Design an Effective Build Stage for Continuous Integration

This page summarizes the projects mentioned and recommended in the original post on dev.to

Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
  • PMD

    An extensible multilanguage static code analyzer.

    sem-version java 11 checkout wget https://github.com/pmd/pmd/releases/download/pmd_releases%2F6.32.0/pmd-bin-6.32.0.zip unzip pmd-bin-6.32.0.zip ./pmd-bin-6.32.0/bin/run.sh pmd -d . -R rulesets/java/quickstart.xml -f text

  • infer

    A static analyzer for Java, C, C++, and Objective-C

    checkout cache restore mvn clean curl -sSL "https://github.com/facebook/infer/releases/download/v1.0.0/infer-linux64-v1.0.0.tar.xz" | tar -xJ ./infer-linux64-v1.0.0/bin/infer run -- mvn package artifact push job --expire-in 1w infer-out ./infer-linux64-v1.0.0/bin/infer analyze --fail-on-issue

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  • Checkstyle

    Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard. By default it supports the Google Java Style Guide and Sun Code Conventions, but is highly configurable. It can be invoked with an ANT task and a command line program.

    sem-version java 11 wget https://github.com/checkstyle/checkstyle/releases/download/checkstyle-8.41/checkstyle-8.41-all.jar java -jar checkstyle-8.41-all.jar -c /sun_checks.xml MyFile.java

  • nvm

    Node Version Manager - POSIX-compliant bash script to manage multiple active node.js versions

    If the project includes a .nvmrc config file, you can replace sem-version with nvm use:

  • berry

    📦🐈 Active development trunk for Yarn ⚒

    The CI machine includes yarn as well:

  • warehouse

    The Python Package Index

    Python’s package format allows you to upload modules to the official PyPI index or distribute it on your website.

  • JSHint

    JSHint is a tool that helps to detect errors and potential problems in your JavaScript code

    As you can imagine, the language changed a lot over time, and not all its parts are good. Using a linter will help us stay away from the bad parts of JavaScript. In my experience, the ESlint and JSHint linters integrate very well into the CI environment. Any of these can be installed with npm install --save-dev.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • Gradle

    Adaptable, fast automation for all

    The leading popular build tools in Java are Apache Maven and Gradle, both are included in Semaphore’s machines. Let’s go with Maven; it handles dependencies and compiles the source with a single command: mvn compile. Use these commands in your CI job to build the application:

  • find-sec-bugs

    The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

    Find Security Bugs uses a security database to detect almost 140 different vulnerability types in Java web applications.

  • ESLint

    Find and fix problems in your JavaScript code.

    As you can imagine, the language changed a lot over time, and not all its parts are good. Using a linter will help us stay away from the bad parts of JavaScript. In my experience, the ESlint and JSHint linters integrate very well into the CI environment. Any of these can be installed with npm install --save-dev.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts