poor performance.

FireLine

cloc

cloc counts blank lines, comment lines, and physical lines of source code in many programming languages.

额外阅读

Comments