Static code analysis is the analysis of the software that is performed without actually executing the program. The process provides an understanding of the code structure and can help to ensure that the code adheres to industry standards. Static analysis code reviews compare the source code of an application with a set of standards to ensure the source code compiles with those standards, to find unwanted dependencies, and to ensure that the intended structural design of the code is maintained. The main advantage of static analysis is the fact that it can reveal errors that do not manifest themselves until a disaster occurs. Static analysis is only a first step in a comprehensive software quality regime.
Using static analysis tools you can analyze the software without having to run the application. These tools come in the aid of the developer to find existing bugs in the code without requiring to put much effort. Good tools are a valuable addition to your toolbox. There are lot of tools available, but I am going to discuss about the FindBugs plug-in for the eclipse and its usage.
FindBugs, what is it?
FindBugs is a static analysis tool that finds coding mistakes by examining java class files looking for potential problems by matching your bytecode against a list of bug patterns.
FindBugs is a tool that is both a stand-alone Java application and an Eclipse plug-in. The stand-alone tool is a command line, ant and a Swing interface. Check the download page for all the download links for all FindBugs versions. Eclipse plug-in for FindBugs require Eclipse 3.3 or later. Use the Eclipse update manager/Install New Software feature to install FindBugs from the FindBugs update site http://findbugs.cs.umd.edu/eclipse
Installing FindBugs plug-in
Start Eclipse. From the Eclipse menu select Help –> Install New Software (My Eclipse version is 3.5 – Eclipse Galileo). If you’re using an older version you might see Software Updates instead of Install New Software.
In the Install window click on the Add button to add a new update site, see the figure below. In the Add Site window enter the FindBugs update site http://findbugs.cs.umd.edu/eclipse in the location text box and click ok.
Simply follow the on screen instructions to install the plug-in. After the plug-in is installed restart the workbench for the changes to take effect.
After the installation is finished configure the FindBugs plug-in for your project requirements, priorities, and reporter configurations. From the Window menu select Window –> Preferences. Select FindBugs under Java in the left hand pane.
You can run FindBugs against a file, package or entire project. Select the file or package or project in which you want to find bugs, from the right click context menu select Find Bugs –> Find Bugs. Once FindBugs finishes the analysis it will prompt you to switch to the FindBugs perspective.
If it doesn’t switch then from the main menu select Window –> Open Perspective –> Other. From the Open Perspective window select FindBugs and click on ok.
In the Bug Explorer view you can see all the bugs it found (depending on your configurations and reporter priorities). Double click on the bug entry in the bug explorer to open it.
See in the properties view why it thinks its a bug and see the explanation on how to make it better. Make better software by finding the bugs early.