Reporting in maven. help please

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Reporting in maven. help please

Aitor Iturriondobeitia
Hello
i am new using maven and i am reading documentation.
Can you say me which plugins can i use for reporting the code quality?
any example?
thanks
Reply | Threaded
Open this post in threaded view
|

Re: Reporting in maven. help please

John Patrick
Is this the documentation you said you are reading
https://maven.apache.org/plugins/index.html, as it has a reporting
section for maven maintained plugins.

but to highlight some, take a look at;
checkstyle https://maven.apache.org/plugins/maven-checkstyle-plugin/
pmd/cpd https://maven.apache.org/plugins/maven-pmd-plugin/
spotbugs (was findbugs) https://spotbugs.github.io/spotbugs-maven-plugin/

harder setup as requires installing separate tooling, and most overlap
with checkstyle, pmd and sportbugs in the free version.
sonarqube https://docs.sonarqube.org/latest/analysis/scan/sonarscanner-for-maven/

for your dependencies look at owasp and
https://jeremylong.github.io/DependencyCheck/dependency-check-maven/index.html

If you're on github or bitbucket and are an open source project then
they have lots of both apps or integration tooling that can check
dependencies, code coverage. But if it's a closed private repo then it
will cost you something $$$ per month.

John

On Sun, 29 Nov 2020 at 17:47, Aitor Iturriondobeitia
<[hidden email]> wrote:
>
> Hello
> i am new using maven and i am reading documentation.
> Can you say me which plugins can i use for reporting the code quality?
> any example?
> thanks

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Reporting in maven. help please

Bernd Eckenfels
In reply to this post by Aitor Iturriondobeitia
Hello,

There are a number of static code analyses which also happen to have a maven plugin (with sire reporting integration), for example pmd, findbugs/spotbugs, checker framework, checkstyle, (static-Code-analysis) Javancss, taglist, l10n status, jdepend and dependency-Check, and a few external tools with maven integration like sonarqube, lgtm or Snyk, see also here https://maven.apache.org/code-quality-management.html

Most of those plugins are best used when you have a matching CI plugin to record long term trends or if they have their own database (like sonarqube).

Gruss
Bernd
--
http://bernd.eckenfels.net
________________________________
Von: Aitor Iturriondobeitia <[hidden email]>
Gesendet: Sunday, November 29, 2020 6:47:13 PM
An: Maven Users List <[hidden email]>
Betreff: Reporting in maven. help please

Hello
i am new using maven and i am reading documentation.
Can you say me which plugins can i use for reporting the code quality?
any example?
thanks