CODEWITHSUNDEEP
android
piks
piks

Reputation: 1673

What is the best static code analysis tool for an Android project?

I have developed an Android app using the Eclipse IDE and now the code count has grown very huge. I want to do the code review using a static code analysis tool to help me find any silly mistakes in the code such duplicate code, exception handling errors etc. It should be pluggable within the Eclipse IDE.

Can anybody suggest a tool which I can use in my project to detect coding issues?

Upvotes: 24

Views: 25949

Answers (3)

Android Developer
Android Developer

Reputation: 9653

SonarQube is a platform to analyze code quality, security and reliability. It is a continuous inspection engine and offers reports on duplicated code, exception handling, coding standards, unit tests, code coverage, code complexity, potential bugs, comments, design and architecture etc.

I have used it and it helps me to detect bugs and keep my code clean and of good quality.

UPDATE

Below is the link of post on my blog which gives complete detailed explanation of integrating SonarQube with SonarQube Scanner.

Integrating and Understanding SonarQube in Android

Upvotes: 4

Ranjithkumar
Ranjithkumar

Reputation: 18406

Sonarqube step by step implementation

Step 1: First download the sonarqube LTS(Stable version) from this link

Don't download latest version. It produce java version issue. I tried 7.3 version working fine for me.

enter image description here

https://www.sonarqube.org/downloads/

Step 2: goto conf -> wrapper.conf -> set your java path

wrapper.java.command=C:\Program Files\Java\jdk1.8.0_60\bin\java

Next goto bin -> select your OS -> Click StartSonar

enter image description here

Step 3: http://localhost:9000/

Default Login credentials

Username - admin

Password - admin

Step 4: Project Build gradle File

   repositories {
       jcenter()
       maven { url "https://plugins.gradle.org/m2/" }//add
   }

   dependencies {
       classpath 'com.android.tools.build:gradle:2.3.0'
       classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.6.1" //add
       // NOTE: Do not place your application dependencies here; they belong
       // in the individual module build.gradle files
   }
}

allprojects {
   repositories {
       jcenter()
   }
}

task clean(type: Delete) {
   delete rootProject.buildDir
}

Step 5: (Just copy & paste at bottom of build.gradle)

App Module Build gradle File

apply plugin: 'org.sonarqube'

sonarqube
       {
           properties
                   {
                       property "sonar.projectName", "RealmSample"
                       property "sonar.projectKey", "org.sonarqube:android-simple-sq-scanner-gradle"
                       property "sonar.language", "java"
                       property "sonar.sources", "src"
                       property "sonar.binaries", "build"
                       property "sonar.sourceEncoding", "UTF-8"
                       property "sonar.login", "admin"
                       property "sonar.password", "admin"
                   }
       }

Step 6: Gradle.Properties File

systemProp.sonar.host.url=http://localhost:9000
systemProp.sonar.login=admin
systemProp.sonar.password=admin

Step 7:

Open android studio terminal tab(Android studio bottom) & open your current project path ex: cd:\ d:yourProjectPath

And apply this command

Windows OS

.\gradlew sonarqube

MAC OS

bash ./gradlew sonarqube

Step 8:

Check now http://localhost:9000 (if not refreshed click refresh button)..

Now you can analyze your code.

Note: If anybody using mac try this

Step 1:(Install homebrew command) ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"

Step 2: Install open JDK (Java)

brew cask install adoptopenjdk

Step 3: Install Sonar

brew install sonar

Step 4: Start sonarqube

brew services start sonarqube

For kotlin support. (don't go latest version it will produce java version issue)

Use 7.3 version

download link - version https://www.sonarqube.org/sonarqube-7-3/

follow all above steps with 7.3 version and change language in build.gradle 

property "sonar.language", "kotlin"

Upvotes: 15

Ted Hopp
Ted Hopp

Reputation: 234847

I don't know about "best"; I only know about "useful". I would start by simply opening the Lint Warnings view (Window -> Show View -> Other -> Android -> Lint Warnings). Then you might consider using FindBugs, an excellent tool.

It's not a static code analysis tool, but during development you should enable StrictMode. It helps find a lot of coding problems specific to Android. (Turn it off for deployment!)

For other tools, take a look at this thread.

Upvotes: 16

Related Questions