What is static code analysis? What is it good for? What tools are available, and what's the best way to set them up?
In this course, we clean up a legacy Java application by first automating the build with GitHub Actions and setting up and configuring various static code analysis tools.
We have all bugs, code smells, and security vulnerabilities aggregated into SonarCloud. We also connect SonarCloud to our IDE (IntelliJ or Eclipse) so that we can see the issues right where they arise.
We investigate the offending code locations and fix the defects.
We also discuss strategies for gradually optimizing large legacy applications with thousands of code smells.
SCA tools used:
The SCA tools and Maven are all open source. GitHub Actions can be used for free in open source projects.
You can find more information about my course offerings on the overview page.
Send your inquiry to [email protected]
Trainer: Sven Woltmann
Duration: 1 day
You can find price details on the Java trainings overview page.