代码分析仪：PMD& FindBugs的 [英] Code analyzers: PMD & FindBugs

问题描述

<强> 1。关于PMD：

1.1如何设置PMD检查，忽略其中的一些，如变量名称太短或太长， 删除空构造函数等 - 如果我这样做，会出现另一个警告，表示该类必须有一些静态方法。基本上，这个班是空的，为了后期的发展，我现在喜欢这样说。

1.2是否需要遵循此警告建议？

  A只有私有构造函数的类应该是最终的
  

1.3这是什么意思？

 类'Dog'的循环复杂度为3（最高= 17）
  

1.4这个怎么样？我很乐意改变这一点，但是现在关于变化没有任何东西可以跨越我的想法：

 将对象赋值为null是一个代码气味考虑重构。 
  

2.关于FindBugs：

2.1在比它的声明晚的某个时间点写静态字段真的很糟糕吗？以下代码给我一个警告：

  Main.appCalendar = Calendar.getInstance（）; 
 Main.appCalendar.setTimeInMillis（System.currentTimeMillis（））; 
  

其中 appCalendar 是一个静态变量。 / p>

2.2此代码：

  strLine = objBRdr.readLine（）。修剪（）; 
  

发出警告：

  readLine（）的结果立即取消引用
  

其中 objBRdr 是一个 BufferedReader（FileReader）。可能会发生什么readLine（）可以为null？
代码嵌套在 while（objBRdr.ready（）） test中，到目前为止，我没有问题。

Update1：​​2.2已修复，当我替换代码：

  strLine = objBRdr.readLine（） ; 
 if（strLine！= null）{
 strLine = strLine.trim（）; 
} 
  

解决方案

1.1如何设置PMD检查[...]

PMD将规则配置存储在称为规则集的特殊存储库中XML文件。此配置文件包含有关当前安装的规则及其属性的信息。

这些文件位于 rulesets 目录中PMD分布。使用PMD与Eclipse时，请查看自定义PMD 。

1.2是否有必要遵循此警告建议？

  A类只有私有构造函数应该是最终的
  

所有构造函数始终以调用一个超类构造函数。如果构造函数显式地包含对超类构造函数的调用，则使用该构造函数。否则，无意义的构造函数是隐含的。如果无参数构造函数不存在或对子类不可见，则会得到编译时错误。

所以实际上不可能从每个构造函数都是私有的类派生一个子类。因此，将这样的类标记为 final 是一个好主意（但不是必需的），因为它明确地防止子类化。

1.3这是什么意思？

 类'Dog'的循环复杂度为3 （最高= 17）
  

方法中的决策点加一个方法条目。决策点是if，while，for和case标签。一般来说，1-4是低复杂度，5-7表示中等复杂度，8-10是高复杂度，11+是非常高的复杂度。

话虽如此，我只是引用一些总体循环复杂性无意义：

[...]该度量仅在单一方法的上下文中有意义。提到一个类具有X的循环复杂性本质上是无用的。

因为循环复杂性在一个方法中测量
路径，所以每个方法都有
至少一个Cyclomatic复杂度为1，
对吗？所以，以下getter方法
的CCN值为1：

  public Account getAccount（）{
 return this.account; 
} 
  

从这个boogie方法中可以看出，
表示帐户是此
类的财产。现在想象这个类有15个属性，并遵循每个属性的典型的getter / setter范例，而这些属性是唯一可用的方法。这意味着该类有30个简单的方法，每个方法的Cyclomatic复杂度值为1.该类的总值为30。

该值是否具有任何意义，人？
当然，随着时间的推移看它可能会
产生有趣的东西;然而，
本身，作为一个总价值，它
基本上没有意义。 30 $ for
类意味着什么，30为方法
意味着某事。

下一次你发现自己
阅读复合聚合

类的循环复杂度值，请确保您了解该类包含的
多种方法。如果
，一个类的汇总复杂度
值为200，那么在你知道
计数的方法之前，不要
引发任何红旗。此外，如果
发现方法计数低但
，Cyclomatic复杂度值为
high，那么您几乎总是会发现本地化到一个方法的
复杂性。
就在！

所以对我来说，这个PMD规则应该小心（实际上并不是很有价值）

1.4这个怎么办？我很乐意改变这一点，但是现在关于变化没有任何东西可以跨越我的想法：

 将对象赋值为null是一个代码气味考虑重构。 
  

不知道你不了解这个。 / p>

2.1在一段时间以后写入静态字段真的很糟糕吗？ [...]

