简介: 本文假设你是java 的开发者,已经安装eclipse 及 JDK 等工作环境。 静态分析工具承诺无需开发人员费劲就能找出代码中已有的缺陷。当然,如果有多年的编写经验,就会知道这些承诺并不是一定能兑现。尽管如此,好的静态分析工具仍然是工具箱中的无价之宝。
过早,过多的依赖工具会导致精力分散,设计和编码效率下降。
在软件的初始设计阶段先不必使用静态代码扫描工具,到了集成阶段才开始使用。对于迭代方式开发的团队应该在每次迭代前清除已知的bug。
代码质量工具的一个问题是它们容易为开发人员提供大量但并非真正问题的问题——即 伪问题(false positives)。出现伪问题时,开发人员要学会忽略工具的输出或者放弃它。FindBugs 的设计者 David Hovemeyer 和 William Pugh 注意到了这个问题,并努力减少他们所报告的伪问题数量。与其他静态分析工具不同,FindBugs 不注重样式或者格式,它试图只寻找真正的缺陷或者潜在的性能问题。
FindBugs 是一个静态分析工具,它检查类或者 JAR 文件,将字节码与一组缺陷模式进行对比以发现可能的问题。有了静态分析工具,就可以在不实际运行程序的情况对软件进行分析。
|
安装 JDK:1.5.0 从http://java.sun.com上去下载安装 Eclipse:3.1.1 从http://www.eclipse.org 上去下载解压 FindBugs:0.9.4 从http://findbugs.sourceforge.net/ 官方的文档 http://findbugs.sourceforge.net/manual/ Eclipse plugin for FindBugs version 0.0.17 从 http://findbugs.sourceforge.net/downloads.html 下载 |
Here is how to install and use the Find Bugs Eclipse Plug-in:
NOTE: Since FindBugs requires a JDK 1.5.x to run on, you MUST ENSURE that you
start Eclipse using a JRE/JDK 1.5.x (or later) as well.
Install the plug-in
===================================================
1) Extract the contents of the file
- edu.umd.cs.findbugs.plugin.eclipse_1.1.0.v20060908.zip
into the [plugins] folder of your Eclipse installation. This should result in
the following directory structure:
<eclipse-dir>
|
+- plugins
|
+- edu.umd.cs.findbugs.plugin.eclipse_1.1.0.v20060908
|
+- plugin.xml
+- icons
+- lib
| |
| +- annotations.jar
| asm-3.3.jar
| asm-commons-3.3.jar
| asm-tree-3.3.jar
| bcel.jar
| commons-lang-2.4.jar
| dom4j-1.6.1.jar
| jaxen-1.1.1.jar
| jFormatString.jar
| jsr305.jar
|
+- META-INF
| |
| +- MANIFEST.MF
|
+- plugin
findbugs-plugin.jar
plugin.properties
plugin.xml
RELEASENEOTES
smallBuggy.png
2) (Re-)start Eclipse
Using the plug-in
==================
The plug-in can operate in two modes: the automatic mode and the manual mode.
Automatic mode
---------------
When running in automatic mode, the plug-in will look for bug patterns every time
you build your project or a single Java file. This means that (normally) every
time you save a Java file, the FindBugs plug-in will scan this file for bugs.
To enable the automatic mode:
1) Open the context menu of a Java project (please go to the Java perspective first!)
2) Select [Properties] from the context menu
3) In the properties dialog, switch to the [FindBugs} section and
4) Check the [Run FindBugs automatically] option.
5) Click [OK] or [Apply] to persist your change.
Manual mode
------------
Since running the FindBugs plug-in in automatic mode can be vey time-consuming,
you may choose to run the plug-in in manual mode. As the name implies, you
have to start the bug pattern detecion manually when the plug-in is in manual mode.
To enable manual mode:
1) Make sure that the [Run FindBugs automatically] checkbox on the Java project properties
page is disabled.
2) Open the context menu of the current Java project.
3) Select [Find Bugs -> Find Bugs]. The bug pattern detection process will be started.
-
FindBugs, Part 1: Improve the quality of your code 英文原文.
- 下载 最新版本的 FindBugs。
- installing_findbugsplugin.txt under $ECLIPSE_HOME/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.0.20111220/doc