detekt

Meet detekt, a static code analysis tool for the Kotlin programming language. It operates on the abstract syntax tree provided by the Kotlin compiler.

Features

• Code smell analysis for your Kotlin projects
• Complexity reports based on lines of code, cyclomatic complexity and amount of code smells
• Highly configurable rule sets
• Suppression of findings with Kotlin's @Suppress and Java's @SuppressWarnings annotations
• Specification of quality gates which will break your build
• Code Smell baseline and suppression for legacy projects
• Gradle plugin for code analysis via Gradle builds
• SonarQube integration
• Extensibility by enabling incorporation of personal rule sets, FileProcessListener's and OutputReport's
• IntelliJ integration
• Third party integrations for Maven, Bazel and Github Actions (Docker based and Javascript based)

Project Website

Visit the project website for installation guides, release notes, migration guides, rule descriptions and configuration options.

Quick-Links

• Changelog and migration guides
• Available CLI options
• Rule set and rule descriptions
• Writing custom rules and extending detekt
• Suppressing issues in code
• Suppressing issues via baseline file
• Configuring detekt
• Sample Gradle integrations examples:
  • multi project (Kotlin DSL)
  • single project (Groovy DSL)
  • single project (Unofficial Maven plugin)

Quick Start ...

with the command-line interface

curl -sSLO https://github.com/detekt/detekt/releases/download/v[version]/detekt-cli-[version]-all.jar
java -jar detekt-cli-[version]-all.jar --help

You can find other ways to install detekt here

with Gradle

plugins {
    id("io.gitlab.arturbosch.detekt").version("[version]")
}

repositories {
    mavenCentral()
}

detekt {
    buildUponDefaultConfig = true // preconfigure defaults
    allRules = false // activate all available (even unstable) rules.
    config = files("$projectDir/config/detekt.yml") // point to your custom config defining rules to run, overwriting default behavior
    baseline = file("$projectDir/config/baseline.xml") // a way of suppressing issues before introducing detekt
}

tasks.withType<Detekt>().configureEach {
    reports {
        html.required.set(true) // observe findings in your browser with structure and code snippets
        xml.required.set(true) // checkstyle like format mainly for integrations like Jenkins
        txt.required.set(true) // similar to the console output, contains issue signature to manually edit baseline files
        sarif.required.set(true) // standardized SARIF format (https://sarifweb.azurewebsites.net/) to support integrations with Github Code Scanning
    }
}

// Groovy DSL
tasks.withType(Detekt).configureEach {
    jvmTarget = "1.8"
}
tasks.withType(DetektCreateBaselineTask).configureEach {
    jvmTarget = "1.8"
}

// or

// Kotlin DSL
tasks.withType<Detekt>().configureEach {
    jvmTarget = "1.8"
}
tasks.withType<DetektCreateBaselineTask>().configureEach {
    jvmTarget = "1.8"
}

See maven central for releases and sonatype for snapshots.

If you want to use a SNAPSHOT version, you can find more info on this documentation page.

Requirements

Gradle 6.1+ is the minimum requirement. However, the recommended versions together with the other tools recommended versions are:

The list of recommended versions for previous detekt version is listed here.

Adding more rule sets

detekt itself provides a wrapper over ktlint as a formatting rule set which can be easily added to the Gradle configuration:

dependencies {
    detektPlugins("io.gitlab.arturbosch.detekt:detekt-formatting:[version]")
}

Likewise custom extensions can be added to detekt.

Contributing

See CONTRIBUTING

Thanks to all the people who contributed to detekt!

Mentions

As mentioned in...

• KotlinConf 2018 - Safe(r) Kotlin Code - Static Analysis Tools for Kotlin by Marvin Ramin
• droidcon NYC 2018 - Static Code Analysis For Kotlin
• Kotlin on Code Quality Tools - by @vanniktech Slides Presentation
• Integrating detekt in the Workflow
• Check the quality of Kotlin code
• Kotlin Static Analysis Tools
• Are you still smelling it?: A comparative study between Java and Kotlin language by Flauzino et al.
• Preventing software antipatterns with Detekt

Integrations:

• Codacy
• Gradle plugin that configures Error Prone, Checkstyle, PMD, CPD, Lint, Detekt & Ktlint
• Violations Lib is a Java library for parsing report files like static code analysis.
• sputnik is a free tool for static code review and provides support for detekt
• Novoda Gradle Static Analysis plugin
• Detekt Maven plugin that wraps the Detekt CLI
• Detekt Bazel plugin that wraps the Detekt CLI
• Gradle plugin that helps facilitate GitHub PR checking and automatic commenting of violations
• Codefactor
• GitHub Action: Detekt All
• IntelliJ Platform Plugin Template
• Sonatype Lift

Custom rules and reports from 3rd parties:

• detekt-verify-implementation by cph-cachet
• detekt-hint by mkohm is a plugin to detekt that provides detection of design principle violations through integration with Danger
• GitLab report format

Credits

• JetBrains - Creating IntelliJ + Kotlin
• PMD & Checkstyle & ktlint - Ideas for threshold values and style rules