Boost Java Code Quality: A Complete Guide to Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

Alibaba Java Coding Guidelines

The Alibaba Java Coding Guidelines plugin enforces Java coding conventions and classifies violations into three severity levels: Blocker, Critical, and Major. Most issues can be auto‑fixed, and the plugin provides real‑time inspection while coding.

Installation : Open File > Settings > Plugins > Marketplace, search for “Alibaba Java Coding Guidelines”, install, and restart the IDE.

Usage :

Run a full scan via Tools > Alibaba Coding Guidelines > Scan.

Or right‑click in the editor/project and choose “Scan Coding Guidelines”.

The result panel groups issues by severity (Blocker > Critical > Major). Selecting an issue shows a description and a quick‑fix button. The toolbar includes actions such as “Rerun Inspection”, “Expand All”, “Collapse All”, navigation between problems, and export to XML/HTML.

CheckStyle

CheckStyle focuses on code style and formatting rules, including naming conventions, Javadoc, whitespace, method length, duplicate code, and unused imports. It is primarily a grammar‑level checker and does not detect runtime bugs.

Installation : File > Settings > Plugins > Marketplace, search for “CheckStyle”, install, and restart.

Usage : Open the CheckStyle tool window and run a scan. The default configuration includes the strict “Sun Checks” profile; for real projects it is recommended to provide a custom configuration file to avoid excessive warnings.

PMD

PMD provides security‑related and data‑flow analysis rules. It can detect potential bugs, dead code, misuse of String / StringBuffer, overly complex expressions, duplicate code, object creation inside loops, and resource‑closing problems. Custom rule sets are supported.

Installation : File > Settings > Plugins > Marketplace, search for “PMDPlugin”, install, and restart.

Running PMD :

From the menu: Tools > Run PMD scans the whole project.

Right‑click a file or folder and choose “Run PMD” to scan the selected scope.

Rule configuration : Open File > Settings > Other Settings > PMD to import custom rule files or enable predefined sets (e.g., “All”). The result panel displays a tree of issues; clicking an item jumps to the source location.

FindBugs

FindBugs targets runtime bugs such as null‑pointer dereferences, resource leaks, and incorrect string comparisons (using == instead of equals). It provides concise suggestions for each detected problem.

Installation : File > Settings > Plugins > Marketplace, search for “FindBugs”, install, and restart.

Usage : Run scans on a single file, a package, a module, or the entire project via the right‑click context menu. The result panel lists issues; selecting an item highlights the problematic code.

SonarLint

SonarLint extends static analysis beyond bugs to cover code quality, dependency analysis, complexity, and code duplication. It can be used as an IDE plugin or as a standalone client.

Installation : File > Settings > Plugins > Marketplace, search for “SonarLint”, install, and restart.

Usage : Right‑click a project or file and select “SonarLint” to run analysis. Results appear in a panel with issue details and suggested fixes.

Optional server configuration : To connect SonarLint to a SonarQube server, add a new server under “SonarLint → Servers”, provide the server URL and credentials, then associate the project with that server and enable “Perform SonarLint analysis” on commit.

Tool Selection Guidance

Use Alibaba Java Coding Guidelines for baseline formatting enforcement and real‑time inspection.

Combine PMD, FindBugs, and SonarLint to cover bugs, security issues, and overall code health.

PMD offers strong custom‑rule capabilities; FindBugs excels at runtime bug detection; SonarLint provides the most comprehensive rule set, including code quality and complexity metrics.