如何审核 Java EE 项目? [英] How to audit a Java EE project?

问题描述

我必须审核基于 JSF/CDI/EJB3.0/JPA 的 Java EE Web 项目(仅举出一些所涉及的技术).

I've to audit the code-architecture quality and maintainability (in the end to be sure we have what we paid for) a Java EE web project based on JSF/CDI/EJB3.0/JPA (just to name some of the technologies involved).

这可能不是问的正确地方，但您如何处理此类任务?基本上，我会从粗粒度到细粒度，即从整个架构到 java 代码.是不是把每一层都彻底处理好?我应该在低层上花更多时间吗?

This may not be the right place to ask but how do you deal with this kind of task? Basically, I would proceed from coarse-grained to fine-grained, i.e. from the whole architecture to the java code. Is it better to deal with each layer completely? Should I spend more time on the low-level layers?

您是否评估了整个事情(构建、部署、测试)?

Do you assess the whole thing (build, deployment, test)?

推荐答案

在较低的物理/实现层面，我喜欢采用maven作为构建工具，然后配置丰富的maven报告，制作一个网站充满各种代码指标.

At the lower physical/implementation level, what I like to do is adopt maven as a build tool, and then configure the extensive maven reporting, to produce a website full of various code metrics.

• 对于初学者来说，有 maven checkstyle 插件，它可以报告代码符合指定的标准，编码标准的一致性有很多明显的好处，大多数项目只会采用一种预先配置的标准，例如太阳或阿帕奇.
• findbugs 插件列出了潜在的编程错误
• 有多种代码覆盖率报告可供选择，我使用了 cobertura.这些显示应用程序中的一行一行，哪些部分被单元测试覆盖.Maven 支持构建生命周期中的单元测试，将它们作为构建的一部分运行.这救了我好几次.
• PMD 插件 识别重复代码，并突出显示可能需要的区域重构.

• For starters there is the maven checkstyle plugin which can report on code conformance to a specified standard, consistency in coding standards has many obvious benefits, most projects would simply adopt one of the pre-configured standards e.g. sun or apache.
• The findbugs plugin lists potential programming errors
• There are a choice of code coverage reports, I've used cobertura. These show line for line in an application which parts are covered by unit tests. Maven supports unit tests in the build life-cycle, running them as part of the build. This has saved me a few times.
• The PMD plugin identifies duplicated code, and highlights areas that may need refactoring.

一旦设置完成并成为正常构建周期的一部分，它基本上会自行处理，您无需担心进行大型两年一次的审核/追赶.

Once this is setup and becomes part of the normal build cycle, it basically takes care of itself, and you won't have to worry about doing large bi-annual audits/catch-up.

许多报告都有阈值限制，可以将其配置为在违反时构建失败，即超过 n% 的 checkstyle 错误会导致构建失败.

Many of the reports have threshold limits that can be configured to fail the build if breached, i.e. more than n% checkstyle errors, cause a build failure.

Maven 还促进了构建应用程序的模块化方法，这导致更小、更易于理解和可重用的模块，以及关注点分离，即表示层和持久层的单独模块.maven 提供的主要好处是管理模块之间的相互依赖关系.

Maven also promotes a modular approach to building applications, this results in smaller more understandable and re-usable modules, as well as separation of concerns, i.e. separate modules for presentation and persistence layers. The main benefit that maven provides is managing the inter-dependencies between the modules.

不过，这在更高级别的架构层上对您没有多大帮助，因此需要一种补充方法来覆盖该维度.

This doesn't help you very much at the higher-level architecture layers though, so a complementary approach will be required to cover that dimension.

在此链接中查看一些示例报告
http://maven.apache.org/plugins/maven-dependency-plugin/project-reports.html

See some sample reports at this link
http://maven.apache.org/plugins/maven-dependency-plugin/project-reports.html

这篇关于如何审核 Java EE 项目?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！