SpotBugs Reviews

SpotBugs Description

It is freeware, distributed under terms of the GNU Lesser General Public License. SpotBugs forks FindBugs, which is now abandoned. It continues from where it left off thanks to the community. For more information, please refer to the official manual. SpotBugs is only compatible with JRE (or JDK), version 1.8.0 or higher. It can, however, analyze programs compiled with any Java version, from 1.0 up to 1.9. SpotBugs scans for 400 different bug patterns.

Integrations

API:

Yes, SpotBugs has an API

View Integrations

Reviews

Total

ease

features

design

support

No User Reviews. Be the first to provide a review:

Write a Review

Company Details

Company:

SpotBugs

Website:

spotbugs.github.io

Media

Product Details

Platforms

SaaS

Type of Training

Documentation

Customer Support

Online

SpotBugs Features and Options

Static Code Analysis Software

Compare SpotBugs Against Alternatives

vs.

Checkov

Verify that changes have been made to hundreds of supported resource types across all major cloud providers. A simple Python policy-as code framework can scan cloud resources for misconfigured attributes in build-time. Checkov's graph-based YAML policy allows you to analyze the relationships...

Compare
vs.

CodePeer

The Most Comprehensive Static Analysis Toolsuite available for Ada. CodePeer assists developers to gain a deeper understanding of their code and create more reliable and secure software systems. CodePeer is an Ada code analyzer that detects logic and run-time errors. It helps to identify errors...

Compare
vs.

froglogic Coco

Coco®, a tool for multi-language code coverage, is available. Automated source code instrumentation can be used to measure test coverage for statements, branches, and conditions. When a test suite is run against an instrumented application, data can be collected that can be later analyzed. This...

Compare
vs.

DoubleCheck Code Analysis

Traditional debugging and testing methods are not sufficient to ensure software quality, reliability, security, and security in today’s complex code bases. Static source code analyzers and other automated tools are more effective at detecting defects that could lead to buffer overflows, resource...

Compare
vs.

CodeSonar

CodeSonar uses a unified dataflow with symbolic execution analysis to examine the entire application's computations. CodeSonar's static analyze engine is extremely deep and does not rely on pattern matching or similar approximations. It finds 3-5 times more defects than other static analysis...

Compare
vs.

Checkstyle

Checkstyle is an application that checks Java source code to ensure it adheres to a set of code standards or validation rules.

Compare
vs.

Sider Scan

Sider Scan is a fast tool that detects duplicate code and monitors for problems. GitLab CI/CD integration, GitHubActions, Jenkins & CircleCI® integration. Installation using a Docker image. Easy sharing of analysis details between teams. The background runs continuous and fast analysis. Support...

Compare
vs.

Klocwork

Klocwork static code analysis for C, C++ and C#, JavaScript, and the SAST tool for JavaScript, helps to identify software security, reliability, quality, and compliance issues. Klocwork is designed for enterprise DevOps/DevSecOps. It scales to any project, integrates with large complex...

Compare

Similar Software

CodePeer

The Most Comprehensive Static Analysis Toolsuite available for Ada. CodePeer assists developers to gain a deeper understanding of their code and create more reliable and secure software systems. CodePeer is an Ada code analyzer that detects logic and run-time errors. It helps to identify errors...

View Software
PMD

PMD is an analyzer of source code. It detects common programming errors like unused variables and empty catch blocks.

View Software
DoubleCheck Code Analysis

Traditional debugging and testing methods are not sufficient to ensure software quality, reliability, security, and security in today’s complex code bases. Static source code analyzers and other automated tools are more effective at detecting defects that could lead to buffer overflows, resource...

View Software
Checkov

Verify that changes have been made to hundreds of supported resource types across all major cloud providers. A simple Python policy-as code framework can scan cloud resources for misconfigured attributes in build-time. Checkov's graph-based YAML policy allows you to analyze the relationships...

View Software
froglogic Coco

Coco®, a tool for multi-language code coverage, is available. Automated source code instrumentation can be used to measure test coverage for statements, branches, and conditions. When a test suite is run against an instrumented application, data can be collected that can be later analyzed. This...

View Software