|6 days ago||6 days ago|
|GNU Lesser General Public License v3.0 only||GNU Lesser General Public License v3.0 only|
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
5 easy paths to become a recognized Java expert. Really. For free.
5 projects | dev.to | 25 Aug 2022
How does Apache ShardingSphere standardize and format code? We use Spotless
6 projects | dev.to | 7 Jun 2022
1. Conflicts between Spotless and Checkstyle Checkstyle is a tool for checking Java source code for compliance with code standards or a set of validation rules (best practices).
Seriously who cares about the warnings
2 projects | reddit.com/r/ProgrammerHumor | 18 Apr 2022
Never had anything like that though for four years my life revolved around getting PMD, checkstyle and Sonar rules to pass so my pull request would merge.
Code smell plugin
2 projects | reddit.com/r/javahelp | 15 Feb 2022
PMD, and checkstyle as well.
How can I help my partner write better code?
2 projects | reddit.com/r/learnprogramming | 27 Nov 2021
I’m a little out of date with Java, but I believe Checkstyle is currently popular: https://github.com/checkstyle/checkstyle
Why You Need Static Code Analysis
2 projects | dev.to | 1 Oct 2021
Another example can be applied to code quality itself. Most static analyzers are configurable. If you tried to set Checkstyle Google configuration to the mature project, you would probably get hundreds or even thousands of errors. You can start with just one rule. Ar first glance, it seems not so important. But after the moment when the configuration reaches the repository, you can be sure that no one else can violate this rule in the future.
I have made a list of 55 plus open source software list for doing various tasks
10 projects | reddit.com/r/software | 26 Aug 2021
Checkstyle: a tool that helps programmers write Java code that adheres to a coding standard: https://github.com/checkstyle/checkstyle
5 projects | reddit.com/r/neovim | 24 Aug 2021
So I was there once, sharing my solution. For my current project I use the java formatter jar, but on my previous work I was using checkstyle, you can get it from here: Checkstyle. Then pass your checkstyle xml format config.
I want to set some standards and practices around the development process at my company. Just looking for any tips. Has anyone done this before? Is there any reference material you might suggest?
2 projects | reddit.com/r/ExperiencedDevs | 20 Jun 2021
On the coding standards side, use linters like https://github.com/checkstyle/checkstyle and https://github.com/eslint/eslint so you have an automated way to detect some errors and enforce style standards.
Design an Effective Build Stage for Continuous Integration
12 projects | dev.to | 8 Apr 2021
sem-version java 11 wget https://github.com/checkstyle/checkstyle/releases/download/checkstyle-8.41/checkstyle-8.41-all.jar java -jar checkstyle-8.41-all.jar -c /sun_checks.xml MyFile.java
Primeiros passos no desenvolvimento Java em 2023: um guia particular
13 projects | dev.to | 19 Jan 2023
Ask HN: What is a modern Java environment?
22 projects | news.ycombinator.com | 29 Mar 2022
PMD, Spotbugs, Nullaway: Java linting/static analysis (https://pmd.github.io, https://spotbugs.github.io, https://github.com/uber/NullAway)
What are some useful static analyzers for Java?
9 projects | reddit.com/r/java | 2 Jan 2022
Go CheckLocks Analyzer
4 projects | news.ycombinator.com | 29 Dec 2021
Is there a tool to track CVEs for the software that we use?
8 projects | reddit.com/r/sysadmin | 14 Dec 2021
While at it you could also point them to static code analyzers such as error_prone, spotbugs and pmd (use all 3 at once - they complement each other in detecting different issues).
SpotBugs supports SARIF that supports integration with other SAST tools
2 projects | dev.to | 16 Oct 2021
First, it's better to use SpotBugs 4.4.1 and above, that includes a fix to make SARIF report compatible with Github code scanning API requirements.
Looking for a Static Code Analysis tool for Scala Code
2 projects | reddit.com/r/cybersecurity | 28 Aug 2021
If you don’t have checkmarx/Vera code money, have you looked at https://find-sec-bugs.github.io/? It can be used with a few things such as https://spotbugs.github.io/ and sonarQ
An Incomplete List of Practical Security for Mortals
9 projects | dev.to | 6 Jul 2021
some good tools for general code analysis (Java): Sonarqube, PMD, SpotBugs
Conducting SAST for Java Applications
2 projects | reddit.com/r/java | 15 Apr 2021
Static application security testing (SAST) is essential in tackling the source code vulnerabilities, late diagnosis of problems, and lack of root-cause analysis. This post describes how to carry out SAST in your Java application using SpotBugs.
Web Application Security Checklist (2021)
10 projects | dev.to | 16 Feb 2021
What are some alternatives?
SonarQube - Continuous Inspection
FindBugs - The new home of the FindBugs project
PMD - An extensible multilanguage static code analyzer.
SonarJava - :coffee: SonarSource Static Analyzer for Java Code Quality and Security
Error Prone - Catch common Java mistakes as compile-time errors
spotless - Keep your code spotless
infer - A static analyzer for Java, C, C++, and Objective-C
semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.