Static analysis tools help developers locate potential problems in their code. Static analysis is an inspection of code without executing it, looking for problems as varied as misunderstood APIs to use of the wrong boolean operators. This post summarizes the six of the leading tools and discusses the current trends in static analysis tools.
Gregg Sporar gives an overview of FindBugs, Checkstyle, PMD, Intellij IDEA's Inspections, Eclipse Testing and Performance Tools Platform, and Netbeans Project Jackpot. He summarizes his findings in this table:
Name | Free? | Examines | Scriptable? | Automatically Apply Fixes? | Java API? | Other extensions |
---|---|---|---|---|---|---|
FindBugs | Yes | Byte code | Yes | No | Yes | No |
Checkstyle | Yes | Source | Yes | No | Yes | No |
PMD | Yes | Source | Yes | No | Yes | XPath |
IntelliJ IDEA | No | Source | Yes | Yes | Yes | No |
Eclipse TPTP | Yes | Source | No? | Yes | Yes | Templates |
NetBeans Project Jackpot | Yes | Source | Planned | Yes | Yes | Rule language |
He sees three trends coming in the world of static analysis tools. The first is that these tools are increasing being integrated into IDEs. Intellij IDEA has had these tools for awhile, but recently Eclipse and Netbeans have picked them up with Eclipse TPTP and Project Jackpot. The second is that the tools within the IDEs are gaining the ability to automatically fix the discovered problems. The last trend, is that the tools are becoming scriptable, in the sense that you can create your own definitions for bugs.