[Yanel-dev] Increasing our code quality

Guillaume Déflache guillaume.deflache at wyona.com
Fri Sep 25 14:33:01 CEST 2009


Hi!

Michael Wechner schrieb:
> Hi
> 
> Bruno recently pointed out the following link to me
> 
> http://www.scan.coverity.com/devfaq.html

I am not sure this one can work for Java-based projects, did not look 
too hard.

IMHO as a start we could configure for Hudson some of the tools listed 
in 
http://wiki.hudson-ci.org/display/HUDSON/Static+Code+Analysis+Plug-ins 
e.g. FIndBugs which:
- IIRC has a few security-related tests, esp. WRT code injection unlike 
most others
- is probably the Open Source project with the most momentum ATM AFAICS 
(but also see http://pmd.sourceforge.net/similar-projects.html for even 
more references).


> I think it would be great if we could further improve our quality and 
> maybe this
> would help us somehow.

Sure! The Hudson plugins listed there can show trends instead of raw 
numbers, which is what we at the end of the day are interested in.


Cheers,
   Guillaume


More information about the Yanel-development mailing list