gradle-static-analysis-plugin

Additional

Language
Groovy
Version
1.2 (Nov 22, 2019)
Created
Nov 9, 2016
Updated
Feb 11, 2022 (Retired)
Owner
Novoda (novoda)
Contributors
Antonio Bertucci (mr-archano)
Paul Blundell (blundell)
Sebastiano Poggi (rock3r)
Pablisco (pablisco)
Ferran Garriga (zegnus)
Adam Brown (ouchadam)
Volker Leck (devisnik)
Ataul Munim (ataulm)
Said Tahsin Dane (tasomaniac)
Francesco Pontillo (frapontillo)
Florian Mierzejewski (florianmski)
Luis G. Valle (lgvalle)
Juanky Soriano (juankysoriano)
Eduard-Cristian Boloș (eduardb)
Jozef Celuch (JozefCeluch)
Rui Teixeira (takecare)
Adam McNeilly (AdamMc331)
Tobias Heine (tobiasheine)
18
Activity
Badge
Generate
Download
Source code

[DEPRECATED] Gradle static analysis plugin

⚠️ A fork of this project is maintained at https://github.com/GradleUp/static-analysis-plugin/ Please migrate by using com.gradleup.static-analysis plugin id instead.

A Gradle plugin to easily apply the same setup of static analysis tools across different Android, Java or Kotlin projects.

Supports Task Configuration Avoidance so that you have zero overhead in build speeds when you use this plugin!

Description

Gradle supports many popular static analysis (Checkstyle, PMD, FindBugs, etc) via a set of built-in plugins. Using these plugins in an Android module will require an additional setup to compensate for the differences between the model adopted by the Android plugin compared to the the Java one.

The gradle-static-analysis-plugin aims to provide:

  • flexible, configurable penalty strategy for builds
  • easy, Android-friendly integration for all static analysis
  • convenient way of sharing same setup across different projects
  • healthy, versionable and configurable defaults

Supported tools

The plugin supports various static analysis tools for Java, Kotlin and Android projects:

Please note that the tools availability depends on the project the plugin is applied to. For more details please refer to the supported tools page.

Tools in-consideration

  • CPD (Duplicate Code Detection) #150
  • error-prone #151
  • Jetbrains IDEA Inspections #152

For all tools in consideration, please refer to issues.

Out-of-the-box support for Android projects

Android projects use a Gradle model that is not compatible with the Java one, supported by the built-in static analysis tools plugins. Applying gradle-static-analysis-plugin to your Android project will make sure all the necessary tasks are created and correctly configured without any additional hassle.

Add the plugin to your project

Apply the plugin from jCenter as a classpath dependency

buildscript {
    repositories {
       jcenter()
    }
    dependencies {
        classpath 'com.novoda:gradle-static-analysis-plugin:1.2'
    }
}

apply plugin: 'com.novoda.static-analysis'

or from the Gradle Plugins Repository:

plugins {
    id 'com.novoda.static-analysis' version '1.2'
}

Simple usage

A typical configuration for the plugin will look like:

staticAnalysis {
    penalty {
        maxErrors = 0
        maxWarnings = 0
    }
    checkstyle { }
    pmd { }
    findbugs { }
    spotbugs { }
    detekt { }
    lintOptions { }
}

This will enable all the tools with their default settings and create evaluateViolations task. Running ./gradlew evaluateViolations task will run all configured tools and print the reports to console. For more advanced configurations, please refer to the advanced usage and to the supported tools pages.

Sample app

There are two sample Android projects available, one consisting of a regular app - available here - and the other comprising a multi-module setup available here. Both sample projects showcase a setup featuring Checkstyle, FindBugs, SpotBugs, PMD, Lint, Ktlint and Detekt.

Snapshots

Snapshot builds from develop are automatically deployed to a repository that is not synced with JCenter. To consume a snapshot build add an additional maven repo as follows:

repositories {
    maven {
        url 'https://dl.bintray.com/novoda-oss/snapshots/'
    }
}

You can find the latest snapshot version following this link.

Roadmap

This project is routinely used by many Novoda projects and by other external projects with no known critical issues.

Future improvements and new tool integrations can be found on the repository's issue tracker.