Intro Java 8 is there, the promised revolution is finally released, and I am sure that a lot of you are having in mind the same question “Should I use it in my project?”. Well, I had the same question for few months and today that I have an answer I would like to share it with you. A lot ...
Read More »Home »
Creating Sonarqube Projects
Sonarqube (nee Sonar) is da bomb. It’s not something you have to check daily but if you’re serious about quality you’ll check it during sprint planning if not weekly. Check out a sample project at nemo.sonarqube.com, e.g., OpenJPA, to get an idea of what information is available. You might want to focus on a specific component at first, e.g., OpenJPA ...
Read More »Fixing common Java security code violations in Sonar
This article aims to show you how to quickly fix the most common java security code violations. It assumes that you are familiar with the concept of code rules and violations and how Sonar reports on them. However, if you haven’t heard these terms before then you might take a look at Sonar Concepts or the forthcoming book about Sonar ...
Read More »Sonar’s Quality Alphabet
Sonar (by SonarSource.com) is getting more and more popular among developer teams. It’s an open source platform measuring software quality in the following 7 axes Architecture and Design Comments Coding Rules Complexity Code Duplication Potential Bugs Unit Tests If you’re a Sonar newbie then you might find this blog post very useful. On the other hand if you’re an experienced ...
Read More »Easy Unit and Integration Code Coverage
This example shows how to generate coverage for unit and integration tests using Maven and Sonar. It uses very simple techniques and should only take 10-15 minutes to get running in any existing Maven build. It can be used across unit, integration, ATDD or any other kind of test suite. The coverage results are shown in Sonar. Whats Coming? My ...
Read More »5+1 Sonar Plugins you must not miss
This post is a revision of the original post, published last year and it covered Sonar version 2.8. Many months has passed and during this period the Sonar Team released four(4) new versions of the ultimate quality platform. The latest version ( 2.12 ) now includes JaCoCo in its core implementation and the existing plugin is now deprecated. Since I ...
Read More »My Testing and Code Analysis Toolbox
Last week we kicked of a “Testing Skill Group” at LINEAS, a group for exchanging knowledge about testing. One question that came up over and over again in various flavors was: What tools are there for testing and analyzing your code? So here is my personal answer for this, in the approximately order I tend to introduce them into projects: ...
Read More »