Our great sponsors
- Sonar - Write Clean Java Code. Always.
- ONLYOFFICE ONLYOFFICE Docs — document collaboration in your environment
- InfluxDB - Access the most powerful time series database as a service
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.
First, it's better to use SpotBugs 4.4.1 and above, that includes a fix to make SARIF report compatible with Github code scanning API requirements.
Refer to spotbugs/spotbugs-gradle-plugin as a living example with GitHub Code scanning integration.
Write Clean Java Code. Always.. Sonar helps you commit clean code every time. With over 600 unique rules to find Java bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.
Looking for a Static Code Analysis tool for Scala Code
2 projects | reddit.com/r/cybersecurity | 28 Aug 2021
Conducting SAST for Java Applications
2 projects | reddit.com/r/java | 15 Apr 2021
What is something that you don't understand, but at this point are too embarrassed to ask?
5 projects | reddit.com/r/ExperiencedDevs | 3 May 2023
Premier League Project Infrastructure Update
4 projects | reddit.com/r/dataengineering | 14 Apr 2023
PHPUnit, do i need to learn it?
5 projects | reddit.com/r/PHP | 6 Jan 2023