程式碼審查工具
Jupiter
下載:
http://csdl.ics.hawaii.edu/Plone/research/jupiter/
把edu.hawaii.ics.csdl.jupiter_3.4.2.jar拷貝到Eclipse的Plugin目錄即可
-----------------------------------------------------------------------
Python
Pylint(http://www.logilab.org/857)
Pydev(http://pydev.org/)有整合Pylint
下載pylint
http://www.logilab.org/project/pylint
Pylint 在 Windows 上的安裝
1. 安裝 Python 的包(高於版本 2.2),右鍵單擊桌面上的我的電腦圖示,選擇屬性,高階,環境變數,在 $PATH 中新增 Python 的安裝路徑,如 C:/Python26/。
2. 使用解壓縮工具解壓縮所有的包。
3. 開啟命令列視窗,使用 cd依次進入 logilab-astng、logilab-common 和 Pylint 解開的資料夾中,執行命令 python setup.py install來安裝。
4. 安裝完成後,在 Python 的安裝路徑下出現一個 Scripts 資料夾,裡面包含一些 bat 指令碼,如 pylint.bat 等。
5. 為了使呼叫 pylint.bat 的時候不需要輸入完整路徑,在 Python 的安裝目錄下建立 pylint.bat 的重定向檔案,這是一個純文字檔案 pylint.bat,裡面包含 pylint.bat 的實際路徑,如:C:/Python26/Scripts/pylint.bat。
6. 安裝完成後,可以通過 pylint [options] module_or_package來呼叫 Pylint 了。
參考:
http://www.ibm.com/developerworks/cn/linux/l-cn-pylint/index.html
安裝PyDev:
After downloading the zip file:
Eclipse 3.4 and 3.5
Extract the contents of the zip file in the eclipse/dropins folder and restart Eclipse.
Before Eclipse 3.4
Extract the contents of the zip file on top of Eclipse, making sure the plugins folder is extracted on top of the eclipse/plugins folder and the features is on top of the eclipse/features folder. After that, restart Eclipse with the '-clean' flag, so that Eclipse finds out about it.
You can verify if it is correctly installed going to the menu 'window > preferences' and checking if there is a Pydev item under that.
在Eclipse中設定Pydev的Interpreter路徑
Eclipse中配置使用pylint
(1)Window -> preferences -> Pydev -> Pylint
選中"Use pylint?"
在輸入lint.py的地址,例如"E:/pylint-0.22.0/lint.py"
(2)Project->Properties->PyDev-PYTHONPATH
增添專案的原始檔目錄到"Project Source Folders"
(3)選中Project->Build Automatically,這樣儲存修改時pylint就會自動check專案中的程式碼,否則就要用Ctrl+B手動build並觸發pylint
PS:command模式使用lint.py
lint.py --files-output=y --reports=y src/ (需要先把lint.py所在目錄新增到PATH)
會生成兩個pylint_開頭的檔案
--------------------------------------------------------------------------
Perl
Perl-Critic(http://search.cpan.org/dist/Perl-Critic/)
下載並安裝Perl:
http://www.activestate.com/activeperl/downloads
安裝Eclipse的Perl外掛EPIC:
http://www.epic-ide.org/
安裝方法參考:
http://www.epic-ide.org/download.php
http://www.epic-ide.org/faq.php#requirements
下載並安裝Perl-Critic所依賴的包進行安裝,安裝方法:
perl Makefile.PL
nmake
nmake test
nmake install
下載並安裝Perl-Critic(http://search.cpan.org/dist/Perl-Critic/):
cd E:/Perl-Critic-1.109
perl Build.pl
Build
build test
build install
參考:
http://cpansearch.perl.org/src/ELLIOTJS/Perl-Critic-1.109/INSTALL
在Eclipse中設定Perl-Critic:
-------------------------------------------------------------------------
Java
CheckStyle
1、安裝CheckStyle
下載:
http://sourceforge.net/projects/checkstyle/files/
2、使用方法
將checkstyle-5.3-all.jar新增到CLASS_PATH
命令列使用:
E:/checkstyle-5.3>java -jar checkstyle-5.3-all.jar -c sun_checks.xml E:/EclipseWorkspace/JavaProject1/src/TestCheckStyle.java
參考:
E:/checkstyle-5.3/site/cmdline.html
配置:
Module
Properties
參考:
E:/checkstyle-5.3/site/config.html
自定義Checkstyle:
E:/checkstyle-5.3/site/writingchecks.html
Eclipse外掛:
下載:
http://eclipse-cs.sourceforge.net/downloads.html
安裝:
The plugin can be installed from the archived update site in the following ways:
1、via Eclipse's P2 Installation Manager similar as described above, pointing to the archive file instead
2、extracted into Eclipse's dropins folder. Anyway this is not particularly recommended, so if you don't know what I am talking about, don't bother.
