SlideShare une entreprise Scribd logo

The Wise Developers' Guide to Static Code Analysis (image preview)

ZeroTurnaround
ZeroTurnaround

Did you know that most developers don't monitor or fix code quality issues in their applications? In this RebelLabs report, we discuss code quality, namely Static Code Analysis tools like Findbugs, Checkstyle, PMD, Coverity and SonarQube, and how these tools make a difference in both the quality of your code and your ability to deliver apps predictably and on time. Additionally, we show you how to set up each tool, enable the small customizations that matter and offer some advice for how to avoid common pitfalls. Go here for the full report: http://rebellabs.org

LogicielsVoyagesTechnologie
1  sur  13
Télécharger pour lire hors ligne
1All rights reserved. 2014 © ZeroTurnaround OÜ FEATURING FINDBUGS, CHECKSTYLE, PMD, COVERITY AND SONARQUBE THE WISE DEVELOPERS’ GUIDE TO STATIC CODE ANALYSIS How many bugs will you find?
2All rights reserved. 2014 © ZeroTurnaround OÜ CHAPTER I: WELCOME TO STATIC CODE ANALYSIS, THAT THING YOU AREN’T DOING "The quality of your code is a weak spot in almost every software project you’ll ever touch. This is because ongoing development ensures that even the bits you were once proud of become, over time, first less elegant, then rough, and finally incomprehensible." OLEG SHELAJEV, Java Developer/Author
2All rights reserved. 2014 © ZeroTurnaround OÜ
3All rights reserved. 2014 © ZeroTurnaround OÜ
4All rights reserved. 2014 © ZeroTurnaround OÜ
5All rights reserved. 2014 © ZeroTurnaround OÜ
6All rights reserved. 2014 © ZeroTurnaround OÜ
7All rights reserved. 2014 © ZeroTurnaround OÜ
8All rights reserved. 2014 © ZeroTurnaround OÜ
9All rights reserved. 2014 © ZeroTurnaround OÜ
10All rights reserved. 2014 © ZeroTurnaround OÜ
11All rights reserved. 2014 © ZeroTurnaround OÜ
12All rights reserved. 2014 © ZeroTurnaround OÜ Report Authors: Oleg Shelajev, Sigmar Muuga, Simon Maple, Oliver White​ Report Designer: Ladislava Bohacova​ Contact Us Estonia Ülikooli 2, 4th floor Tartu, Estonia, 51003 Phone: +372 653 6099 Twitter: @RebelLabs Web: http://zeroturnaround.com/rebellabs Email: labs@zeroturnaround.com USA 399 Boylston Street, Suite 300, Boston, MA, USA, 02116 Phone: 1(857)277-1199 Czech Republic Osadní 35 - Building B Prague, Czech Republic 170 00 Phone: +372 740 4533

Recommandé

Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsOrest Ivasiv
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisAnnyce Davis
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisGeneva, Switzerland
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisRune Sundling
 
Best Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCBest Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCParasoft_Mitchell
 
Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsAnju ML
 
Static code analysis with sonar qube
Static code analysis with sonar qubeStatic code analysis with sonar qube
Static code analysis with sonar qubeHayi Nukman
 
Static Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerStatic Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerIlya Sergey
 

Recommandé

Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsOrest Ivasiv
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisAnnyce Davis
 
Static Code Analysis
Static Code AnalysisStatic Code Analysis
Static Code AnalysisGeneva, Switzerland
 
Static code analysis
Static code analysisStatic code analysis
Static code analysisRune Sundling
 
Best Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCBest Practices of Static Code Analysis in the SDLC
Best Practices of Static Code Analysis in the SDLCParasoft_Mitchell
 
Java Code Quality Tools
Java Code Quality ToolsJava Code Quality Tools
Java Code Quality ToolsAnju ML
 
Static code analysis with sonar qube
Static code analysis with sonar qubeStatic code analysis with sonar qube
Static code analysis with sonar qubeHayi Nukman
 
Static Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerStatic Analysis and Code Optimizations in Glasgow Haskell Compiler
Static Analysis and Code Optimizations in Glasgow Haskell CompilerIlya Sergey
 
Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Ian Skerrett
 
[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.Esteban Pintos
 
Beyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherBeyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherJohan Janssen
 
Introduction to FindBugs
Introduction to FindBugsIntroduction to FindBugs
Introduction to FindBugsoption0417
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applicationsnadeembtech
 
Euro python 2015 writing quality code
Euro python 2015 writing quality codeEuro python 2015 writing quality code
Euro python 2015 writing quality coderadek_j
 
WordCamp US: Clean Code
WordCamp US: Clean CodeWordCamp US: Clean Code
WordCamp US: Clean Codemtoppa
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? Geeks Anonymes
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerManu Pk
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube OverviewAhmed M. Gomaa
 
Sonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisSonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisPrashant Gupta
 
Managing code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaManaging code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaITSpark Community
 
Poster Analysis Source Code
Poster Analysis Source CodePoster Analysis Source Code
Poster Analysis Source Codekirstysals
 
