Hi Hao, Answers below.
> - What are the potentail bad behaviors we can catch throgh this plugin? To quote the PMD page: "It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and so forth. ". Essentially it imposes a constraint on how "messy" the source code is allowed get. For example, currently the Sentry source is littered with unused imports, etc. > - Is it possible to use PMD to detect possible memory leakage? No, that is not the purpose of the tool. If the project is interested, I could ask INFRA to add Sentry to analysis.apache.org, which runs SonarQube against the source and reports issues. That does detect possible memory leakage (amongst many many other issues, a lot of them trivial). > - Will the PMD plugin introduce some false alarms?And how we can handle that? Not really. Sometimes it will report an error that you would like to keep. So for example, it errors on unused constructor or method parameters. Sometimes you might like to keep the parameter for backwards compatibility reasons. You can add a comment to the line of code to skip the check "// NOPMD" or else add a Java annotation to skip the check for a method, class, etc.: http://pmd.sourceforge.net/pmd-5.1.1/suppressing.html Thanks, Colm. On Tue, Dec 8, 2015 at 7:43 PM, Hao Hao <[email protected]> wrote: > Hi Colm, > > Thanks a lot for proposing a new way for managing the code quality. > Questions: > > > - What are the potentail bad behaviors we can catch throgh this plugin? > - Is it possible to use PMD to detect possible memory leakage? > - Will the PMD plugin introduce some false alarms?And how we can handle > that? > > > Thanks! > > Best, > Hao > > On Tue, Dec 8, 2015 at 11:13 AM, Colm O hEigeartaigh <[email protected]> > wrote: > > > Hi all, > > > > I would like to get some opinions about applying the PMD maven plugin to > > Sentry, aka the Project Mess Detector: > > > > https://maven.apache.org/plugins/maven-pmd-plugin/ > > https://pmd.github.io/ > > > > Essentially, PMD is a source code analyzer that checks for some common > > issues that occur. The maven plugin enforces PMD by throwing a build > error > > if a regression is detected. It can be skipped via a maven profile to > avoid > > having to run it if you are making local changes. > > > > Quite a few of the other Apache projects I'm involved in use PMD as part > of > > the build cycle (CXF, WSS4J, Santuario, Kerby, etc.). > > > > I've done a small bit of work with it already in Sentry, and would like > to > > get some feedback on whether to proceed with submitting a patch or not. > > Most of the issues are fairly trivial such as unused imports, variables, > > empty catch blocks etc. > > > > Thoughts? > > > > Colm. > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
