SlideShare uma empresa Scribd logo

The Wise Developers' Guide to Static Code Analysis (image preview)

ZeroTurnaround
ZeroTurnaround

Did you know that most developers don't monitor or fix code quality issues in their applications? In this RebelLabs report, we discuss code quality, namely Static Code Analysis tools like Findbugs, Checkstyle, PMD, Coverity and SonarQube, and how these tools make a difference in both the quality of your code and your ability to deliver apps predictably and on time. Additionally, we show you how to set up each tool, enable the small customizations that matter and offer some advice for how to avoid common pitfalls. Go here for the full report: http://rebellabs.org

SoftwareTurismoTecnologia
1 de 13
Baixar para ler offline
1All rights reserved. 2014 © ZeroTurnaround OÜ FEATURING FINDBUGS, CHECKSTYLE, PMD, COVERITY AND SONARQUBE THE WISE DEVELOPERS’ GUIDE TO STATIC CODE ANALYSIS How many bugs will you find?
2All rights reserved. 2014 © ZeroTurnaround OÜ CHAPTER I: WELCOME TO STATIC CODE ANALYSIS, THAT THING YOU AREN’T DOING "The quality of your code is a weak spot in almost every software project you’ll ever touch. This is because ongoing development ensures that even the bits you were once proud of become, over time, first less elegant, then rough, and finally incomprehensible." OLEG SHELAJEV, Java Developer/Author
2All rights reserved. 2014 © ZeroTurnaround OÜ
3All rights reserved. 2014 © ZeroTurnaround OÜ
4All rights reserved. 2014 © ZeroTurnaround OÜ
5All rights reserved. 2014 © ZeroTurnaround OÜ
6All rights reserved. 2014 © ZeroTurnaround OÜ
7All rights reserved. 2014 © ZeroTurnaround OÜ
8All rights reserved. 2014 © ZeroTurnaround OÜ
9All rights reserved. 2014 © ZeroTurnaround OÜ
10All rights reserved. 2014 © ZeroTurnaround OÜ
11All rights reserved. 2014 © ZeroTurnaround OÜ
12All rights reserved. 2014 © ZeroTurnaround OÜ Report Authors: Oleg Shelajev, Sigmar Muuga, Simon Maple, Oliver White​ Report Designer: Ladislava Bohacova​ Contact Us Estonia Ülikooli 2, 4th floor Tartu, Estonia, 51003 Phone: +372 653 6099 Twitter: @RebelLabs Web: http://zeroturnaround.com/rebellabs Email: labs@zeroturnaround.com USA 399 Boylston Street, Suite 300, Boston, MA, USA, 02116 Phone: 1(857)277-1199 Czech Republic Osadní 35 - Building B Prague, Czech Republic 170 00 Phone: +372 740 4533

Recomendados

Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsOrest Ivasiv
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisAnnyce Davis
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisGeneva, Switzerland
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisRune Sundling
 
Best Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCBest Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCParasoft_Mitchell
 
Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsAnju ML
 
Static code analysis with sonar qube
Static code analysis with sonar qubeStatic code analysis with sonar qube
Static code analysis with sonar qubeHayi Nukman
 
Static Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerStatic Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerIlya Sergey
 

Recomendados

Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsOrest Ivasiv
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisAnnyce Davis
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisGeneva, Switzerland
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisRune Sundling
 
Best Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCBest Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCParasoft_Mitchell
 
Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsAnju ML
 
Static code analysis with sonar qube
Static code analysis with sonar qubeStatic code analysis with sonar qube
Static code analysis with sonar qubeHayi Nukman
 
Static Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerStatic Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerIlya Sergey
 
Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Ian Skerrett
 
[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.Esteban Pintos
 
Beyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherBeyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherJohan Janssen
 
Introduction to FindBugs
Introduction to FindBugsIntroduction to FindBugs
Introduction to FindBugsoption0417
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applicationsnadeembtech
 
Euro python 2015 writing quality code
Euro python 2015 writing quality codeEuro python 2015 writing quality code
Euro python 2015 writing quality coderadek_j
 
