+1 to only keep Find Bugs -- I feel the same way. Cheers, Chris
On Oct 26, 2012, at 2:50 AM, Martin Desruisseaux wrote: > Hello all > > The current project configuration generates 4 forms of code analysis: > > * FindBugs - on code analysis. > * PMD report - an other code analysis. > * CPD report - on code duplication. > * Checkstyle - on coding conventions. > > FindBugs and PMD overlaps since they have the same goals. However they use > different approaches: > > * FindBugs analyses the compiled *.class files. > * PMD analyses the source *.java files. > > In my experience, I have found the FindBugs reports to be more valuable. I > found that PMD produces a larger amount of false positives, for example > confusing inner classes called "Double" (as in java.awt.geom.Point2D.Double) > with java.lang.Double. I found that the PMD reports are more the kind of > issues that we can see visually by looking at the code, while I found > FindBugs reports to be "deeper" and less obvious (for example inconsistent > synchronization). PMD also reports some issues that are more about coding > conventions, thus overlapping with Checkstyle in addition to FindBugs. > > CPD is a PMD extension for finding code duplications. Like PMD, it works more > on the basis of what the code "looks like" than what the code really is once > compiled. Indeed, the totality of the issues reported by CPD in the > sis-utility module [1] are false positives; I didn't found any real code > duplication (the code are extending different classes, and consequently > invoking different methods with different parameters). > > Checkstyle is only about coding convention. However the current configuration > produces a large amount of errors, most of them because of lines longer than > 80 characters. But there is other style violations too. However my issue is > that Checkstyle seems a bit too "religious" to me... While I agree that > complying to the style rules is good 90% of the time, I believe that some > exceptions have justification. In particular, I tend to consider the symmetry > of nature (as emerging from some mathematical expressions) as more important. > Applications working mostly on text or metadata may not experience that > often, but symmetry are a bit more common in geometry or referencing modules. > Writing the code in a way that expose such symmetry, when it can be done in a > reasonable way, has truly helped me many time to spot some bugs in my code. A > simple example of what I means is at > https://builds.apache.org/job/sis-jdk7/site/code-format.html but some cases > are more sophisticated. > > My usual approach is "comply to the style rule, except for exposing > symmetry", which is quite hard to teach to Checkstyle. Furthermore the > Checkstyle configuration in a Maven multi-modules project seem uneasy [2]. > Consequently, > > * Given that Checkstyle, CPD and PMD seem to have a very "noise/signal" > ration to me; > * Given that PMD overlaps with both FindBugs and Checkstyle; > > If it was just me, I would be tempted to keep only FindBugs and remove the > other analysis tools for making site generation lighter... > > What other peoples think? > > Martin > > [1] https://builds.apache.org/job/sis-jdk7/site/sis-utility/cpd.html > [2] > http://maven.apache.org/plugins/maven-checkstyle-plugin/examples/multi-module-config.html >
