Sonar analysis of OpenJDK 7 available

Kelly O'Hair kelly.ohair at
Thu Nov 24 00:36:58 UTC 2011

Who gets to decide what the definition of "quality" here, or the configuration of what things to look for?
I see 1,285 "violations" for using extra parens, Really?  Things like  return (true);    are "violations"?

It seems like a very nice tool, we just need to be careful what we change and why.
I've trusted findbugs to do no harm when fixing what it reports, but I haven't found any other tool
I would trust.

The tool PMD would tell you a variable was not used, but fail to detect that it's assignment used
a method call that had critical side-effects. This tool seems to suffer from the same problem.
So people need to be very very careful here.


On Nov 22, 2011, at 1:24 AM, Evgeny Mandrikov wrote:

> Hi,
> As per request of Dalibor Topic [1] I'm announcing that static analysis of
> OpenJDK 7 [2] by Sonar [3] available at our public instance called Nemo [4].
> Analysis is scheduled on a periodic basis once in a week.
> Dedicated quality profile was not used, so there might be some
> false-positive violations (like rule "Dont Import Sun"). However we are
> open for collaborations and ready to create a dedicated quality profile and
> I suppose that "Code Conventions" [5] might be used as a starting point.
> [1]!/robilad/status/138707382363635712
> [2]
> [3]
> [4]
> [5]
> -- 
> Best regards,
> Evgeny Mandrikov aka Godin <> | SonarSource

More information about the discuss mailing list