WordCamp US: Clean Code
WordCamp US: Clean CodeWordCamp US: Clean Code
WordCamp US: Clean Codemtoppa
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? Geeks Anonymes
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerManu Pk
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube OverviewAhmed M. Gomaa
 
Sonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisSonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisPrashant Gupta
 
Managing code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaManaging code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaITSpark Community
 
Poster Analysis Source Code
Poster Analysis Source CodePoster Analysis Source Code
Poster Analysis Source Codekirstysals
 
Static Code Analysis and Cppcheck
Static Code Analysis and CppcheckStatic Code Analysis and Cppcheck
Static Code Analysis and CppcheckZachary Blair
 
Sonarqube
SonarqubeSonarqube
SonarqubePeerapat Asoktummarungsri
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SASTBlueinfy Solutions
 
Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Martin de Keijzer
 
XRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsXRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsZeroTurnaround
 
Redeploy chart
Redeploy chartRedeploy chart
Redeploy chartZeroTurnaround
 
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksTop Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksZeroTurnaround
 
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...ZeroTurnaround
 
Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)ZeroTurnaround
 

Mais conteúdo relacionado

Destaque

Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Ian Skerrett
 
[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.Esteban Pintos
 
Beyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherBeyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherJohan Janssen
 
Introduction to FindBugs
Introduction to FindBugsIntroduction to FindBugs
Introduction to FindBugsoption0417
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applicationsnadeembtech
 
Euro python 2015 writing quality code
Euro python 2015 writing quality codeEuro python 2015 writing quality code
Euro python 2015 writing quality coderadek_j
 
WordCamp US: Clean Code
WordCamp US: Clean CodeWordCamp US: Clean Code
WordCamp US: Clean Codemtoppa
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? Geeks Anonymes
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerManu Pk
 
Sonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisSonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisPrashant Gupta
 
Managing code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaManaging code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaITSpark Community
 
Poster Analysis Source Code
Poster Analysis Source CodePoster Analysis Source Code
Poster Analysis Source Codekirstysals
 
Static Code Analysis and Cppcheck
Static Code Analysis and CppcheckStatic Code Analysis and Cppcheck
Static Code Analysis and CppcheckZachary Blair
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SASTBlueinfy Solutions
 
Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Martin de Keijzer
 

Destaque (17)

Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Eclipse community survey 2014 v2
Eclipse community survey 2014 v2
 
[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.
 
Beyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherBeyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even further
 
Introduction to FindBugs
Introduction to FindBugsIntroduction to FindBugs
Introduction to FindBugs
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applications
 
Euro python 2015 writing quality code
Euro python 2015 writing quality codeEuro python 2015 writing quality code
Euro python 2015 writing quality code
 
WordCamp US: Clean Code
WordCamp US: Clean CodeWordCamp US: Clean Code
WordCamp US: Clean Code
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ?
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps Engineer
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube Overview
 
Sonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisSonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysis
 
Managing code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaManaging code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu Vunvulea
 
Poster Analysis Source Code
Poster Analysis Source CodePoster Analysis Source Code
Poster Analysis Source Code
 
Static Code Analysis and Cppcheck
Static Code Analysis and CppcheckStatic Code Analysis and Cppcheck
Static Code Analysis and Cppcheck
 
Sonarqube
SonarqubeSonarqube
Sonarqube
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SAST
 
Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)
 

Mais de ZeroTurnaround

XRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsXRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsZeroTurnaround
 
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksTop Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksZeroTurnaround
 
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...ZeroTurnaround
 
Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)ZeroTurnaround
 
Getting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse UserGetting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse UserZeroTurnaround
 
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...ZeroTurnaround
 
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)ZeroTurnaround
 
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013ZeroTurnaround
 
The State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila SzegediThe State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila SzegediZeroTurnaround
 
Language Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey BreslavLanguage Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey BreslavZeroTurnaround
 
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan SciampaconeRuntime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan SciampaconeZeroTurnaround
 
Easy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip OzturkEasy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip OzturkZeroTurnaround
 
Blast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane LandelleBlast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane LandelleZeroTurnaround
 
JVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir IvanovJVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir IvanovZeroTurnaround
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersZeroTurnaround
 
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent BeerLevel Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent BeerZeroTurnaround
 
