Findbugs vs Google CodePro AnalytiX (Eclipse plugins)

JMarques picture JMarques · Jul 30, 2012 · Viewed 11.7k times · Source

I already have used the Google CodePro AnalytiX but I never used Findbugs.

My first impression with Findbugs is that it is harder to configure. After that, I believe that both are similar.

What's your opinion?

Just one more question related: None of these plugins sent our code to the servers, right? (for example, if we use CodePro our code isn't sent to Google Servers).

Answer

Bananeweizen picture Bananeweizen · Jul 31, 2012

Update in 2016: CodePro Analytix is not available anymore, so go with Findbugs.


Original answer

better in CodePro Analytix:

  • Issue level (error, warning, info) can be changed for every item. Findbugs can only enable/disable issues.
  • Many issues can be configured in detail (like the list of blacklisted swear words).
  • Can show you all the issues in the currently opened editors (and adapts this when opening or closing editors), which is much more convinient then selecting packages, projects or whatever and then to manually trigger a scan on them
  • Several issues can be fixed automatically (like declaring all parameters final). In Findbugs everything must be done manually.

better in Findbugs:

  • Is more concentrated on typical Java programming bugs (but does not have the rich selection of issues like CodePro)
  • does more analysises that need a lot of context information
  • can be used locally in Eclipse or on an integration server like Hudson/Jenkins
  • configuration on Hudson/Jenkins and in local IDE can be shared, so you see the exact same results in your IDE and on the server
  • has a "cloud mode", where distributed teams can share their findings (and the evaluation of the findings), so that they do not all check the same issues again

All of the above was more related to how you can work with the tool. The actual finding of bugs may depend very heavily on the project to be checked. In the past I often suggested to use both, Findbugs first, CodePro afterwards:

Do the first checks with Findbugs, as it finds the more severe issues. But after those have been fixed, you may find yourself in lots of noisy issues (or even false findings). Therefore after working on the most severe issues of Findbugs, I suggest switching to CodePro Analytix as it has less false findings and can be controlled in more detail.