Sonar analysis of OpenJDK 7 available
Martijn Verburg
martijnverburg at gmail.com
Thu Nov 24 09:41:57 UTC 2011
+1 - this could/should be a ruleset decided upon by the committers, a
typical process in OSS projects.
Sonar can combine Checkstyle, PMD and FindBugs + more, I guess the
committers could start with one rule at a time. At least that's how I
typically introduce these things into an existing code base.
Cheers,
Martijn
On 24 November 2011 08:46, Henri Gomez <henri.gomez at gmail.com> wrote:
> Why not discuss Sonar rules used and determine together, which should
> be enabled or disabled ?
>
> 2011/11/24 Roman Kennke <roman at kennke.org>:
>> Hi Kelly,
>>
>>> Who gets to decide what the definition of "quality" here, or the configuration of what things to look for?
>>> I see 1,285 "violations" for using extra parens, Really? Things like return (true); are "violations"?
>>
>> return (true); is certainly correct code, but it's not good good style.
>> Code quality is not only about correctness, but also (or most
>> importantly) about maintainability. Things that makes difficult to read
>> are violations.
>>
>>> It seems like a very nice tool, we just need to be careful what we change and why.
>>> I've trusted findbugs to do no harm when fixing what it reports, but I haven't found any other tool
>>> I would trust.
>>>
>>> The tool PMD would tell you a variable was not used, but fail to detect that it's assignment used
>>> a method call that had critical side-effects. This tool seems to suffer from the same problem.
>>> So people need to be very very careful here.
>>
>> Critical side effects are bad bad quality IMO.
>>
>> Cheers, Roman
>>
>>> -kto
>>>
>>> On Nov 22, 2011, at 1:24 AM, Evgeny Mandrikov wrote:
>>>
>>> > Hi,
>>> >
>>> > As per request of Dalibor Topic [1] I'm announcing that static analysis of
>>> > OpenJDK 7 [2] by Sonar [3] available at our public instance called Nemo [4].
>>> > Analysis is scheduled on a periodic basis once in a week.
>>> > Dedicated quality profile was not used, so there might be some
>>> > false-positive violations (like rule "Dont Import Sun"). However we are
>>> > open for collaborations and ready to create a dedicated quality profile and
>>> > I suppose that "Code Conventions" [5] might be used as a starting point.
>>> >
>>> > [1] https://twitter.com/#!/robilad/status/138707382363635712
>>> > [2] http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/
>>> > [3] http://www.sonarsource.org/
>>> > [4] http://nemo.sonarsource.org/dashboard/index/net.java.openjdk:jdk7
>>> > [5] http://openjdk.java.net/guide/codeConventions.html
>>> >
>>> > --
>>> > Best regards,
>>> > Evgeny Mandrikov aka Godin <http://godin.net.ru> | SonarSource
>>> > http://twitter.com/_godin_
>>> > http://sonarsource.com
>>>
>>>
>>
>>
>>
>
More information about the discuss
mailing list