Overview
Experimental
This feature is disabled by default and has to be manually enabled in the gradle.properties file before building.
There are many code analysis tools available, and they frequently yield a wide range of different results. However, finding and configuring the correct tools for your projects is time-consuming and distributes the results into separate report files. Plugins are designed to make adding new tools easier and to allow for quickly swapping preferred analysis methods.
What are Plugins?¶
Plugins are - as the name suggests - modular analysis additions that run other open-source tools. Since those tools are independent of each other, the same finding may occur multiple times if they are reported by more than one tool.
By default, Codyze creates a single consolidated report for all analysis runs by combining the reports generated by the plugins into its primary output file. This behaviour can be toggled in the configuration of each plugin.
Configuration Options¶
Each plugin can be configured through the following options:
| Key | Value | Description | Mandatory |
|---|---|---|---|
| target | Path[] | The target file to be analyzed by the plugin | Yes |
| context | Path[] | Additional plugin-dependent context | (Yes/No) |
| separate/combined | Boolean | Whether the plugin report should be standalone | No |
| output | File | The location of the plugin report. | No |
The context adds a way of giving additional information to a plugin that may be necessary to complete the analysis. Therefore, the specific plugin defines whether this option is necessary, optional or ignored.
The default result format is a combined report file. In this case, the output option is ignored
Available Plugins¶
Note
The list of available plugins may expand in future updates.
| Name | Version | Source | Website | Analysis Target |
|---|---|---|---|---|
| PMD | 7.2.0 | GitHub | github.io | Source Code |
| FindSecBugs (SpotBugs) | 1.12.0 4.8.2 | GitHub GitHub | github.io github.io | Compiled Java Code |