Sonar analysis of OpenJDK 7 available
Kelly O'Hair
kelly.ohair at oracle.com
Thu Nov 24 00:36:58 UTC 2011
Who gets to decide what the definition of "quality" here, or the configuration of what things to look for?
I see 1,285 "violations" for using extra parens, Really? Things like return (true); are "violations"?
It seems like a very nice tool, we just need to be careful what we change and why.
I've trusted findbugs to do no harm when fixing what it reports, but I haven't found any other tool
I would trust.
The tool PMD would tell you a variable was not used, but fail to detect that it's assignment used
a method call that had critical side-effects. This tool seems to suffer from the same problem.
So people need to be very very careful here.
-kto
On Nov 22, 2011, at 1:24 AM, Evgeny Mandrikov wrote:
> Hi,
>
> As per request of Dalibor Topic [1] I'm announcing that static analysis of
> OpenJDK 7 [2] by Sonar [3] available at our public instance called Nemo [4].
> Analysis is scheduled on a periodic basis once in a week.
> Dedicated quality profile was not used, so there might be some
> false-positive violations (like rule "Dont Import Sun"). However we are
> open for collaborations and ready to create a dedicated quality profile and
> I suppose that "Code Conventions" [5] might be used as a starting point.
>
> [1] https://twitter.com/#!/robilad/status/138707382363635712
> [2] http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/
> [3] http://www.sonarsource.org/
> [4] http://nemo.sonarsource.org/dashboard/index/net.java.openjdk:jdk7
> [5] http://openjdk.java.net/guide/codeConventions.html
>
> --
> Best regards,
> Evgeny Mandrikov aka Godin <http://godin.net.ru> | SonarSource
> http://twitter.com/_godin_
> http://sonarsource.com
More information about the discuss
mailing list