Skip to content

A library to read static analysis reports into a Java object model

License

Notifications You must be signed in to change notification settings

jenkinsci/analysis-model

Folders and files

NameName
Last commit message
Last commit date

Latest commit

e1d6cda · Jan 8, 2025
Dec 19, 2024
Apr 15, 2024
Sep 13, 2024
Jan 18, 2022
Jan 7, 2025
Nov 19, 2024
Jan 8, 2025
Jan 17, 2020
Jan 18, 2024
Oct 8, 2018
Dec 20, 2022
Oct 18, 2023
Sep 13, 2023
Oct 13, 2023
Jan 9, 2024
Jan 7, 2025
Apr 15, 2024
Jan 8, 2025

Repository files navigation

Static Analysis Model and Parsers Library

Join the chat at Gitter/Matrix Jenkins CI on all platforms CodeQL Line Coverage Branch Coverage

This library provides a Java API to read, aggregate, filter, and query static analysis reports. It is used by my Jenkins' warnings plug-in to visualize the warnings of individual builds.

Jenkins Warnings Plug-in

Additionally, this library is used by my additional Quality Monitor GitHub Action, that monitors the quality of projects based on a configurable set of metrics and gives feedback on pull requests (or single commits) in GitHub. There are also two additional actions available, to autograde student software projects based on these metrics: GitHub Autograding action and GitLab Autograding action.

Quality Monitor GitHub Action

This library consists basically of three separate parts:

  1. A model to manage a set of issues of static code analysis runs. This includes the possibility to track issues in different source code versions using a fingerprinting algorithm.
  2. Parsers for more than a hundred report formats. Among the problems this library can detect:
    • messages from your build tool (Maven, Gradle, MSBuild, make, etc.)
    • errors from your compiler (C, C#, Java, etc.)
    • warnings from a static analysis tool (CheckStyle, StyleCop, SpotBugs, etc.)
    • duplications from a copy-and-paste detector (CPD, Simian, etc.)
    • vulnerabilities
    • open tasks in comments of your source files
  3. Additional descriptions for a selected set of static analysis tools that provide details for individual violations (including code samples, solutions, or quick fixes).

All source code is licensed under the MIT license.

Contributions to this library are welcome, please refer to the separate CONTRIBUTING document for details on how to proceed!