简介
Pmd 它是一个基于静态规则集的Java源码分析器,它可以识别出潜在的如下问题:
– 可能的bug——空的try/catch/finally/switch块。
– 无用代码(Dead code):无用的本地变量,方法参数和私有方法。
– 空的if/while语句。
– 过度复杂的表达式——不必要的if语句,本来可以用while循环但是却用了for循环。
– 可优化的代码:浪费性能的String/StringBuffer的使用
PMD支持 java]go]php \JavaScript
pmd:基于源代码分析,主要面向安全编码规则,如“避免声明同名变量”,包括风格类、类型使用等等,具备一定的数据流分析和路径分析能力。
PMD基本命令
pmd -d C:\Users\lsp\Desktop\svn\jhotdraw7\src -f html -R rulesets/java/unusedcode.xml
命令参数参考:
https://pmd.github.io/pmd-6.23.0/pmd_userdocs_cli_reference.html
制定规则集
新建一个xml,xml模板
<?xml version="1.0"?>
<ruleset name="Custom Rules"
xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 https://pmd.sourceforge.io/ruleset_2_0_0.xsd">
<description>
My custom rules
</description>
<!-- Your rules will come here -->
</ruleset>
引用PMD内置的单个规则
<rule ref="category/java/errorprone.xml/EmptyCatchBlock" />
批量添加规则
<rule ref="category/java/codestyle.xml">
<exclude name="WhileLoopsMustUseBraces"/>
<exclude name="IfElseStmtsMustUseBraces"/>
</rule>
过滤文件
设置不需要检查的文件
<exclude-pattern>.*/some/package/.*</exclude-pattern>
<exclude-pattern>.*/some/other/package/FunkyClassNamePrefix.*</exclude-pattern>
<include-pattern>.*/some/package/ButNotThisClass.*</include-pattern>
配置消息规则
指定rule 的属性message
<rule ref="category/java/errorprone.xml/EmptyCatchBlock"
message="Empty catch blocks should be avoided" >
</rule>
配置优先级
标签指定优先级,优先级有1-5,1是最高
<rule ref="category/java/errorprone.xml/EmptyCatchBlock"
message="Empty catch blocks should be avoided" >
<priority>5</priority>
</rule>
自定义规则
示例:修改reportLevel =150
<rule ref="category/java/design.xml/NPathComplexity">
<properties>
<property name="reportLevel">
<value>150</value>
</property>
</properties>
</rule>
或者
<property name="reportLevel" value="150"/>
指定多值属性,使用逗号或者管道符
<property name="legalCollectionTypes"
value="java.util.ArrayList|java.util.Vector|java.util.HashMap"/>
<rule name="DontCallBossShort"
language="java"
message="Boss wants to talk to you."
class="net.sourceforge.pmd.lang.rule.XPathRule" >
<description>
TODO
</description>
<priority>3</priority>
<properties>
<property name="xpath">
<value>
<![CDATA[
//VariableDeclaratorId[../../Type[@TypeImage="short"] and @Image = "bill"]
]]>
</value>
</property>
</properties>
</rule>
使用已有规则
<?xml version="1.0"?>
<ruleset name="facebankrules">
<description>
Sample ruleset for facebank developers
</description>
<rule ref="rulesets/java/unusedcode.xml"/>
<rule ref="rulesets/java/design.xml"/>
<rule ref="rulesets/java/imports.xml"/>
<rule ref="rulesets/java/strings.xml"/>
<rule ref="rulesets/java/braces.xml"/>
<rule ref="rulesets/java/codesize.xml"/>
<rule ref="rulesets/java/javabeans.xml"/>
<rule ref="rulesets/java/coupling.xml"/>
<rule ref="rulesets/java/strictexception.xml"/>
<rule ref="rulesets/java/logging-java.xml"/>
<rule ref="rulesets/java/sunsecure.xml"/>
</ruleset>
SuppressWarnings 禁止警告
在java代码中禁用警告
针对某个类中加禁用
@SuppressWarnings(“PMD”)
public class Bar {
void bar() {
int foo;
}
}
对整个class文件加禁止(主要是单引号)
@SuppressWarnings(‘PMD’)
禁用一个规则
@SuppressWarnings(“PMD.UnusedLocalVariable”)
public class Bar {
void bar() {
int foo;
}
}
禁用多个规则
@SuppressWarnings({“PMD.UnusedLocalVariable”, “PMD.UnusedPrivateMethod”})
或者
@SuppressWarnings(‘PMD.UnusedLocalVariable, PMD.UnusedPrivateMethod’)
不使用规则集中的所有规则
@SuppressWarnings(“unused”)
NOPMD注释 禁止警告
//NOPMD 忽视特殊的行
public class Bar {
// 'bar' is accessed by a native method, so we want to suppress warnings for it
private int bar; //NOPMD
}
public class Foo {
void bar() {
int x = 42;
if (x > 5) { // NOPMD
}
}
}
// TURN_OFF_WARNINGS 显式禁用警告
public class Foo {
void bar() {
int x = 2; // TURN_OFF_WARNINGS
}
}
$ pmd -d Foo.java -f text -R java-unusedcode -suppressmarker TURN_OFF_WARNINGS
NOPMD 后放置的消息将在报告中显示
public class Foo {
void bar() {
try {
bar();
} catch (FileNotFoundException e) {} // NOPMD - this surely will never happen
}
}
violationSuppressRegex 禁止警告
<rule ref="rulesets/java/unusedcode.xml/UnusedFormalParameter">
<properties>
<property name="violationSuppressRegex" value=".*'mySpecialParameterName'.*"/>
</properties>
</rule>
violationSuppressXPath禁止警告
禁止String变量没有使用的警告
<rule ref="rulesets/java/unusedcode.xml/UnusedFormalParameter"> <properties> <property name="violationSuppressXPath" value=".[typeIs('java.lang.String')]"/> </properties> </rule>
禁止包含Bean类名中发生的冲突
<property name="violationSuppressXPath" value="./ancestor::ClassOrInterfaceDeclaration[contains(@Image, 'Bean')]"/>
在以Bean结尾的类中禁止警告
<property name="violationSuppressXPath" value="./ancestor::ClassOrInterfaceDeclaration[matches(@Image, '^.*Bean$')]"/>
避免在表达式的开头使用//,因为它将测试文件中的所有节点,并抑制超出预期的冲突。
CPD
用于检测重复代码
CPD简单使用
cpd --minimum-tokens 100 --files /usr/local/java/src/java
可同时制定多个文件
cpd --minimum-tokens 100 --files /path/to/other/source --files /path/to/other/source
禁止CPD检测
//enable suppression
@SuppressWarnings("CPD-START")
public Object someParameterizedFactoryMethod(int x) throws Exception {
// any code here will be ignored for the duplication detection
}
//disable suppression
@SuppressWarnings("CPD-END)
public void nextMethod() {
}
jenkins集成PMD
jenkins安装pmd插件,shell 命令中使用PMD命令
sonar集成PMD
sonar安装pmd插件
PMD整合阿里PM3规则
https://www.jianshu.com/p/b849175dd38b