Most of us like things done the right way and (more often than not) our way. Nothing can be more infuriating than looking through poorly documented logs or code, and trying to understand poor documentation and what it was meant to get across. During development we often look to setting up good coding practices that […]
I’ve previously written about PMD, a static code analysis tool that examines Java source files and can detect potential problems. Another significant piece of PMD is called CPD, the copy/paste detector. CPD can look through Java, JSP, C, C++, Fortran, or PHP source code files and find sections of code that are repeated. By using CPD […]
PMD is a static code analysis tool that examines Java source files and can detect potential problems such as code style issues, code defects, race conditions and even security holes. It provides an inexpensive way to avoid the tedium of repeatedly reviewing a large code base. PMD can also find other types of problems, such as, dead […]
SecureCI is an open-source continuous integration solution. We’ve assembled a number of open-source tools that we use, installed them in a VMware image and configured them to work together. SecureCI is packaged as a virtual machine that can be run with the VMware Player that way you can be up and running in minutes without […]
Sonar is a tool to analyze and visualize code quality in Java projects. It isn’t a static code analysis tool itself, rather it uses a number of open source tools to analyze the code, then Sonar gathers the metrics. Its strength is in providing a dashboard, trend reports, and drill downs to help visualize the state […]
I was recently having a discussion with some coworkers about test-driven development. There was some discussion about the relative value and cost, and not surprisingly some dramatically different opinions on the subject. It got me thinking about my own habits. I like test-driven development, but I’m not a purist. I almost always write my code with testing […]
When I first start a new Java project, one of the first things I set up is a skeleton Ant build.xml file. I try to set it up so that a new developer on the project should be able to checkout and compile with no configuration. At least that’s the goal. That means setting up some […]
