Sonar analysis of OpenJDK 7 available
kelly.ohair at oracle.com
Thu Nov 24 00:36:58 UTC 2011
Who gets to decide what the definition of "quality" here, or the configuration of what things to look for?
I see 1,285 "violations" for using extra parens, Really? Things like return (true); are "violations"?
It seems like a very nice tool, we just need to be careful what we change and why.
I've trusted findbugs to do no harm when fixing what it reports, but I haven't found any other tool
I would trust.
The tool PMD would tell you a variable was not used, but fail to detect that it's assignment used
a method call that had critical side-effects. This tool seems to suffer from the same problem.
So people need to be very very careful here.
On Nov 22, 2011, at 1:24 AM, Evgeny Mandrikov wrote:
> As per request of Dalibor Topic  I'm announcing that static analysis of
> OpenJDK 7  by Sonar  available at our public instance called Nemo .
> Analysis is scheduled on a periodic basis once in a week.
> Dedicated quality profile was not used, so there might be some
> false-positive violations (like rule "Dont Import Sun"). However we are
> open for collaborations and ready to create a dedicated quality profile and
> I suppose that "Code Conventions"  might be used as a starting point.
>  https://twitter.com/#!/robilad/status/138707382363635712
>  http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/
>  http://www.sonarsource.org/
>  http://nemo.sonarsource.org/dashboard/index/net.java.openjdk:jdk7
>  http://openjdk.java.net/guide/codeConventions.html
> Best regards,
> Evgeny Mandrikov aka Godin <http://godin.net.ru> | SonarSource
More information about the discuss