配置使用參考:
http://eclipse-cs.sourceforge.net/basic_creating_config.html
FindBugs
1、安裝FindBugs
下載
http://findbugs.sourceforge.net/downloads.html
解壓縮即可
FindBugs幫助文件:
E:/findbugs-1.3.6/doc/manual/index.html
2、使用方法
java -jar $FINDBUGS_HOME/lib/findbugs.jar
或者直接執行$FINDBUGS_HOME/bin/findbugs.bat
3、FindBugs的Eclipse外掛使用方法
下載安裝FindBugs的Eclipse外掛:
You can also manually download the plugin from the following link: http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_1.3.6.20081113.zip?download.
Extract it in Eclipse's "plugins" subdirectory. (So <eclipse_install_dir>/plugins/edu.umd.cs.findbugs.plugin.eclipse_1.3.6.20081113/findbugs.png should be the path to the FindBugs logo.)
Once the plugin is extracted, start Eclipse and choose Help → About Eclipse Platform → Plug-in Details. You should find a plugin called "FindBugs Plug-in" provided by "FindBugs Project".
配置Java專案自動執行FindBugs檢查:
You may customize how FindBugs runs by opening the Properties dialog for a Java project, and choosing the "Findbugs" property page. Options you may choose include:
Enable or disable the "Run FindBugs Automatically" checkbox. When enabled, FindBugs will run every time you modify a Java class within the project.
Choose minimum warning priority and enabled bug categories. These options will choose which warnings are shown. For example, if you select the "Medium" warning priority, only Medium and High priority warnings will be shown. Similarly, if you uncheck the "Style" checkbox, no warnings in the Style category will be displayed.
Select detectors. The table allows you to select which detectors you want to enable for your project.
配置Filter:
Priority
1 to match high-priority warnings, 2 to match medium-priority warnings, or 3 to match low-priority warnings.
例如:
<FindBugsFilter>
<Match>
<Priority value="2" />
<Bug code="EI2,EI" />
</Match>
</FindBugsFilter>
參考:
file:///E:/findbugs-1.3.6/doc/manual/filter.html#d0e1744
在程式碼中用Annotations抑制FindBugs的警告資訊:
FindBugs supports several annotations to express the developer's intent so that FindBugs can issue warnings more appropriately. You need to use Java 5 to use annotations, and must place the annotations.jar and jsr305.jar files in the classpath while compiling your program.
例如:
@edu.umd.cs.findbugs.annotations.SuppressWarnings(value="EI",justification="this is not a bug!")
public String[] getName() {
//String[] temp = name;
//return temp;
return name;
}
PMD
1、安裝
下載pmd-bin-x.xx.zip(http://sourceforge.net/projects/pmd/files/)
解壓縮即可
PMD的Eclipse外掛安裝
把pmd.eclipse.plugin_3.2.5安裝到eclipse-sdk-3.4.2
把net.sourceforge.pmd.eclipse.plugin_3.2.5目錄中的net.sourceforge.pmd.eclipse_3.2.5.v200810131150資料夾拷貝到Eclipse的feature目錄中
把net.sourceforge.pmd.eclipse.plugin_3.2.5.v200810131150.jar拷貝到Eclipse的plugin目錄中
PMD幫助文件:
E:/pmd-bin-4.2.4/pmd-4.2.4/docs
2、PMD使用方法
命令列使用方法
Type pmd [filename|jar or zip file containing source code|directory] [report format] [ruleset file], i.e:
C:/tmp/pmd-4.2.4/pmd/bin>pmd c:/data/pmd/pmd/test-data/Unused1.java xml rulesets/unusedcode.xml
<?xml version="1.0"?><pmd>
<file name="c:/data/pmd/pmd/test-data/Unused1.java">
<violation line="5" rule="UnusedLocalVariable">
Avoid unused local variables such as 'fr'
</violation>
</file></pmd>
You can pass a file name, a directory name, or a jar or zip file name containing Java source code to PMD.
