Error Prone
FindBugs
Our great sponsors
| Error Prone | FindBugs | |
|---|---|---|
| 8 | 0 | |
| 5,956 | 710 | |
| 0.9% | 0.6% | |
| 9.8 | 0.0 | |
| 3 days ago | 4 days ago | |
| Java | Java | |
| Apache License 2.0 | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Error Prone
-
A guide on how to improve your coding skills with static code analysis.
How to build a static analysis plugin. Google has a framework for Java with a good tutorial.
- Error Prone 2.11.0 Released. Requires JDK11+
-
Is there a tool to track CVEs for the software that we use?
While at it you could also point them to static code analyzers such as error_prone, spotbugs and pmd (use all 3 at once - they complement each other in detecting different issues).
-
Get rid of those boolean function parameters (2015)
Linters can check for this sort of thing, for example Error Prone[0] has a lint[1] for this.
Totally agree this is better to be in the language proper so we don't need this extra tooling.
-
Top 5 Java Linters
5. Error Prone
- Break backward compatibility
-
Introducing Astra: A Tool for Refactoring Java Programs at Scale
As Refaster has some limitations on what you can achieve (e.g., you can't perform exception type migrations), then you have to implement your own ErrorProne check operating on the AST (e.g., TryFailRefactoring to get you to assertThrows from pre-JUnit 4.13 idiom of try/fail/catch/verify).
-
Is Lombok in danger of becoming incompatible with future JDK's?
https://github.com/google/error-prone/issues/1157#issuecomment-769289564
FindBugs
We haven't tracked posts mentioning FindBugs yet.
Tracking mentions began in Dec 2020.
What are some alternatives?
Spotbugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
SonarQube - Continuous Inspection
PMD - An extensible multilanguage static code analyzer.
Checkstyle - Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.
infer - A static analyzer for Java, C, C++, and Objective-C
Lombok - Very spicy additions to the Java programming language.
SonarJava - :coffee: SonarSource Static Analyzer for Java Code Quality and Security
NullAway - A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead