In this post, we will look at PMD, which again works at the source level to find out possible bugs in your java code.
The list of entire checks which PMD finds can be found here
There is also a discussion of differences between Findbugs and PMD
Running the PMD
Instead of focusing on running with build process, I will focus on running it manually. Though it still can be integrated with build process and that remains the recommended approach.
On MAC, it can be simply installed with command
brew install pmd
On other OS, installation instructions are given here
As shown in the documentation, PMD comes with rich set of rules. As opposed to Checkstyle, PMD is lot fuzzier in its analysis i.e. it can flag rules, which sometimes might not be really a violation. For this reason, PMD allows you to assign priorities (a number between 1 to 5) to the rules and then based on your preferences, you can choose to fix, let’s say highest priority issues only (1 being the highest).
Once PMD is installed, it can be executed simply as below in the root directory of your project.
pmd pmd -d ./ -language java -R rulesets/java/quickstart.xml
rulesets/java/quickstart.xml specifies the list of rules to be executed which is an inbuilt ruleset to get started with.
We can also filter the output by priority, such as
pmd pmd -d ./ -language java -R rulesets/java/quickstart.xml - min 2
I prefer to create my own rules file for my projects. A custom rule file can be specified as
pmd pmd -d ./ -language java -R ./pmd-rules.xml
Finally, here is the list of rules, which I use for my projects. This has served us really well.