[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [eclipse.org-project-leadership] Coverity Scan for Eclipse projects

On 05/31/2013 11:22 PM, Stephan Herrmann wrote:
From a brief look at the types of issues found by Coverty Scan
there seems to be significant overlap with similar capabilities by JDT.
OTOH, I have the feeling that most projects only use a fraction of
JDT's capabilities, for fear of being overwhelmed by too many warnings.
That's right, JDT is a great tool when it comes to static analysis in the IDE. Coverity (or Sonar) would delegate this analysis to build time, allowing reports, trends and a global view on the project quality metrics and hotspots. JDT doesn't do that.
Also, I feel most people keep the default PDE settings in their workspace, and that this default settings are actually quite weak. So the power of PDE for static analysis is hidden because of those default settings.

If any projects consider the offer from Coverty attractive, it would be
interesting to hear - from a JDT p.o.v. -  what are their expectations.
I think the idea is to get an overview of the qualify. See for example what Sonar gives: https://dev.eclipse.org/sonar/dashboard/index/1
You'll see the same errors as you can see with PDE and FindBugs plugins in your workspace in the context of a file edition, but you have a dedicated view on the quality metrics, that may allow you to see how much technical debt your project has and what are its weaknesses.

--
Mickael Istria
Eclipse developer at JBoss, by Red Hat
My blog - My Tweets