Maven项目集成CheckStyle,PMD,FindBugs进行静态代码扫描

在pom.xml里添加以下maven插件配置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<!-- 静态代码检查 -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
<version>2.11</version>
<configuration>
<configLocation>checkstyle.xml</configLocation>
<includeResources>false</includeResources>
<failOnViolation>true</failOnViolation>
<violationSeverity>info</violationSeverity>
<maxAllowedViolations>0</maxAllowedViolations>
<consoleOutput>true</consoleOutput>
<encoding>UTF-8</encoding>
<includes>
**\/package\/**.java,**\/otherpackage\/**.java
</includes>
</configuration>
<!-- <executions>
<execution>
<goals>
<goal>check</goal>
</goals>
<phase>validate</phase>
</execution>
</executions>-->
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-pmd-plugin</artifactId>
<version>2.7.1</version>
<configuration>
<failurePriority>5</failurePriority>
<failOnViolation>true</failOnViolation>
<targetJdk>${jdk.version}</targetJdk>
<verbose>true</verbose>
<outputEncoding>UTF-8</outputEncoding>
<rulesets>
<ruleset>pmd.xml</ruleset>
</rulesets>
<includes>
<include>**\/package\/**.java</include>
<include>**\/otherpackage\/**.java</include>
</includes>
</configuration>
<!-- <executions>
<execution>
<phase>package</phase>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>-->
</plugin>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>2.5.2</version>
<configuration>
<onlyAnalyze>
cn.shenyanchao.package.*,
cn.shenyanchao.otherpackage.*,
</onlyAnalyze>
<includeFilterFile>findbugs.xml</includeFilterFile>
<failOnError>true</failOnError>
<outputEncoding>UTF-8</outputEncoding>
</configuration>
<!-- <executions>
<execution>
<phase>package</phase>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>-->
</plugin>

这些配置集成了checkstyle,pmd,findbugs的插件。并指明了要使用的规则集合(checkstyle.xml,pmd.xml,findbugs.xml)。

那么能否指定只扫描特定的包或者文件呢?

上面checkstyle用的是:

1
2
3
<includes>
**\/package\/**.java,**\/otherpackage\/**.java
</includes>

pmd是:

1
2
3
4
<includes>
<include>**\/package\/**.java</include>
<include>**\/otherpackage\/**.java</include>
</includes>

findbugs则使用的是:

1
2
3
4
<onlyAnalyze>
cn.shenyanchao.package.*,
cn.shenyanchao.otherpackage.*,
</onlyAnalyze>
如何在编译期间或打包期间执行检查?

如上所示的注释掉部分,添加就可以了:

1
2
3
4
5
6
7
8
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>check</goal>
</goals>
</execution>
</executions>

这里的意思是在mvn 执行打包package的时候进行check操作。因此如果check不通过,那么将不会编译打包成功。

申艳超 wechat
欢迎关注微信订阅号~
您的支持是我原创的动力!