- Notifications
You must be signed in to change notification settings - Fork792
Static code analysis for Kotlin
License
detekt/detekt
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
Meetdetekt, a static code analysis tool for theKotlin programming language.Visitthe project website for installation guides, rule descriptions, configuration options and more.
- Code smell analysis for yourKotlin projects.
- Highly configurable rule sets.
- Generate baselines to suppress existing issues for legacy projects while making sure no new issues are introduced.
- Suppress issues in source files using
@Suppressannotations. - Support for different report formats: HTML, Markdown,SARIF, XML (Checkstyle) and custom reports.
- Extend detekt with custom rule sets and reports.
- Complexity reports based on lines of code, cyclomatic complexity and number of code smells.
- First party integration with Gradle with ourGradle plugin.
- A community ofthird party plugins that adds more rules and features to detekt.
- Changelog and migration guides
- Available CLI options
- Rule set and rule descriptions
- Writing custom rules and extending detekt
- Suppressing issues in code
- Suppressing issues via baseline file
- Configuring detekt
- Sample Gradle integrations examples:
curl -sSLO https://github.com/detekt/detekt/releases/download/v[version]/detekt-cli-[version]-all.jarjava -jar detekt-cli-[version]-all.jar --help
You can findother ways to install detekt here
plugins { id("io.gitlab.arturbosch.detekt") version"[version]"}repositories { mavenCentral()}detekt { buildUponDefaultConfig=true// preconfigure defaults allRules=false// activate all available (even unstable) rules. config.setFrom("$projectDir/config/detekt.yml")// point to your custom config defining rules to run, overwriting default behavior baseline= file("$projectDir/config/baseline.xml")// a way of suppressing issues before introducing detekt}tasks.withType<Detekt>().configureEach { reports { html.required.set(true)// observe findings in your browser with structure and code snippets xml.required.set(true)// checkstyle like format mainly for integrations like Jenkins sarif.required.set(true)// standardized SARIF format (https://sarifweb.azurewebsites.net/) to support integrations with GitHub Code Scanning md.required.set(true)// simple Markdown format }}// Groovy DSLtasks.withType(Detekt).configureEach { jvmTarget="1.8"}tasks.withType(DetektCreateBaselineTask).configureEach { jvmTarget="1.8"}// or// Kotlin DSLtasks.withType<Detekt>().configureEach { jvmTarget="1.8"}tasks.withType<DetektCreateBaselineTask>().configureEach { jvmTarget="1.8"}Seemaven central for releases andsonatype for snapshots.
If you want to use a SNAPSHOT version, you can find more info onthis documentation page.
Gradle 6.8.3+ is the minimum requirement. However, the recommended versions together with the other tools recommended versions are:
| Detekt Version | Gradle | Kotlin | AGP | Java Target Level | JDK Max Version |
|---|---|---|---|---|---|
1.23.8 | 8.12.1 | 2.0.21 | 8.8.1 | 1.8 | 21 |
The list ofrecommended versions for previous detekt version is listed here.
detekt itself provides a wrapper overktlint as theformatting rule setwhich can be easily added to the Gradle configuration:
dependencies { detektPlugins("io.gitlab.arturbosch.detekt:detekt-formatting:[version]")}Similarly, there are extra rule sets available for detekt from detekt:
dependencies { detektPlugins("io.gitlab.arturbosch.detekt:detekt-rules-libraries:[version]") detektPlugins("io.gitlab.arturbosch.detekt:detekt-rules-ruleauthors:[version]")}For more info visit theDetekt Marketplace.
Likewise customextensions can be added to detekt.
SeeCONTRIBUTING
Thanks to all the people who contributed to detekt!
As mentioned in...
- To Detekt 2.0, and beyond!
- droidcon London 2021 - Detekt - State of the Union
- KotlinConf 2018 - Safe(r) Kotlin Code - Static Analysis Tools for Kotlin by Marvin Ramin
- droidcon NYC 2018 - Static Code Analysis For Kotlin
- Kotlin on Code Quality Tools - by @vanniktechSlidesPresentation
- Integrating detekt in the Workflow
- Check the quality of Kotlin code
- Kotlin Static Analysis Tools
- Are you still smelling it?: A comparative study between Java and Kotlin language byFlauzino et al.
- Preventing software antipatterns with Detekt
Integrations:
- IntelliJ integration
- SonarQube integration
- TCA(Tencent CodeAnalysis) integration
- Codacy
- Gradle plugin that configures Error Prone, Checkstyle, PMD, CPD, Lint, Detekt & Ktlint
- Violations Lib is a Java library for parsing report files like static code analysis.
- sputnik is a free tool for static code review and provides support for detekt
- Detekt Maven plugin that wraps the Detekt CLI
- Detekt Bazel plugin that wraps the Detekt CLI
- Gradle plugin that helps facilitate GitHub PR checking and automatic commenting of violations
- Codefactor
- GitHub Action: Detekt All
- GitHub Action: Setup detekt
Custom rules and reports from 3rd parties can be found on ourDetekt Marketplace.
- JetBrains - Creating IntelliJ + Kotlin
- PMD &Checkstyle &ktlint - Ideas for threshold values and style rules
About
Static code analysis for Kotlin