我的猜测是，您会收到警告，因为该方法包含非易失性静态的非同步延迟初始化领域。并且因为编译器或处理器可能会重新排序指令，所以线程不能保证看到一个完全初始化的对象，如果该方法可以被多个线程调用。您可以使该字段为volatile以纠正问题。

2.2 [...] 立即取消引用结果的readLine（）

如果没有更多的文本行要阅读， readLine（）将返回null和dereferencing，这将生成一个空指针异常。所以你需要确定结果是否为空。

1. Regarding PMD:

1.1 How do I set the PMD checks, to ignore some of them, like "Variable name is too short, or too long", "Remove empty constructor, etc" - and if I do that, another warning appears that says the class must have some static methods. Basically, the class was empty, for later development, and I like to leave it that way for now.

1.2 Is it necesarry to follow this warning advice?

  A class which only has private constructors should be final

1.3 What is that supposed to mean?

 The class 'Dog' has a Cyclomatic Complexity of 3 (Highest = 17)

1.4 What about this one? I would love to change this, but nothing crosses my mind at the moment regarding the change:

Assigning an Object to null is a code smell. Consider refactoring.

2.Regarding FindBugs:

2.1 Is it really that bad to write to a static field, at some point later than its declaration? The following code gives me a warning:

Main.appCalendar = Calendar.getInstance();
Main.appCalendar.setTimeInMillis(System.currentTimeMillis());

where appCalendar is a static variable.

2.2 This code:

strLine = objBRdr.readLine().trim();

gives the warning:

Immediate dereference of the result of readLine()

where objBRdr is a BufferedReader(FileReader). What could happen? readLine() could be null? The code is nested in while (objBRdr.ready()) test, and so far, I have zero problems there.

Update1: 2.2 was fixed when I replaced the code with:

strLine = objBRdr.readLine();
    if (strLine != null) {
        strLine = strLine.trim();
    }

解决方案

1.1 How do i set the PMD checks [...]

PMD stores rule configuration in a special repository referred to as the Ruleset XML file. This configuration file carries information about currently installed rules and their attributes.

These files are located in the rulesets directory of the PMD distribution. When using PMD with Eclipse, check Customizing PMD.

1.2 Is it necessary to follow this warning advice?

A class which only has private constructors should be final

All constructors always begin by calling a superclass constructor. If the constructor explicitly contains a call to a superclass constructor, that constructor is used. Otherwise the no-argument constructor is implied. If the no-argument constructor does not exist or is not visible to the subclass, you get a compile-time error.

So it's actually not possible to derive a subclass from a class whose every constructor is private. Marking such a class as final is thus a good idea (but not necessary) as it explicitly prevent subclassing.

1.3 What is that supposed to mean?

The class 'Dog' has a Cyclomatic Complexity of 3 (Highest = 17)

The complexity is the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.

Having that said, I'll just quote some parts of Aggregate Cyclomatic complexity is meaningless:

[...] This metric only has meaning in the context of a single method. Mentioning that a class has a Cyclomatic complexity of X is essentially useless.

Because Cyclomatic complexity measures pathing in a method, every method has at least a Cyclomatic complexity of 1, right? So, the following getter method has a CCN value of 1:

public Account getAccount(){
   return this.account;
}

It’s clear from this boogie method that account is a property of this class. Now imagine that this class has 15 properties and follows the typical getter/setter paradigm for each property and those are the only methods available. That means the class has 30 simple methods, each with a Cyclomatic complexity value of 1. The aggregate value of the class is then 30.

Does this value have any meaning, man? Of course, watching it over time may yield something interesting; however, on its own, as an aggregate value, it is essentially meaningless. 30 for the class means nothing, 30 for a method means something though.

The next time you find yourself reading a copasetic aggregate Cyclomatic complexity value for a class, make sure you understand how many methods the class contains. If the aggregate Cyclomatic complexity value of a class is 200– it shouldn’t raise any red flags until you know the count of methods. What’s more, if you find that the method count is low yet the Cyclomatic complexity value is high, you will almost always find the complexity localized to a method. Right on!

So to me, this PMD rule should be taken with care (and is actually not very valuable).

1.4 What about this one? I would love to change this, but nothing crosses my mind at the moment regarding the change:

Assigning an Object to null is a code smell. Consider refactoring.

Not sure what you don't get about this one.

2.1 Is it really that bad to write to a static field, at some point later than its declaration? [...]

My guess is that you get a warning because the method contains an unsynchronized lazy initialization of a non-volatile static field. And because the compiler or processor may reorder instructions, threads are not guaranteed to see a completely initialized object, if the method can be called by multiple threads. You can make the field volatile to correct the problem.

2.2 [...] Immediate dereference of the result of readLine()

If there are no more lines of text to read, readLine() will return null and dereferencing that will generate a null pointer exception. So you need indeed to check if the result is null.

这篇关于代码分析仪：PMD&amp; FindBugs的的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！