Java has held a special place in the hearts of many developers since its release more than two decades ago, including our own. Since it is such a mature, widely-used technology, there are also plenty of great automated Java code review tools to choose from today.
According to last year’s Stack Overflow Developer Survey, it is still among the 5 most popular programming languages.
Source: Stack Overflow
Also, according to the TIOBE index, Java is still the number one programming language today, just barely surpassing C. The index is calculated using the number of skilled engineers world-wide, courses and third party vendors, as well as queries in popular search engines such as Google, Bing, Yahoo!, Wikipedia, Amazon, YouTube and Baidu.
Code reviews are processes where software developers and testers check if an already written source code complies with coding conventions and standards.
Apart from manual code reviews, static and dynamic code analysis can also be conducted with the help of automated tools.
Static code analysis tools examine the source code without executing it. Dynamic analysis is conducted while the code, or a part/unit of it (for example unit or integration testing) is being run.
Poor source code quality causes plenty of headaches, overworked days and sleepless nights for developers and product owners alike. Planning and conducting code reviews is often ignored by management, usually leading to long-lasting negative effects on development efficiency and even the whole business.
To briefly summarize, if the quality of the source code is left to deteriorate:
For anyone who is interested in reading more about the effects of low-quality code, we’ve dedicated a whole article to this topic not long ago.
Java has been our go-to technology for many custom software development projects over the last decade. It is, in fact, our most frequently-used programming language to date.
We’ve encountered many Java-based software projects throughout our work that were struggling to move forward because the source code had gotten so unstable that it was difficult, or straight-up impossible to develop further.
We were only able to stabilize these software products and continue feature development after running a whole assortment of tests and completing a ton of code refactoring work. The following recommendations are based on the experience gained throughout these projects.
Checkstyle is a static code analysis tool used in software development for checking if Java source code complies with coding rules. It basically automates the lengthy process of checking code and helps Java developers enforce coding standards.
It can find anything from class or method design problems to code layout and formatting issues. You can find the complete list of checks here.
Checkstyle has a large number of plug-ins as well that let teams integrate continuous code checks into their projects.
PMD or Programming Mistake Detector is an open source static source code analyzer that reports on issues found within application code.
The tool is used to detect common mistakes made in the code by using the standard rules or defining custom rule sets. Using PMD, teams can detect common flaws around naming conventions, unused variables and parameters, empty catch blocks, unnecessary object creation, etc.
PMD has plugins for JDeveloper, Eclipse, jEdit, JBuilder, Maven, Ant, Gradle, Jenkins, SonarQube and many other tools and IDEs.
PMD also contains CPD (or the Copy/Paste Detector), which is used to detect duplicate code in. We find this to be a very useful add-on, as duplicate code can be quite hard to find, especially in a large project.
Eliminating duplicated blocks of code is important for a number of reasons, like removing unnecessary grunt work during refactoring. It puts a lot of pressure on the developer to remember where they are located and edit them when making significant changes on the code base.
Also, if they are working in a team, developers otherwise have no way of knowing where other team members inserted duplicate code segments. This can make future development and maintenance tasks much more complicated.
JetBrains Space is a new unified platform that offers a complete toolchain for the software development pipeline, as well as tools for team collaboration at companies of any size.
It removes the silos that are often inherent to organizations, helps individuals and teams be more productive, and makes software development and collaboration more enjoyable.
Apart from offering most features as other java code review tools, developers can also host Git repositories, review code, automate CI/CD, store and publish packages, develop remotely with cloud dev environments, manage issues and documents, and communicate in chats – all in one place.
Space is available on the web and as a mobile app for iOS and Android.
SonarQube is an open-source code quality inspection platform. It is used to perform automatic reviews with static analysis of code to detect bugs, coding errors, and security vulnerabilities.
The platform offers reports on duplicate code blocks, coding standards, unit tests, code coverage, code complexity, comments, bugs, etc.
It is a popular choice for analyzing Java code, especially for teams using Maven and Gradle, but others can also use it by manually providing bytecode to the analysis.
JArchitect is a static analysis tool specifically meant for Java code. It supports a large number of code metrics like number of parameters, variables and lines of code, cyclomatic complexity, afferent and efferent coupling and so forth.
JArchitect also allows teams to expose architectural flaws, visualize and manage dependencies using directed graphs and a dependency matrix. This is only a few of the many useful features the platform can provide.
JUnit is a unit testing framework for the Java programming language. For reference, unit testing is a method for evaluating the performance of individual units, components or modules of the source code.
The framework allows teams to write and run unit tests for Java 8 and above. Its latest version, JUnit 5 is composed of several different modules:
JUnit is the most popular unit testing framework for Java development projects, and is often listed among the most commonly included external libraries in general.
JaCoCo is an open-source toolkit for Java, used for measuring and reporting code coverage.
The term ‘code coverage’ is used in software development to define how much of a program’s source code is covered by a testing plan.
We are including this as sort of an honorable mention, as some other tools, IDEs and platforms already include JaCoCo as a plug-in. A few examples of these are:
Of course, these recommendations are purely based on our own experience and preferences.
Which Java code review tools you’ll choose for your own development projects should be based on a fair amount of testing and their compatibility with your technology stack of choice.
If at any point you find yourself in need of another set of eyes during code reviews, don’t hesitate to reach out to us with your questions.
Thanks for reading our article!