enforcement

Enforcement is the processing of set schedules via dispatching to execution. read more at WikiPedia

  • Checkstyle is a development tool to help programmers write Java code that adheres to a coding standard.
    It automates the process of checking Java code to spare humans of this boring (but important) task. This
    makes it ideal for projects that want to enforce a coding standard. Checkstyle is highly configurable and can
    be made to support almost any coding standard. An example configuration file is supplied supporting the
    Sun Code Conventions. As well, other sample configuration files are supplied for other well known conventions.

    From http://checkstyle.sourceforge.net/

    Some facts about checkstyle:

    Languages

     
    Java 71%
     
    XML 26%
     
    Other  
      XSL Transformation 2%
      CSS 1%
      HTML <1%
      Emacs Lisp <1%
      MetaFont <1%

    Project Cost

    This calculator estimates how much it would cost to hire a team to write this project from scratch.
    Include
    Codebase 68,028 LOC
    Effort (est.) 16 Person Years
    Avg. Salary $/year
    $897,876
  • coding.guidelines

    Code checker scans Java source code in your favorite IDE (I assume Eclipse :-))

    There are basically of 2 types:

    • On the fly code checker, as soon as you type a word or save a new document, it run and give a real time feedback
    • Offline checker or so called static code analyzer that can be run during the build of your java components

    Why using a code guidelines checker?

    These tools are highly recommended across a team of different developers for the following reasons:

    • These tools are highly configurable and can be made to support almost any coding standard.
    • Ideal for projects that want to enforce a coding standard (ideally where not all developer code the same way)
    • Ease your debugging and maintenance costs by making the code more readable: developers do not have to worry about
      deciphering individual coding styles when working on a piece of code they did not write.
    • They can detect possible bugs or dangerous coding behavior - empty try/catch/finally/switch statements
    • Detect dead code - unused local variables, parameters and private methods
    • Sub optimal code - wasteful String/String Buffer usage
    • Overcomplicated expressions - unnecessary if statements, for loops that could be while loops
    • Duplicate code - copied/pasted code means copied/pasted bugs
    • Find class design problems, bug patterns like double checked locking.

    They give an immediate "objective" feedback and help developers recognize where they have been excellent or lazy;

    It gives team leader, an opportunity to study the code, design and team from a different perspective; and by slicing off
    whole classes of faults, You can concentrate more on design shortcomings.

    Features

    All code checker share more or less the same features

    • Violations severity can be defined at rules level (error, warning, ignore, other).
    • Rules can be triggered by threshold/values.
    • Rules are stored in XML files.
    • Java editor highlight offending lines/rules in violation
    • Rules can be extended (require some strong tree parsing and language knowledge)
    • Integration in major IDE (eclipse, IDEA,...)
    • Integration in ANT, Maven,...

    Attention

    The major issues wont be to install these tools...

    Most developers are convinced that their code is the best, and bad habits are difficult to get rid of. The
    biggest pain will be to force all developers to agree on a set of common rules that you want to enforce.
    A good starting point is to use some well known rules or good practices from the industry. Sun is for example
    publishing some code writing rules.

    I will look at the major open source and free code checker on the market in this series of articles:

    • PMD
    • Findbugs
    • Checkstyle
    • Code coverage

    &160;


    pmd_logo_small PMD

    PMD is a static ruleset based Java source code analyzer that identifies potential problems like:

    • Possible bugs - Empty try/catch/finally/switch blocks.
    • Dead code - Unused local variables, parameters and private methods
    • Empty if/while statements
    • Overcomplicated expressions - Unnecessary if statements, for loops that could be while loops
    • Sub optimal code - wasteful String/String Buffer usage
    • Classes with high Cyclomatic Complexity measurements.
    • Duplicate code - Copied/pasted code can mean copied/pasted bugs, and decreases maintainability.

    While PMD doesn't officially stand for anything, it has several unofficial names, the most appropriate probably
    being Programming Mistake Detector. Typically, PMD errors are not true errors, but rather inefficient code,
    i.e. the application could still function properly even if they were not corrected
    . from WikiPedia

    • PMD Can be integrated with Eclipse (see below), Maven (maven-pmd-plugins), Ant (Ant task).
    • PMD is an engine, rulesets parse code and issue a message and level if rules are violated.
    • PMD is notable because you can write your own rules using XPath expressions over an XML version of the parse tree
    • PMD has a duplicate code detector CPD which is quite fast and accurate to locate dangerous CUT and Paste code sections.

    List of rule sets

    Basic JSF rules:

    Basic JSP rules

    Basic Rules

    Braces Rules

    Clone Implementation Rules

    Code Size Rules

    Controversial Rules

    Coupling Rules

    Design Rules

    Finalizer Rules

    Import Statement Rules

    J2EE Rules

    JavaBean Rules

    JUnit Rules

    Jakarta Commons Logging Rules

    Java Logging Rules

    Migration Rules

    Migration15

    MigratingToJava4

    Naming Rules

    Optimization Rules

    Strict Exception Rules

    String and StringBuffer Rules

    Security Code Guidelines

    Type Resolution Rules

    Unused Code Rules

    &160;


    Example of integrations: Ant, Maven and Eclipse

    Ant
    <target name="pmd">
    <taskdef name="pmd" classname="net.sourceforge.pmd.ant.PMDTask"/>
    <pmd shortFilenames="true">
    <ruleset>rulesets/favorites.xml</ruleset>
    <ruleset>basic</ruleset>
    <formatter type="html" toFile="pmd_report.html&8220;  linkPrefix="http://pmd.sourceforge.net/xref/"/>
    <fileset dir="/tmp/productcatalog/">
      <include name=&8220;com/**/*.java"/>
    </fileset>
    </pmd>
    </target>
    Maven
    <plugin>
            <groupId>org.apache.maven.plugins</groupId>
            <artifactId>maven-pmd-plugin</artifactId>
            <configuration>
              <linkXref>true</linkXref>
              <sourceEncoding>utf-8</sourceEncoding>
              <!-- 100 tokens corresponds to approximately 5-10 lines of code. -->
              <minimumTokens>100</minimumTokens>
              <targetJdk>1.5</targetJdk>
                <excludes>
                <exclude>**/generated/*.java</exclude>
                </excludes>
            </configuration>
    </plugin>
    Eclipse

    see below

    &160;


    Installing PMD in Eclipse

    1. Start Eclipse.
    2. Start the installation procedure : select the Help>Software Updates>Find and Install... menu item.
    3. Select "Search for new features to install" option and click Next.
    4. Click New Remote Site...
    5. Give a name (ie PMD Eclipse Site), enter the URL&160; http://pmd.sf.net/eclipse
    6. Select this new site in the Sites to include in search list and click Next.
    7. Select PMD for Eclipse 3 and Apache Xerces in the "Select the features to install" list and click Next.
    8. Accept the terms of the license agreements and click Next.
    9. Verify that the install location is your Eclipse installation directory, otherwise select the correct one, click Finish.
    10. A warning appear telling the feature is not signed. Ignore and click Install to continue.
    11. Accept to restart the workbench to load PMD into the workbench.

    Eclipse is restarted and a PMD welcome page is displayed : the plugin is correctly installed.

    Using PMD in Eclipse

    Trying to start PMD on a full workspace on too many modules/projects is very dangerous as the number of
    violations can be very high (many thousands) and can make eclipse run out of memory

    In order to test PMD. I did choose an open source project, the connector of MySQL 5 in the version 5.1.6.
    I do not want to judge the quality of MySQL connector, this is simply a project code that was available on my desktop.

    First Review all rules, you will find some of them disturbing (remember nobody like to be told that his coding habit
    are bad), You can switch off some rules or import a set of predefined rules in the preferences windows

    PMD.code.checker0

    If you are in a distributed team, or wan to share your settings using either CVS or Subversion (SVN) don't
    forget to export the rule sets to a share project.

    The code duplicator detector will report any code that seems to be identical according to a certain value of
    number of line (25 lines of duplicated code)

    &160;PMD.code.checker1

    The project is set in eclipse, and compiling

    PMD.code.checker3&160;

    Lets run PMD on MySQL connector,
    PMD.code.checker.activate&160;
    The project is after no more compiling....

    PMD.code.checker2 PMD.code.checker4png

    PMD create additional Eclipse views, this help you better judge how many violations there is and their
    level. As You see there is some violations

    PMD.code.checker8


    The duplicate detector ask for the number of lines that it should consider duplicated.

    PMD.code.checker7

    PMD.code.checker5 &160;
    PMD.code.checker6 By Clicking in the view, you can jump to the code

    &160;

    PMD final words...

    • Is customizable via XSL rules, java
    • Will disturb You at the beginning, but will improve your code in no time.
    • Has a broad scope of rule sets, basic JSF rules are now existing.
    • Some reported violations are not bugs, so take everything with a bit of salt, try to reach a
      realistic goal: (1 failure per 100 lines of code per example is my goal)