Skip to content

Maven Plugin Usage

Jump to bottom
Sean Flanigan edited this page Aug 22, 2018 · 4 revisions

Maven Plugins for Static Analysis

Zanata's build includes several static analysis plugins. The local build script for Zanata skips static analysis by default, unless you add the -A/--analyse option. The Jenkins build does include static analysis, but if you want to run a single analysis plugin locally, these instructions should help.

In general, the analysis plugins are configured to skip analysis unless the Maven option -DstaticAnalysis is provided, so most of these instructions include that option.

Several of the plugins get their configuration from the build-tools module, so if you get an error message which mentions build-tools, it often helps to run this first: mvn install -DskipTests -pl ':build-tools'

Note that these instructions are still in flux. They may do unnecessary work, or not work at all.

The Plugins

Animal Sniffer

Checks that compiled bytecode is compatible with the target runtime API (currently Java 8).

mvn -DstaticAnalysis animal-sniffer:check

Checkstyle

Mainly checks formatting style, but also some design rules

mvn -DstaticAnalysis checkstyle:check

Dependency Analyser

Checks for the use of transient dependencies which aren't compatible with each other.

mvn -DstaticAnalysis dependency:analyze -DexcludeFrontend

Detekt

Checks for bug patterns and code smells in Kotlin code.

cd server
mvn install -DskipTests -DskipITs -Dappserver=wildfly8 -Dgwt.compiler.skip -Dskip.yarn antrun:run@detekt

Duplicate Finder

Checks for duplicate classes appearing in multiple dependencies.

mvn -DstaticAnalysis org.basepom.maven:duplicate-finder-maven-plugin:check

Enforcer

Checks for banned dependencies, bytecode versions, extra Maven repositories.

mvn enforcer:enforce -DstaticAnalysis -pl '!:build-tools'

FindBugs/SpotBugs

Checks for bug patterns and code smells in Java bytecode. (Use Detekt for Kotlin code.)

mvn findbugs:check -DstaticAnalysis

Restrict

With this plugin, you can restrict access from any package/class to target package/class/method inside the compiled code and the (jar/war/ear) dependencies.

See https://github.com/yamanyar/restrict-maven-plugin

mvn restrict-maven-plugin:restrict@default -Drestrict.skip=false

Zanata wiki

Clone this wiki locally