Solved

Static code analysis tool

Posted on 2007-03-29
10
656 Views
Last Modified: 2013-11-25
Which static code analysis tool (or software metrics tool) is good for Java/J2EE?
0
Comment
Question by:nbkd72e
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 30

Expert Comment

by:mayankeagle
ID: 18818453
There are several mentioned here:

http://www.spinellis.gr/blog/20050211/

I guess this one  is good - http://www.semdesigns.com/Products/Metrics/JavaMetrics.html
0
 

Author Comment

by:nbkd72e
ID: 18818472
Have you used it before? Why do you believe it is a good one, compare to others?
0
 
LVL 23

Expert Comment

by:Ajay-Singh
ID: 18818992
I have used OptimizeIt (http://www.borland.com/downloads/download_optimizeit.html)  - found it really useful.
0
 

Author Comment

by:nbkd72e
ID: 18819027
OptimizeIt is a dynamic analysis tool, which profiles Java runtime to find out performance and memory related issues.

What I am looking for is a static analysis tool, which scans and analyze Java source code to find out design and implementation issues, as well as generate metrics to indicate the complexity and quality of the code.
0
 
LVL 30

Expert Comment

by:mayankeagle
ID: 18819200
>> Why do you believe it is a good one, compare to others?

My colleagues have used it, and gave good feedback
0
Easy Project Management (No User Manual Required)

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:nbkd72e
ID: 18819281
Can you provide more details of the features you like and dislike? Also, have you used other tools?
0
 
LVL 33

Expert Comment

by:roos01
ID: 18827975
You also might take a look at:
http://javatoolbox.com/categories/code-analysers-standards-verifiers
http://www.agilejournal.com/component/option,com_magazine/func,show_article/id,36/


Still it depends what you want to measure. If it is the complexitiy you should take notice on what kind of formula they use. The obvious formulas used for measuring cyclomatic complexity are from McCabe (http://www.mccabe.com/) (http://www.sei.cmu.edu/str/descriptions/cyclomatic_body.html), Halstead (http://www.sei.cmu.edu/str/descriptions/halstead_body.html)  and McClure (http://portal.acm.org/citation.cfm?id=988131.988142&coll=GUIDE&dl=GUIDE&CFID=768228&CFTOKEN=84533385).

regards,
Jeroen
0
 

Author Comment

by:nbkd72e
ID: 18829582
The link "http://javatoolbox.com/categories/code-analysers-standards-verifiers" is nice and helpful. But it contains so many tools. Which one would you recemmend? What I need is a tool to analyze the quality of the implementation, design and even architecture of Java/J2EE applications.

Also, Halstead is a different complexity measurement than cyclomatic ones (e.g. McCabe).
Which type of OO metrics you think is useful and helpful?
0
 
LVL 33

Accepted Solution

by:
roos01 earned 180 total points
ID: 18830051
I don't have that much experience with static analysis tools myself, only for heard and say and courses. And therefor even harder to select a tool you need. It has to fit your requirements. All I asume is that you want to increase the quality of your code and avoid errors in a later stage. With refering towards the CC I wanted to point out that not always tools give insight which kind of calculation they are using.
Still it depends on what you want to measure.

I can imagine that you want some kind of cyclomatic complexity (CC) measured which gives insight on the possibility of errors, the higher the number the complexer the code. If that code also contains a hugh number of lines of code then it also gives some expectation on raising errors. Then you also might consider the number of functions/classes which are called within the cycle. This is more a point of view regarding the chance errors occur.

Some figure you even might want is how many times a certain function/class is called. And what about the inheretence of classes.

Another way errors could occur is based on not using coding standards. I know there are also tools which check the source against your coding standards like naming conventions etc.

Perhaps this give some additional info to create a check  list what you need in your tool and compare the tools based on that checklist.

regards,
Jeroen
0
 
LVL 30

Assisted Solution

by:mayankeagle
mayankeagle earned 70 total points
ID: 18830362
There are many code analyzers which are open source:

http://java-source.net/open-source/code-analyzers
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Introduction This article is the second of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers the basic installation and configuration of the test automation tools used by…
In this post we will learn how to connect and configure Android Device (Smartphone etc.) with Android Studio. After that we will run a simple Hello World Program.
This tutorial covers a step-by-step guide to install VisualVM launcher in eclipse.
This tutorial explains how to use the VisualVM tool for the Java platform application. This video goes into detail on the Threads, Sampler, and Profiler tabs.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now