PMD5: What can it do for you ?
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
Title |
| |
Title of Series | ||
Number of Parts | 84 | |
Author | ||
License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
Identifiers | 10.5446/40043 (DOI) | |
Publisher | ||
Release Date | ||
Language | ||
Production Year | 2012 |
Content Metadata
Subject Area | ||
Genre | ||
Abstract |
|
FOSDEM 201226 / 84
1
2
3
5
7
9
11
13
14
15
16
17
18
20
23
24
26
27
28
30
32
37
39
41
44
46
47
50
51
52
53
55
57
58
63
68
70
73
75
79
80
81
84
00:00
Boss CorporationPatch (Unix)Translation (relic)Projective planeInformation technology consultingStudent's t-testLecture/ConferenceComputer animation
00:26
Boss CorporationPatch (Unix)Translation (relic)Computer animation
00:43
Product (business)SoftwareProjective planeProduct (business)Software developerCodeArithmetic meanOpen sourceSource codeJava appletRun time (program lifecycle phase)FamilyRevision controlRight angleWindowSemiconductor memoryComputer animationLecture/Conference
02:25
Source codeHill differential equationRule of inferenceMach's principleSoftwareMaxima and minimaNormed vector spaceEmailSinc functionMereologyString (computer science)Proper mapSoftware developerMultiplication signPattern languageExpressionDifferent (Kate Ryan album)Patch (Unix)Exception handlingFilm editingComputer programmingRevision controlPlastikkarteGraph (mathematics)Network topologyCausalityPoint (geometry)Software bugGoodness of fitCodeWordRight angleData managementBounded variationTraffic reportingSource codeAbstractionThread (computing)Java appletUsabilityAbstract syntaxLecture/Conference
06:13
SoftwareSlide ruleTraffic reportingSocial classCodeMereologyPlug-in (computing)Point (geometry)ExpressionLecture/Conference
07:03
SoftwareParsingProgramming languageDifferent (Kate Ryan album)CodePlastikkarteGoodness of fitSocial classPasswordParameter (computer programming)Lecture/Conference
07:30
CodeJava appletParsingFormal languageAbstract syntax treeIntegrated development environmentExecution unitSoftwareDisintegrationPoint (geometry)Programming languageParsingArithmetic progressionRevision controlScripting languagePlastikkarteAlpha (investment)Set (mathematics)Process (computing)Formal languageMachine codeNear-ringCodeTerm (mathematics)Source codeOvalMoment <Mathematik>Software testingRight angleEvent horizonState of matterTesselationLecture/Conference
10:03
Execution unitSet (mathematics)Programming languageStatement (computer science)Computer fileDescriptive statisticsLecture/Conference
10:23
Moment of inertiaComputer fileMessage passingSocial classStatement (computer science)Moving averageGame theoryLocal ringJSONXMLLecture/Conference
10:55
CodeSpherical capLine (geometry)Statement (computer science)PlastikkarteCohen's kappaAbstract syntax treeSlide ruleComputer animationLecture/Conference
11:48
Slide ruleMultiplication signAxiom of choiceFeedbackRevision controlWritingPoint (geometry)Set (mathematics)Expert systemLatent heatScripting languageMixed realityOvalAuditory maskingWindowJava appletComputer animationLecture/Conference
14:14
Hacker (term)Content (media)Open sourceSoftware protection dongleVideoconferencingXMLJSONUML
Transcript: English(auto-generated)
00:01
OK, so I will start. Is the camera on already? I hope so. So well, basically, this is me. So first, about myself, because I'm kind of narcissistic. So I am working by Red Hat. I'm a, what was I called that? Middleweight consultant. So I'm from the Jibos wall of Red Hat.
00:21
Why I'm here today is because I talk about PMD, which is a project I've been working on for the last four years. And I also want you to know that I am a DBCS enthusiast. I really like Geet, and I really like Mercurial, this kind of thing. It's kind of actually go together with PMD for some reason. And finally, I also teach on part-time.
00:43
So anyway, OK, of course, I'm working for Red Hat. I do have the Red Hat, but back at my home. So PMD is not a Red Hat product. I'm not going to say anything on behalf of Red Hat. If I do say something stupid, Red Hat is innocent. Thanks, Red Hat, for paying me the trip.
01:02
Nice, and for those who don't know, we are still looking for the Red Hats that our founder lost 20 years ago. So if you ever find it. Anyway, first, what is PMD? Well, funny thing, when I arrived this morning in Bruxell, I found out about PMD, meaning that in Bruxell. It's actually quite good,
01:21
because PMD is a Java code checker. So it's not actually a garbage can, but it's looking for garbage inside your code. And it's a static code analyzer. By static, I mean that it's analyzing the code source. It's doing nothing dynamically at runtime. It's not going to map memory. It's just going to analyze source code.
