Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Static Analysis tool recommendation for Java? [closed]

Being vaguely familiar with the Java world I was googling for a static analysis tool that would also was intelligent enough to fix the issues it finds. I ran at CodePro tool but, again, I'm new to the Java community and don't know the vendors.

What tool can you recommend based on the criteria above?

like image 620
sergeb Avatar asked Sep 18 '08 22:09

sergeb


People also ask

Which tool is best suited for use by developers and provides static analysis on their code?

Klocwork. Klocwork can perform static code analysis on projects of almost any size. The primary benefit of using Klocwork is that it is easily integrable with Visual Studio Code IDE, Eclipse, IntelliJ, and a few others. This makes use of Klocwork easier for developers.


2 Answers

  • Findbugs
  • PMD
  • Checkstyle
  • Lint4J
  • Classycle
  • JDepend
  • SISSy
  • Google Codepro
like image 157
Eduard Wirch Avatar answered Sep 19 '22 18:09

Eduard Wirch


FindBugs, PMD and Checkstyle are all excellent choices especially if you integrate them into your build process.

At my last company we also used Fortify to check for potential security problems. We were fortunate to have an enterprise license so I don't know the cost involved.

like image 21
Brian Matthews Avatar answered Sep 21 '22 18:09

Brian Matthews