Sonar Java 4.3 发布了,Sonar (SonarQube)是一个开源平台,用于管理源代码的质量。Sonar 不只是一个质量数据报告工具,更是代码质量管理平台。支持的语言包括:Java、PHP、C#、C、Cobol、PL/SQL、Flex 等。SonarQube Java 是Sonar的一个插件,用来分析 Java 代码。
该版本带来了跨流程的数据流分析,并添加了6项规则:
CLASSES SHOULD NOT HAVE TOO MANY “STATIC” IMPORTS (CODE SMELL, BRAIN-OVERLOAD)
CLASSES SHOULD NOT HAVE TOO MANY FIELDS (CODE SMELL, BRAIN-OVERLOAD)
DOUBLE-CHECKED LOCKING SHOULD NOT BE USED (BUG, CERT, CWE, MULTI-THREADING)
“WRITEOBJECT” SHOULD NOT BE THE ONLY “SYNCHRONIZED” CODE IN A CLASS (CODE SMELL, CONFUSING)
“GETCLASS” SHOULD NOT BE USED FOR SYNCHRONIZATION (BUG, CERT, MULTI-THREADING, SECURITY)
“WAIT” AND “NOTIFY” SHOULD NOT BE CALLED WHEN MULTIPLE LOCKS ARE HELD(BUG, DEADLOCK, MULTI-THREADING)
软件详情:https://www.sonarsource.com/resources/product-news/2016/12/2016-12-14-java-4.3.0-released.html
下载地址:https://jira.sonarsource.com/jira/secure/ReleaseNote.jspa?projectId=10973&version=13369
来自:开源中国社区