01:41
Well, it's worked with innovation of Java, obviously. Similarly, on Windows, Linux, and even OpenVMS. I've deployed PMD on OpenVMS. Don't ask me why. And it was released on the BSD for, I think, 2002. Whatever, it's an open source project, sadly. I think we need to move out of source for another issue.
02:01
It was done by Tom Kaplan, and it was maintained since then by 50 different developers. So we have a large community. So right now, there is not 50 active developers, but overall, in the last eight years, we had more than 50 developers, not 150. Anyway, what PMD can do for you?
02:22
So as I said, it's basically going to check your code. So the very stupid thing it can do for you is convention, checking that you do, respect the naming convention. It's kind of dumb, but the good thing with PMD, it's easily configurable. So you can pick the one you want or the one you don't want to have to have.
02:40
More usefully, PMD can find bugs. You can use existing world to check your code, saying, hey, do you find anything bizarre in my code, anything weird, or any kind of anti-pattern? It can also spot that. Specifically, in Java world, it's able to check how you handle exception, which is also good,
03:00
and also unused code, proper use of logger, all this kind of stuff, many stuff around string manipulation, are you using string builder, are you using string, what is the other one? Well, the right kind of thing you have to use, whatever. Basically, there is more than 250 worlds coming with PMD, which is a lot of worlds.
03:20
So now you're going to say, okay, I don't care. I mean, obviously, you're coming to post them. You're all very bright developer. You all can occur, so you don't need to have a tool telling you how to code. Yes, but can you actually remember more than 200 different programming role while you're coding?
03:41
Probably not. Nice to have a tool doing that for you. Do you really want to spend time teaching a young developer every kind of practice you may have set up in your team, every kind of role you may have internally, any kind of whatever you do. You'd rather have a tool doing that for you. Of course, the good thing with PMD,
04:01
you can have report, and you can give report to your manager, and what you can do, which is very cool, is say, hey, you know, you've been pushing us to make this quicker than expected, and now we end up having that much variation. Since the last month, we have like 300 variations more than before. The code is getting dirty, and there is a way
04:22
for you to show that to your manager, a way you can understand with graph. Well, of course, it is called review because when you're going to get a patch from somebody or going to review something, just go, launch PMD, and see what PMD is somehow complaining about. Okay, so that's what it does,
04:42
and if you are still not really convinced, still saying that you really don't need it, remember that even Linus Torvald from Linux kernel did refuse patches because he didn't follow convention. I remember a thread about a guy being very unhappy because he sent his patch one time, two time, three time, and he got no reply,
05:00
and Linus told him, you don't follow our convention. I don't care how bright your code is. Go to hell. It's also the whole point behind Git and behind DVCs and behind versioning is to have like the cleaner possible code. If PMD can make your code being very clean before you commit it, you have already win something.
05:20
Well, just on a side note, if you don't believe that you'll be coding anymore because you're going to do that source code, well, we've been trying to do that for the last 40 years and we're still writing code manually, so good luck with that. Well, anyway, I already said that, so whatever. So now, how does PMD work? It's actually quite dumb. PMD is fetching your source code,
05:41
pre-compiling it, getting an abstract syntax tree, which is basically a tree, representing the source code, and it's just going to apply a visitor pattern on it and just browse every part of the code. And what the role does is like checking if, oh, I have this thing in this part of the tree and this other thing here. I should report a relation.
06:02
It's very dumb, and one of the good thing is that you can code those roles as merely as Java role, but you can also call them as simple XPath expression. We're going to see that later. Okay, next one. Okay, so basically what I meant by all those slides is that PMD is your friend. It's not this bugging, crappy tool
06:22
which is going to send report to you about stuff you don't care. You just pick whatever you want in it. If you want to have this role, pick it. If you don't like it, don't pick it. It's integrated, it's most EDE, so if you want to use EDE, you can probably get a PMD plugin for it. And it's integrated in any kind of build,
06:41
so if you don't want to have it in your EDE, but you want to have it in your build, you can also do it. You can define your own role using XPath, which is basically the most useful part of PMD. And of course, if at some point there is this big class in your code that you don't want to change, and you don't want PMD to keep bugging you about it, you can disable PMD.
07:01
You can disable PMD on this class. Okay, one other cool tool coming with PMD is CPD, Copy and Paste Detector, which is basically going to find any kind of duplicated code in your code base. This is quite useful, and CPD is working already on a gazillion different kind of languages.
07:21
It's very easy to implement a new parser for CPD, because there is this dumb class, you just copy and paste it, tweak two or three parameters, and, whoa. Yeah, okay, that's bad, but, you get my point here. And if you really want to do, I mean, this first version of the parser is going to be very crude but you can make a, if you have a correct AST,
07:42
you can make a better one. Okay, so now why I did this talk is to talk about PMD5. And PMD5 has just been released in alpha state, and there is basically two features and only one really useful. It's that now PMD is supporting different languages. You can plug whatever languages you want into PMD.
