Are there any tools like Findbugs/Spotbugs/Sonarli...
# announcementsn
Nezteb
05/01/2019, 1:00 AMAre there any tools like Findbugs/Spotbugs/Sonarlint that work for Kotlin? Or do those 3 also work for Kotlin?
m
Mike
05/01/2019, 1:42 AMhttps://arturbosch.github.io/detekt/ or https://ktlint.github.io/. I use Detekt.
Mike
05/01/2019, 1:42 AMand there’s a channel for #C88E12QH4
x
xenoterracide
05/01/2019, 2:00 AMdetekt doesn’t do bytecode analysis, afaik spotbugs doesn’t work on kotlin yet for some reason unknown to me.
m
Mike
05/01/2019, 2:13 AMI’m not sure why that’s a problem. Aren’t these all source code static analysis tools?
x
xenoterracide
05/01/2019, 2:21 AMfindbugs and spotbugs are bytecode analysis tools, detekt is a source code analysis
xenoterracide
05/01/2019, 2:21 AMdifferent approach’s can find different bugs
m
Mike
05/01/2019, 2:33 AMI didn’t realize findbugs was bytecode rather than source code, and wasn’t familiar with Spotbugs. Sonarlint though is source code, isn’t it? Since it’s basically running Sonarqube.
So Detekt could be what is required, or if nothing else, is a very valuable tool.
If they work on bytecode, then I’m surprised Findbugs and Spotbugs don’t work.
My employer uses Fortify, and we do bytecode analysis of Kotlin since Fortify doesn’t support source code analysis for Kotlin.
11 Views