com.eurodyn.qp:ed-qp-pmd

A set of quality profiles for PMD and Checkstyle.

License

License

Categories

Categories

PMD Application Testing & Monitoring Code Analysis
GroupId

GroupId

com.eurodyn.qp
ArtifactId

ArtifactId

ed-qp-pmd
Last Version

Last Version

1.1.0
Release Date

Release Date

Type

Type

jar
Description

Description

A set of quality profiles for PMD and Checkstyle.

Download ed-qp-pmd

How to add to project

<!-- https://jarcasting.com/artifacts/com.eurodyn.qp/ed-qp-pmd/ -->
<dependency>
    <groupId>com.eurodyn.qp</groupId>
    <artifactId>ed-qp-pmd</artifactId>
    <version>1.1.0</version>
</dependency>
// https://jarcasting.com/artifacts/com.eurodyn.qp/ed-qp-pmd/
implementation 'com.eurodyn.qp:ed-qp-pmd:1.1.0'
// https://jarcasting.com/artifacts/com.eurodyn.qp/ed-qp-pmd/
implementation ("com.eurodyn.qp:ed-qp-pmd:1.1.0")
'com.eurodyn.qp:ed-qp-pmd:jar:1.1.0'
<dependency org="com.eurodyn.qp" name="ed-qp-pmd" rev="1.1.0">
  <artifact name="ed-qp-pmd" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.eurodyn.qp', module='ed-qp-pmd', version='1.1.0')
)
libraryDependencies += "com.eurodyn.qp" % "ed-qp-pmd" % "1.1.0"
[com.eurodyn.qp/ed-qp-pmd "1.1.0"]

Dependencies

There are no dependencies for this project. It is a standalone project that does not depend on any other jars.

Project Modules

There are no modules declared in this project.

This is a mini-project in which we try to package sensible defaults for source code quality control profiles. The aim of this project is not to define a global styleguide (although somehow indirectly it does), but to provide you Maven-ready setups for some of the major quality/style-checking tools.

Using the artifacts of this project you can quickly integrate checks in the Maven build of your project without having to invest too much time setting them up.

The tools we currently support are:

Opinion - everyone has one: You might have noticed on the above paragraphs we mentioned "sensible defaults". We understand perfectly that what one finds sensible may be totally insensible to someone else and, quite literally, there is no one-size-fits-all approach here. If you find a rule too restrictive (and can justify it), or if you find an ignored rule that needs to be enforced (and can justify it), please use the Issues Tracking of the project to let us know.

The artifacts of this project are published in Maven Central, so you can use it in your project as any other dependency.

PMD

For PMD we provide a ed-qp-pmd-ruleset.xml ruleset that can be used in your project's build configuration. The ruleset comes with all Java rules enabled except the ones documented in the ruleset file itself.

Project integration

...
<plugins>
    ...
    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-pmd-plugin</artifactId>
        <version>${maven-pmd-plugin.version}</version>
        <configuration>
            <rulesets>
                <ruleset>ed-qp-pmd-ruleset.xml</ruleset>
            </rulesets>
            <printFailingErrors>true</printFailingErrors>
            <linkXRef>false</linkXRef>
            <sourceEncoding>UTF-8</sourceEncoding>
        </configuration>
        <executions>
            <execution>
                <id>pmd</id>
                <phase>verify</phase>
                <goals>
                    <goal>check</goal>
                </goals>
            </execution>
        </executions>
        <dependencies>
            <dependency>
                <groupId>com.eurodyn.qp</groupId>
                <artifactId>ed-qp-pmd</artifactId>
                <version>${ed-qp.version}</version>
            </dependency>
        </dependencies>
    </plugin>
    ...
</plugins>

Gotcha: The above configuration will fail your build in case PMD errors exist, which is a good thing on a new project. However, if you want to introduce PMD checks on an existing project where you might not have the luxury of time to correct all mistakes at once, you can add on the <configuration> section <failOnViolation>false</failOnViolation>.

