PMD - An extensible cross-language static code analyzer

  •        4487

PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. It supports Java, JavaScript, Apex and Visualforce, PLSQL, Apache Velocity, XML, XSL.

Additionally it includes CPD, the copy-paste-detector. CPD finds duplicated code in Java, C, C++, C#, Groovy, PHP, Ruby, Fortran, JavaScript, PLSQL, Apache Velocity, Scala, Objective C, Matlab, Python, Go, Swift and Apex and Visualforce.



Related Projects

Checkstyle - Checks Java coding standard

Checkstyle is a tool to help programmers write Java code that adheres to a coding standard. Checkstyle is highly configurable and can be made to support almost any coding standard. Checkstyle provides checks that find class design problems, duplicate code, or bug patterns like double checked locking. This tool could be integrated as Ant task.

FindBugs - Static Analysis Tool for Java

FindBugs uses static analysis to look for bugs in Java code. it can analyze programs compiled for any version of Java. Eclipse and Maven plugins are available. FindBugs has been downloaded more than 700,000 times.

csslint - Automated linting of Cascading Stylesheets

CSSLint is an open source CSS code quality tool originally written by Nicholas C. Zakas and Nicole Sullivan. It was released in June 2011 at the Velocity conference.A lint tool performs static analysis of source code and flags patterns that might be errors or otherwise cause problems for the developer.

SpotBugs - FindBugs' successor, A tool for static analysis to look for bugs in Java code.

SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community. SpotBugs is a program which uses static analysis to look for bugs in Java code.

CodeNarc - Static Analysis for Groovy

CodeNarc analyzes Groovy code for defects, bad practices, inconsistencies, style issues, coding standards, best practices and more. CodeNarc triggers violations based on rules which are predefined or custom rules. The static analysis report is generated in XML or HTML format. It is well integrated with the Ant Task and plugins exist for Maven, Gradle, Grails, Griffon, Sonar and Hudson.

JSHint - A Static Code Analysis Tool for JavaScript

JSHint is a community-driven tool to detect errors in JavaScript code and enforce your team's coding conventions.

PHPStan - PHP Static Analysis Tool - discover bugs in your code without running it!

PHPStan focuses on finding errors in your code without actually running it. It catches whole classes of bugs even before you write tests for the code.PHPStan moves PHP closer to compiled languages in the sense that the correctness of each line of the code can be checked before you run the actual line.

JLint - static analysis for Java

Jlint will check your Java code and find bugs, inconsistencies and synchronization problems by doing data flow analysis and building the lock graph. Jlint is extremely fast. It is easy to learn and requires no changes to the class files. Jlint has been used in an industrial environment and successfully uncovered faults with little effort.

Codelyzer - Static analysis for Angular projects.

A set of tslint rules for static code analysis of Angular TypeScript projects.You can run the static code analyzer over web apps, NativeScript, Ionic, etc.

Flow - A static type checker for JavaScript

Adds static typing to JavaScript to improve developer productivity and code quality.

goreporter - A Golang tool that does static analysis, unit testing, code review and generate code quality report

Install goreporter (see above).You have to confirm that your project is operational. In particular, the problem with vendor, when the package is not found in the default path, goreporter will look again from the possible vendor path.

SPDisposeCheck Static Code Analysis Ruleset for Visual Studio 2012

SPDisposeCheck Static Code Analysis Ruleset allows SharePoint 2010 developers to ensure SharePoint APIs are properly disposed using Visual Studio 2012.

Sonarqube - Continuous Code Quality

SonarQube is the open source platform for continuous inspection of code quality. SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced. With a Quality Gate in place, you can fix the leak and therefore improve code quality systematically. Code analyzers can detect tricky issues such as null-pointers dereferences, logic errors, resource leaks.

JSLint - The JavaScript Code Quality Tool

JSLint is a JavaScript program that looks for problems in JavaScript programs. It is a code quality tool. JSLint takes a JavaScript source and scans it. If it finds a problem, it returns a message describing the problem and an approximate location within the source. The problem is not necessarily a syntax error, although it often is. JSLint looks at some style conventions as well as structural problems. It does not prove that your program is correct.

Infer - A static analyzer for Java, C and Objective-C

A static analyzer for Java, C and Objective-C. It is a tool to detect bugs in Android and iOS apps.

go-tools - A collection of tools and libraries for working with Go code, including linters and static analysis is a collection of tools and libraries for working with Go code, including linters and static analysis.These tools are supported by patrons on Patreon and sponsors. If you use these tools at your company, consider purchasing commercial support.