AST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres AlmirayAST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres AlmirayZeroTurnaround
 
Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke KawaguchiTap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke KawaguchiZeroTurnaround
 
Language Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey BreslavLanguage Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey BreslavZeroTurnaround
 

Mais de ZeroTurnaround (20)

XRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsXRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster Apps
 
Redeploy chart
Redeploy chartRedeploy chart
Redeploy chart
 
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksTop Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
 
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
 
Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)
 
Getting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse UserGetting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse User
 
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
 
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
 
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
 
The State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila SzegediThe State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila Szegedi
 
Language Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey BreslavLanguage Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
 
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan SciampaconeRuntime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
 
Easy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip OzturkEasy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip Ozturk
 
Blast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane LandelleBlast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane Landelle
 
JVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir IvanovJVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir Ivanov
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven Peters
 
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent BeerLevel Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
 
AST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres AlmirayAST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres Almiray
 
Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke KawaguchiTap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi
 
Language Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey BreslavLanguage Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
 

Último

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park masabamasaba
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfonteinmasabamasaba
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Hararemasabamasaba
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentVictorSzoltysek
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfkalichargn70th171
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2
 

Último (20)

Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park %in ivory park+277-882-255-28 abortion pills for sale in ivory park
%in ivory park+277-882-255-28 abortion pills for sale in ivory park
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare%in Harare+277-882-255-28 abortion pills for sale in Harare
%in Harare+277-882-255-28 abortion pills for sale in Harare
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile EnvironmentHarnessing ChatGPT - Elevating Productivity in Today's Agile Environment
Harnessing ChatGPT - Elevating Productivity in Today's Agile Environment
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?WSO2CON 2024 - Does Open Source Still Matter?
WSO2CON 2024 - Does Open Source Still Matter?
 

The Wise Developers' Guide to Static Code Analysis (image preview)

  • 1. 1All rights reserved. 2014 © ZeroTurnaround OÜ FEATURING FINDBUGS, CHECKSTYLE, PMD, COVERITY AND SONARQUBE THE WISE DEVELOPERS’ GUIDE TO STATIC CODE ANALYSIS How many bugs will you find?
  • 2. 2All rights reserved. 2014 © ZeroTurnaround OÜ CHAPTER I: WELCOME TO STATIC CODE ANALYSIS, THAT THING YOU AREN’T DOING "The quality of your code is a weak spot in almost every software project you’ll ever touch. This is because ongoing development ensures that even the bits you were once proud of become, over time, first less elegant, then rough, and finally incomprehensible." OLEG SHELAJEV, Java Developer/Author
  • 3. 2All rights reserved. 2014 © ZeroTurnaround OÜ
  • 4. 3All rights reserved. 2014 © ZeroTurnaround OÜ
  • 5. 4All rights reserved. 2014 © ZeroTurnaround OÜ
  • 6. 5All rights reserved. 2014 © ZeroTurnaround OÜ
  • 7. 6All rights reserved. 2014 © ZeroTurnaround OÜ
  • 8. 7All rights reserved. 2014 © ZeroTurnaround OÜ
  • 9. 8All rights reserved. 2014 © ZeroTurnaround OÜ
  • 10. 9All rights reserved. 2014 © ZeroTurnaround OÜ
  • 11. 10All rights reserved. 2014 © ZeroTurnaround OÜ
  • 12. 11All rights reserved. 2014 © ZeroTurnaround OÜ
  • 13. 12All rights reserved. 2014 © ZeroTurnaround OÜ Report Authors: Oleg Shelajev, Sigmar Muuga, Simon Maple, Oliver White​ Report Designer: Ladislava Bohacova​ Contact Us Estonia Ülikooli 2, 4th floor Tartu, Estonia, 51003 Phone: +372 653 6099 Twitter: @RebelLabs Web: http://zeroturnaround.com/rebellabs Email: labs@zeroturnaround.com USA 399 Boylston Street, Suite 300, Boston, MA, USA, 02116 Phone: 1(857)277-1199 Czech Republic Osadní 35 - Building B Prague, Czech Republic 170 00 Phone: +372 740 4533