Also, the PMD binary distribution includes the ruleset files inside the jar file - even though the "rulesets/unusedcode.xml" parameter above looks like a filesystem reference, it's really being used by a getResourceAsStream() call to load it out of the PMD jar file. And the same applies to the example below.
If you are want to run PMD without the batch file, you can do a:
C:/data/pmd/pmd>java -cp lib/pmd-4.2.4.jar;lib/jaxen-1.1.1.jar;lib/asm-3.1.jar
net.sourceforge.pmd.PMD
c:/j2sdk1.4.1_01/src/java/lang xml
rulesets/imports.xml
PMD規則集:
E:/pmd-bin-4.2.4/pmd-4.2.4/docs/rules
抑制PMD警告的方法
Annotations
NOPMD
用CPD找出冗餘程式碼
a、CPD命令列使用方式:
E:/pmd-bin-4.2.4/pmd-4.2.4/lib>java -cp pmd-4.2.4.jar net.sourceforge.pmd.cpd.CPD --minimum-tokens 5 --files E:/EclipseWorkspace/JavaProject1/src
Found a 8 line (23 tokens) duplication in the following files:
Starting at line 12 of E:/EclipseWorkspace/JavaProject1/src/TestPMD.java
Starting at line 21 of E:/EclipseWorkspace/JavaProject1/src/TestPMD.java
public int add_duplicate()
{
int a=0;
int b=0;
int c=0;
c=a+b;
return c;
}
b、使用cpdgui.bat(pmd-bin-4.2.4/pmd-4.2.4/bin/cpdgui.bat)
3、規則自定義
參考:E:/pmd-bin-4.2.4/pmd-4.2.4/docs/howtowritearule.html
4、PMD最佳實踐
E:/pmd-bin-4.2.4/pmd-4.2.4/docs/bestpractices.html
相關文章
- python程式碼檢查工具(靜態程式碼審查)Python
- 程式猿必備的17款最佳的程式碼審查工具
- Go 程式碼審查建議Go
- 程式碼審查或評審的最佳實踐 - FogBugz
- [譯] 程式碼審查之最佳實踐
- AI應用的程式碼審查CodeReviewAIView
- 程式碼review,程式碼審查,用upsource 也太方便了吧View
- 五個程式碼審查反模式 - Trisha Gee模式
- 使用 Upsource 實現程式碼審查 - jetbrains 系列AI
- 如何做人性化的程式碼審查?
- 輕鬆連線 ChatGPT實現程式碼審查ChatGPT
- 有手就行10——Jenkins+SonarQube程式碼審查Jenkins
- 程式碼審查:從 ArrayList 說執行緒安全執行緒
- JS程式碼檢查工具ESLintJSEsLint
- CSS程式碼檢查工具stylelintCSS
- 聚合型程式碼審計工具QingScan使用實踐
- 程式碼審計難學嗎?有哪些好用的工具?
- android 程式碼質量檢查工具Android
- java 程式碼編譯檢查工具Java編譯
- 我從 1000 份程式碼審查中學到了什麼
- 【轉】程式設計師必備的程式碼審查(Code Review)清單程式設計師View
- buu 程式碼審計
- JFinalcms程式碼審計
- CSCMS程式碼審計
- 滲透測試工具方法基礎程式碼審計篇
- 打造自己的php半自動化程式碼審計工具PHP
- 程式設計師必看:如何充分利用程式碼審查提升你的程式碼質量?程式設計師
- 什麼是程式碼審計?程式碼審計有什麼好處?
- 如何用 Python 手擼一個 GitLab 程式碼安全審計工具?PythonGitlab
- 程式碼審計工具有哪些?網路安全課程學習
- 免費開源的程式碼審計工具 Gosec 入門使用Go
- 程式碼審計————目錄
- Graudit程式碼安全審計
- 說透程式碼評審
- 優秀的原始碼審查工具:Understand for Mac v5.1(1029)啟用版原始碼Mac
- SwiftLint:程式碼規範檢查工具介紹Swift
- python 安全編碼&程式碼審計Python
- 程式碼審計是什麼?程式碼審計操作流程分為幾步?
- 哪些業務場景需要做程式碼審計?程式碼審計很重要嗎?