08:03
So right now, we already done that for XML on JavaScript, but if you basically have some jars having an AST of whatever language is, plug it into PMD and you can check your code source, any code source with PMD, which is nice. This big, big job was done by Ryan Gustafson
08:21
two years ago, and sadly, he had this very bad event. He had kids, so he became a phaser, so he stopped coding. So that's why we had to wait a little while before releasing it because for a while, nobody was working on it. Anyway, we also streamlined the build process. So before to build PMD, you had to have an unscript,
08:42
then a maven script one, and a maven two script. Now we have only maven two. It's not very interesting, which is a big progress in terms of working with it. We have released this alpha release mostly because of this talk, but also because we want to have looked for regression, have people testing it, playing with it,
09:00
so please do download it, play with it, and let us know if you have any issue. What else? Yeah, okay, so as I already said quickly, PMD5 is coming for support for ECMAScript, which is a smart name of JavaScript. So if you have this messy piece of JavaScript code, you can use PMD to parse it. Right now, we have like 13 worlds, so not that much,
09:22
but hopefully because PMD is released, you're going to write worlds and give us to go all back, and we're going to have a large set of worlds very quickly. You also can do it with any kind of XML-based languages, which is interesting because there is many, many XML-based languages, such as XML.
09:41
In the near future, I'm going to integrate Groovy. I'm actually working with that right now. I hope to integrate Cylon very quickly. Cylon is this new language from Red Hat, if you want to know about it, and I hope to integrate also quickly Scala, which I think really need it because Scala can be very cryptic. Anyway, just to give you a quick idea
10:02
on how it's working. So this is basically a role in PMD. So you have an XML file, and you say, okay, this is my role name, which languages this world is parsing for, a brief description, a crazy or not crazy expat statement. This one is already somewhat correct, and a set of example behind it.
10:20
That's all you need to create a role in PMD. Just do an XML file, put this role into an XML file, find a way for this XML file to be into a PMD class pass on your running. You can easily have, I don't know, several hundred roles that you've done by yourself working on your local setup with PMD, like that.
10:44
It's very nice. Well, it's very nice, but you're going to say to me, how can I write such a crazy expat statement? Fortunately, we have a tool called Designer. The Designer is basically showing you, you put your code here, so put the crappy code here.
11:02
I think this one is, can I use that tool? Yeah, cool. So you put the crappy code over here. You got here, you got an AST of this code, so when you put that on, I think click here or click go on this button, you're going to get an AST here, and then you can try to write an expat statement which is going to match this AST,
11:21
and if it's matching, it's going to upper here. I match on this line. So with this Designer tool, which is very crude, but probably doing what we need, you can wrap up a role for PMD in like maybe, I don't know, one hour of work without knowing expats. It's very quick.
11:41
And I think I have one last slide. Yep, so just to show you, it's already integrated in Eclipse, so you already have this PMD5 available as an Eclipse plugin, and as you can see here, you can already see that there is ECMAScript role mixed with other role, so here is ECMAScript.
12:05
Well, actually, it's a crappy slide. I was hoping to show you something more like, oh, look what's happening when PMD is working inside your Eclipse, but I failed to do so because I don't like Eclipse, and I don't like having PMD inside Eclipse, but that's a personal choice.
12:21
Cool, I have time for question. Any question? Except the fact that I do speak too quickly, which is not a question, I mean, it's a statement. No, ready? Okay, well, cool.
12:41
Well, ECMAScript is the JavaScript. Yeah, I always put ECMAScript, but actually, people don't know that, so ECMAScript is a specific version of JavaScript, and I think JavaScript was the name of the ECMAScript from Windows, but I'm not sure. We got certain role running, so it's supported.
13:01
That's the whole point of PMD5.0 was to put that out, so you can write role for ECMAScript. What we are not supporting right now is something else than ECMAScript XML and Java, and hopefully, very soon again, we're going to have Groovy also on other languages. Yep, this is exactly what we need to know by using that,
13:31
so if you have time to run PMD over a set of script using jQuery and see what's happening, and if it's getting confused or not, we would really like that.
13:41
Basically, we are using the Rhino engine from Mozilla to pass JavaScript, so it might already, I'm not an expert in JavaScript, it might already give you what you want to know here, but yeah, definitely, this is the kind of feedback I have no clue how PMD is going to handle that. Is it going to get completely confused about what jQuery is doing? I have no idea.
14:02
I got one minute left. No more question? Sure? Thank you very much. Thanks, chocolate. Thanks.