Static Code Analysis and Cppcheck
Static Code Analysis and CppcheckStatic Code Analysis and Cppcheck
Static Code Analysis and CppcheckZachary Blair
 
Sonarqube
SonarqubeSonarqube
SonarqubePeerapat Asoktummarungsri
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SASTBlueinfy Solutions
 
Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Martin de Keijzer
 
XRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsXRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsZeroTurnaround
 
Redeploy chart
Redeploy chartRedeploy chart
Redeploy chartZeroTurnaround
 
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksTop Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksZeroTurnaround
 
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...ZeroTurnaround
 
Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)ZeroTurnaround
 

Contenu connexe

En vedette

Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Ian Skerrett
 
[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.Esteban Pintos
 
Beyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherBeyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherJohan Janssen
 
Introduction to FindBugs
Introduction to FindBugsIntroduction to FindBugs
Introduction to FindBugsoption0417
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applicationsnadeembtech
 
Euro python 2015 writing quality code
Euro python 2015 writing quality codeEuro python 2015 writing quality code
Euro python 2015 writing quality coderadek_j
 
WordCamp US: Clean Code
WordCamp US: Clean CodeWordCamp US: Clean Code
WordCamp US: Clean Codemtoppa
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? Geeks Anonymes
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerManu Pk
 
Sonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisSonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisPrashant Gupta
 
Managing code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaManaging code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaITSpark Community
 
Poster Analysis Source Code
Poster Analysis Source CodePoster Analysis Source Code
Poster Analysis Source Codekirstysals
 
Static Code Analysis and Cppcheck
Static Code Analysis and CppcheckStatic Code Analysis and Cppcheck
Static Code Analysis and CppcheckZachary Blair
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SASTBlueinfy Solutions
 
Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Martin de Keijzer
 

En vedette (17)

Eclipse community survey 2014 v2
Eclipse community survey 2014 v2Eclipse community survey 2014 v2
Eclipse community survey 2014 v2
 
[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.[Meetup] Code Quality tools used at Wolox for Web developing.
[Meetup] Code Quality tools used at Wolox for Web developing.
 
Beyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even furtherBeyond the basics of SonarQube: improve your Java(Script) code even further
Beyond the basics of SonarQube: improve your Java(Script) code even further
 
Introduction to FindBugs
Introduction to FindBugsIntroduction to FindBugs
Introduction to FindBugs
 
Quality metrics and angular js applications
Quality metrics and angular js applicationsQuality metrics and angular js applications
Quality metrics and angular js applications
 
Euro python 2015 writing quality code
Euro python 2015 writing quality codeEuro python 2015 writing quality code
Euro python 2015 writing quality code
 
WordCamp US: Clean Code
WordCamp US: Clean CodeWordCamp US: Clean Code
WordCamp US: Clean Code
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ?
 
The story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps EngineerThe story of SonarQube told to a DevOps Engineer
The story of SonarQube told to a DevOps Engineer
 
SonarQube Overview
SonarQube OverviewSonarQube Overview
SonarQube Overview
 
Sonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysisSonar Tool - JAVA code analysis
Sonar Tool - JAVA code analysis
 
Managing code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu VunvuleaManaging code quality with SonarQube - Radu Vunvulea
Managing code quality with SonarQube - Radu Vunvulea
 
Poster Analysis Source Code
Poster Analysis Source CodePoster Analysis Source Code
Poster Analysis Source Code
 
Static Code Analysis and Cppcheck
Static Code Analysis and CppcheckStatic Code Analysis and Cppcheck
Static Code Analysis and Cppcheck
 
Sonarqube
SonarqubeSonarqube
Sonarqube
 
Source Code Analysis with SAST
Source Code Analysis with SASTSource Code Analysis with SAST
Source Code Analysis with SAST
 
Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)Improving code quality with continuous integration (PHPBenelux Conference 2011)
Improving code quality with continuous integration (PHPBenelux Conference 2011)
 

Plus de ZeroTurnaround

XRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsXRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsZeroTurnaround
 
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksTop Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksZeroTurnaround
 
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...ZeroTurnaround
 
Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)ZeroTurnaround
 
Getting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse UserGetting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse UserZeroTurnaround
 
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...ZeroTurnaround
 
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)ZeroTurnaround
 
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013ZeroTurnaround
 
The State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila SzegediThe State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila SzegediZeroTurnaround
 
Language Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey BreslavLanguage Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey BreslavZeroTurnaround
 
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan SciampaconeRuntime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan SciampaconeZeroTurnaround
 
Easy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip OzturkEasy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip OzturkZeroTurnaround
 
Blast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane LandelleBlast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane LandelleZeroTurnaround
 
JVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir IvanovJVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir IvanovZeroTurnaround
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersZeroTurnaround
 
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent BeerLevel Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent BeerZeroTurnaround
 
AST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres AlmirayAST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres AlmirayZeroTurnaround
 
Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke KawaguchiTap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke KawaguchiZeroTurnaround
 
Language Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey BreslavLanguage Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey BreslavZeroTurnaround
 

Plus de ZeroTurnaround (20)

XRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster AppsXRebel - Real Time Insight, Faster Apps
XRebel - Real Time Insight, Faster Apps
 
Redeploy chart
Redeploy chartRedeploy chart
Redeploy chart
 
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocksTop Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
Top Reasons Why Java Rocks (report preview) - http:0t.ee/java-rocks
 
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
Top Java IDE keyboard shortcuts for Eclipse, IntelliJIDEA, NetBeans (report p...
 
Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)Java Tools and Technologies Landscape for 2014 (image gallery)
Java Tools and Technologies Landscape for 2014 (image gallery)
 
Getting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse UserGetting Started with IntelliJ IDEA as an Eclipse User
Getting Started with IntelliJ IDEA as an Eclipse User
 
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
[Image Results] Java Build Tools: Part 2 - A Decision Maker's Guide Compariso...
 
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
DevOps vs Traditional IT Ops (DevOps Days ignite talk by Oliver White)
 
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
Lazy Coder's Visual Guide to RebelLabs' Developer Productivity Report 2013
 
The State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila SzegediThe State of Managed Runtimes 2013, by Attila Szegedi
The State of Managed Runtimes 2013, by Attila Szegedi
 
Language Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey BreslavLanguage Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
Language Design Tradeoffs - Kotlin and Beyond, by Andrey Breslav
 
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan SciampaconeRuntime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
Runtime Innovation - Nextgen Ninja Hacking of the JVM, by Ryan Sciampacone
 
Easy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip OzturkEasy Scaling with Open Source Data Structures, by Talip Ozturk
Easy Scaling with Open Source Data Structures, by Talip Ozturk
 
Blast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane LandelleBlast your app with Gatling! by Stephane Landelle
Blast your app with Gatling! by Stephane Landelle
 
JVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir IvanovJVM JIT compilation overview by Vladimir Ivanov
JVM JIT compilation overview by Vladimir Ivanov
 
How To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven PetersHow To Do Kick-Ass Software Development, by Sven Peters
How To Do Kick-Ass Software Development, by Sven Peters
 
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent BeerLevel Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
Level Up Your Git and GitHub Experience by Jordan McCullough and Brent Beer
 
AST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres AlmirayAST Transformations: Groovy’s best kept secret by Andres Almiray
AST Transformations: Groovy’s best kept secret by Andres Almiray
 
Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke KawaguchiTap into the power of slaves with Jenkins by Kohsuke Kawaguchi
Tap into the power of slaves with Jenkins by Kohsuke Kawaguchi
 
Language Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey BreslavLanguage Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
Language Design Tradeoffs (Kotlin and Beyond) by Andrey Breslav
 

Dernier

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 

Dernier (20)

Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 

The Wise Developers' Guide to Static Code Analysis (image preview)

  • 1. 1All rights reserved. 2014 © ZeroTurnaround OÜ FEATURING FINDBUGS, CHECKSTYLE, PMD, COVERITY AND SONARQUBE THE WISE DEVELOPERS’ GUIDE TO STATIC CODE ANALYSIS How many bugs will you find?
  • 2. 2All rights reserved. 2014 © ZeroTurnaround OÜ CHAPTER I: WELCOME TO STATIC CODE ANALYSIS, THAT THING YOU AREN’T DOING "The quality of your code is a weak spot in almost every software project you’ll ever touch. This is because ongoing development ensures that even the bits you were once proud of become, over time, first less elegant, then rough, and finally incomprehensible." OLEG SHELAJEV, Java Developer/Author
  • 3. 2All rights reserved. 2014 © ZeroTurnaround OÜ
  • 4. 3All rights reserved. 2014 © ZeroTurnaround OÜ
  • 5. 4All rights reserved. 2014 © ZeroTurnaround OÜ
  • 6. 5All rights reserved. 2014 © ZeroTurnaround OÜ
  • 7. 6All rights reserved. 2014 © ZeroTurnaround OÜ
  • 8. 7All rights reserved. 2014 © ZeroTurnaround OÜ
  • 9. 8All rights reserved. 2014 © ZeroTurnaround OÜ
  • 10. 9All rights reserved. 2014 © ZeroTurnaround OÜ
  • 11. 10All rights reserved. 2014 © ZeroTurnaround OÜ
  • 12. 11All rights reserved. 2014 © ZeroTurnaround OÜ
  • 13. 12All rights reserved. 2014 © ZeroTurnaround OÜ Report Authors: Oleg Shelajev, Sigmar Muuga, Simon Maple, Oliver White​ Report Designer: Ladislava Bohacova​ Contact Us Estonia Ülikooli 2, 4th floor Tartu, Estonia, 51003 Phone: +372 653 6099 Twitter: @RebelLabs Web: http://zeroturnaround.com/rebellabs Email: labs@zeroturnaround.com USA 399 Boylston Street, Suite 300, Boston, MA, USA, 02116 Phone: 1(857)277-1199 Czech Republic Osadní 35 - Building B Prague, Czech Republic 170 00 Phone: +372 740 4533