SonarQube
Continuous Inspection (by SonarSource)
Checkstyle
Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program. (by checkstyle)
Our great sponsors
SonarQube | Checkstyle | |
---|---|---|
65 | 15 | |
8,543 | 8,121 | |
1.4% | 0.7% | |
9.9 | 9.9 | |
about 19 hours ago | about 18 hours ago | |
Java | Java | |
GNU Lesser General Public License v3.0 only | GNU Lesser General Public License v3.0 only |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
SonarQube
Posts with mentions or reviews of SonarQube.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2024-02-24.
-
Experience Continuous Integration with Jenkins | Ansible | Artifactory | SonarQube | PHP
SonarQube (Scroll down to the Sonarqube section to see instructions on how to set up and configure SonarQube manually)
- Enterprise level open source react apps?
-
Usefully links for DotNet Backend Developers
SonarQube https://www.sonarqube.org/
-
How do you integrate a static security analysis tool into the CI/CD pipeline
There are commercial tools that can be integrated into a CI pipeline and/or a developer's IDE. I've used SonarQube before, but there are others.
- No laburar en el laburo
-
How I go with react native in late 2022
having a code review and analysis tool in CI/CD pipeline can help developers to keep their code clean. some examples of these tools are sonarqube and embold.
-
Technical Debt: Lessons from 10 Years of Change
But back in 2012, tech debt-related tools were in their infancy. JetBrains released IntelliJ IDEA in 2000, and SonarQube was initially released in 2006. Stepsize started in 2015, and Visual studio intellicode wasn't made by Microsoft until 2018.
-
Top 10 Open-Source DevOps Tools That You Should Know
Sonarqube Source Code Repository
- Ask HN: How can I DDOoS attack my personal website (for curiosity)?
-
Spring Boot – Black Box Testing
The generated classes should be put into .gitignore. Otherwise, if you have Checkstyle, PMD, or SonarQube in your project, then generated classes can violate some rules. Besides, if you don't put them into .gitignore, then each pull request might become huge due to the fact that even a slightest fix can lead to lots of changes in the generated classes.
Checkstyle
Posts with mentions or reviews of Checkstyle.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-08-25.
- 5 easy paths to become a recognized Java expert. Really. For free.
-
Java Checkstyle reports formatting as a warning, not an error despite my explicit severity
I'm trying to use Google's checkstyle. I want certain things to be an error, such as using Tabs for indentation. When I run mvn checkstyle:check with a file with a tab in the first column, it always gives a [WARN] rather than the error that I've asked for. Pom snippet: org.apache.maven.plugins maven-surefire-plugin ${maven-surefire-plugin.version} ${maven-surefire-plugin.skipUnitTests} org.apache.maven.plugins maven-checkstyle-plugin 3.1.2 checkstyle validate check google_checks.xml UTF-8 true true warning true I'm using google_checks.xml as from https://github.com/checkstyle/checkstyle/blob/master/src/main/resources/google_checks.xml. I have changed the severity for the FileTabCharacter to "error"
-
How does Apache ShardingSphere standardize and format code? We use Spotless
1. Conflicts between Spotless and Checkstyle Checkstyle is a tool for checking Java source code for compliance with code standards or a set of validation rules (best practices).
- Checkstyle - development tool to help programmers write Java code that adheres to a coding standard.
-
Seriously who cares about the warnings
Never had anything like that though for four years my life revolved around getting PMD, checkstyle and Sonar rules to pass so my pull request would merge.
-
Code smell plugin
PMD, and checkstyle as well.
-
How can I help my partner write better code?
I’m a little out of date with Java, but I believe Checkstyle is currently popular: https://github.com/checkstyle/checkstyle
-
Why You Need Static Code Analysis
Another example can be applied to code quality itself. Most static analyzers are configurable. If you tried to set Checkstyle Google configuration to the mature project, you would probably get hundreds or even thousands of errors. You can start with just one rule. Ar first glance, it seems not so important. But after the moment when the configuration reaches the repository, you can be sure that no one else can violate this rule in the future.
-
I have made a list of 55 plus open source software list for doing various tasks
Checkstyle: a tool that helps programmers write Java code that adheres to a coding standard: https://github.com/checkstyle/checkstyle
-
Java formatter
So I was there once, sharing my solution. For my current project I use the java formatter jar, but on my previous work I was using checkstyle, you can get it from here: Checkstyle. Then pass your checkstyle xml format config.
What are some alternatives?
When comparing SonarQube and Checkstyle you can also consider the following projects:
Spotbugs - SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
spotless - Keep your code spotless
Error Prone - Catch common Java mistakes as compile-time errors
PMD - An extensible multilanguage static code analyzer.
semgrep - Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
snyk - Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
infer - A static analyzer for Java, C, C++, and Objective-C
SonarJava - :coffee: SonarSource Static Analyzer for Java Code Quality and Security