Jenkins Integrated java Static Code Analysis Tool



Maven has many related plug-ins, mainly:

  • checkstyle
    Checkstyle is an open source project of SourceForge. Through checking the code coding format, naming convention, Javadoc, class design and other aspects of code specification and style, developers are effectively constrained to better follow the code writing specification.

  • FindBugs
    FindBugs is an open source Java static code analysis tool provided by the University of Maryland. Based on the concept of Bug Patterns, find potential bugs in javabytecode(.class file)

  • pmd
    PMD is an open source Java code static analysis tool released by DARPA on SourceForge. The main analysis of java source files is whether there are potential bugs, duplicate codes, multiple complex expressions, etc.

Other relevant plug-ins

  • Jdepend
    It is mainly used to analyze the dependency and robustness of code. It traverses the Java class file directory and takes Java package as a unit to automatically generate evaluation reports on the dependency, stability, reliability, etc. of the package for each package/class. According to these reports, we can obtain the dependency relationship between packages or classes, and analyze the stability, abstraction, and existence of circular dependency relationship, etc. of the package.

  • simian
    The existing version is based on maven1 warehouse and has copyright issues, which can be replaced by pmd.

  • javancss
    Code measurement tools, check java source files, classes, methods and other finer-grained indicators, providing cycle complexity

  • cobertura
    Provides code test coverage

  • emma
    It is also code test coverage, but the version is older and can be replaced by cobertura.

  • taglist
    Used to detect TODO in code

  • duplicateFinder
    Provide duplicate dependency checks

Jenkins integrated CheckStyle, FindBugs and PMD

Install the following plug-ins

  • FindBugs Plug-in

  • Checkstyle Plug-in

  • PMD Plug-in


Set in Jenkins’ Build

clean package findbugs:findbugs checkstyle:checkstyle pmd:pmd

And selected in the build settings

  • Publish Checkstyle analysis results

  • Publish FindBugs analysis results

  • Publish PMD analysis results


About sonar

Sonar is a code quality management platform. It provides a plug-in extension mechanism that can support PMD, FindBug, checkstyle, etc. CheckStyle, FindBugs, and PMD detection are performed by default for Java projects. At the same time, the detection results are also stored, and then a visual panel is provided to view relevant trends.