Checkstyle

For Checkstyle we provide a ed-qp-checkstyle.xml configuration file following the Google Java Style Guide taken from Checkstyle project. Any rule that may be disabled on the above configuration template is documented on the configuration file.

Note to flame-warlords: We understand there is an endless debate between Google style vs Apache style, tabs vs spaces, etc. but, we believe, the purpose of a Style Guide is not to declare "the best" styling for your source code but to ensure that the source within your project (or entire organisation) looks coherent. So, just pick a style guide you feel comfortable with and stick with it; that is what we did here.

Style as you type: Are you using IntelliJ IDEA or Eclipse IDE? You can set your default styling to Google's Style Guide here.

Project integration

...
<plugins>
    ...
    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-checkstyle-plugin</artifactId>
        <version>${maven-checkstyle-plugin.version}</version>
        <executions>
            <execution>
                <id>checkstyle</id>
                <phase>validate</phase>
                <configuration>
                    <encoding>UTF-8</encoding>
                    <consoleOutput>true</consoleOutput>
                    <configLocation>ed-qp-checkstyle.xml</configLocation>
                </configuration>
                <goals>
                    <goal>check</goal>
                </goals>
            </execution>
        </executions>
        <dependencies>
            <dependency>
                <groupId>com.eurodyn.qp</groupId>
                <artifactId>ed-qp-checkstyle</artifactId>
                <version>${ed-qp.version}</version>
            </dependency>
        </dependencies>
    </plugin>
    ...
</plugins>

Gotcha: The above configuration will fail your build in case Checkstyle errors exist, which is a good thing on a new project. However, if you want to introduce checks on an existing project where you might not have the luxury of time to correct all mistakes at once, you can add on the <configuration> section <failsOnError>false</failsOnError>.

FindBugs

FindBugs does not require a specially crafted configuration (at least, for now). You can simply integrate it as part of your Maven build following the instructions below.

Project integration

...
<plugins>
    ...
    <plugin>
        <groupId>org.codehaus.mojo</groupId>
        <artifactId>findbugs-maven-plugin</artifactId>
        <version>${findbugs-maven-plugin.version}</version>
        <executions>
            <execution>
                <id>findbugs</id>
                <goals>
                    <goal>check</goal>
                </goals>
                <configuration>
                    <includeTests>true</includeTests>
                    <sourceEncoding>UTF-8</sourceEncoding>
                </configuration>
            </execution>
        </executions>
    </plugin>
    ...
</plugins>

Gotcha: The above configuration will fail your build in case FindBugs errors exist, which is a good thing on a new project. However, if you want to introduce checks on an existing project where you might not have the luxury of time to correct all mistakes at once, you can add on the <configuration> section <failOnError>false</failOnError>.

OWASP Maven Dependency Check

For OWASP MDC we provide a customised suppression list to exclude known conflicts (such as the QLACK Fuse module).

Project integration

...
<plugins>
    ...
    <plugin>
      <groupId>org.owasp</groupId>
      <artifactId>dependency-check-maven</artifactId>
      <version>${dependency-check-maven.version}</version>
      <configuration>
        <suppressionFile>owasp-suppression.xml</suppressionFile>
      </configuration>
      <executions>
        <execution>
          <goals>
            <goal>check</goal>
          </goals>
        </execution>
      </executions>
      <dependencies>
        <dependency>
          <groupId>com.eurodyn.qp</groupId>
          <artifactId>ed-qp-owasp</artifactId>
          <version>${ed-qp.version}</version>
        </dependency>
      </dependencies>
    </plugin>
    ...
</plugins>

Gotcha: The above configuration will fail your build in case OWASP errors exist, which is a good thing on a new project. However, if you want to introduce checks on an existing project where you might not have the luxury of time to correct all mistakes at once, you can add on the <configuration> section <failOnError>false</failOnError>.

com.eurodyn.qp

European Dynamics

European Dynamics provides a wide range of services in the field of Information and Communication Technologies to the public and private sector in 47 countries.

Versions

Version
1.1.0
1.0.0