Well, the title says it all: Is there a repository/collection for useful PMD XPath rules? I know there are PMD Java rules on the PMD page, e.g. http://pmd.sourceforge.net/pmd-5.1.3/rules/java/imports.html
Is there a similar collection for PMD XPath rules?
Related
Agenda and reason to ask this question : I was going through profile created by someone and want to remove false positive rules.
Question :
For example :
I want to understand below rule,
"Correctness - Class defines methods which confuse Character with int parameters"
Where should i see details and examples?
Thanks,
Roshankumar
Since you appear to be in a SonarQube rule list context, the rule detail will give you this. To see it, click on the rule or right-arrow.
The descriptions for FindBugs rules can be terse at best, but this is an FB-contrib rule with a slightly longer description. However, it does not contain examples.
I'm starting to use Static Code Analysis tools like Checkstyle, PMD and FindBugs.
PMD allows to mark code as reviewed, by adding a comment to the end of the line:
System.out.println("Test"); // NOPMD by edward on 9/23/14 10:22 AM
I really don't like trailing comments and so does CheckStyle ("Don't use trailing comments."). Is there a way to tell PMD that a specific code is reviewed, without using trailing comments?
Another way of tackling this could be to configure Checkstyle to make an exception from the TrailingComment rule for suppression comments like this:
<module name="TrailingComment">
<property name="legalComment" value="^NOPMD .*"/>
</module>
You can try to add #SuppressWarnings("PMD") to the class or method where you get the warning. However, this is not the best solution, because it will disable all warnings on the marked target. Here, you can read more about suppressing.
You could maybe try FaultHunter, which is very similar to PMD, and can suppress warnings by kind (e.g. #SuppressWarnings("FH.UnusedConstructor")) and even on method level.
Cppcheck is the tool which analyses our CPP code. I want to create custom rule for Cppcheck to check whether all functions have comments or not. For that I need a PCRE (Pearl regex) pattern. Or any other predefined rules to address this scenarios.
There are some predefined rules available # installerlocation\cfg, what is the purpose of it? whether we can write rules using it instead of tools?
I am a cppcheck author. Yes, you can write rules using PCRE expressions. But as far as I know you can't see if there are comments from a rule. As far as I know, all comments and indentation are removed before any rules are executed.
I tried with PMD but it have only 'Cyclomatic Complexity'.
I find 'Fan out' rule in checkstyle.
Which tool has all these three rules?
I achieved with Checkstyle tool.
Recently, we were trying to write a PMD rule to spot all occurances of Spring JDBC template's query* methods. Looking at some sample AST xml code, I wrote the following innocuous XPATH expression.
//PrimaryPrefix[Name[starts-with(#Image,'jdbcTemplate.query')]]
But very soon, we realized that this is not adequate. If someone writes "this.jdbcTemplate.queryForObject" then "this" becomes the "Primary Prefix" and "jdbcTemplate" becomes the "Suffix". Also the variable name of the JDBCTemplate object instance could be anything.
I thought it would be fairly easy to construct a XPATH expression to find out the occurance of a particular Class method call - anywhere in the code, but looking at the AST tree, I am just not able to figure it out. Is a XPATH really possible, or we have to write Java code?
I would suggest using the Sonar architectural rules engine to find this kind of violation.