Boost Java Code Quality with Alibaba Guidelines, CheckStyle, PMD, FindBugs & SonarLint

Why Code Quality Matters

As business logic expands, previously simple and stable functions can become complex, exposing hidden risks that threaten service stability and business value. Improving code quality through static analysis tools reduces the burden of manual code reviews and helps catch defects early.

1. Alibaba Java Coding Guidelines

Overview

The plugin enforces Java coding standards, categorizing violations as Blocker, Critical, or Major, and can automatically fix many issues. It provides real‑time inspection while coding.

Installation

Navigate to File > Settings > Plugins > Marketplace, search for “Alibaba Java Coding Guidelines”, install, and restart the IDE.

How to Use

Run the scan via Tools > Alibaba Coding Guidelines > Scan or right‑click in the project view and select “Scan”.

Toggle real‑time detection if the machine performance permits.

Switch UI language between Chinese and English.

Key UI Functions

Rerun Inspection

Close panel

Expand/Collapse result tree

Navigate to previous/next problem

Group results by severity or directory

Filter resolved items

Export results as XML or HTML

Edit settings

2. CheckStyle

Overview

CheckStyle focuses on coding style and formatting rules such as naming conventions, Javadoc, whitespace, method length, duplicate code, and unused imports. It does not detect runtime bugs.

Installation

Install via File > Settings > Plugins > Marketplace by searching for “CheckStyle”.

Usage

After installation, the plugin runs automatically on file save, highlighting style violations in the editor.

3. PMD

Overview

PMD provides rule‑based static analysis with a focus on security‑related patterns, data‑flow, and potential bugs. It supports custom rule sets.

Potential bugs: empty try/catch/finally/switch

Dead code: unused variables, methods

Code misuse: String/StringBuffer overuse

Complex expressions: unnecessary ifs, replaceable loops

Duplicate code

Object creation inside loops

Resource leaks: unclosed connections, statements, results

Installation

Install “PMDPlugin” through the Marketplace in the IDE settings.

How to Run

From Tools > Run PMD to scan the whole project.

From the right‑click context menu to scan the selected scope.

Configuration

Open File > Settings > Other Settings > PMD to manage rule sets and options such as “Skip TestSource” to ignore generated test code.

4. FindBugs

Overview

FindBugs detects runtime bugs like null‑pointer dereferences, resource leaks, and incorrect string comparisons, offering quick fix suggestions.

Installation

Install via the Marketplace by searching for “FindBugs”.

Usage

Run analysis on a file, package, module, or entire project via the right‑click menu; results appear in a panel with clickable items that navigate to the offending code.

5. SonarLint

Overview

SonarLint extends static analysis beyond bugs to cover code quality, dependency analysis, complexity, and code duplication. It can connect to a SonarQube server for centralized rule management.

Installation

Install “SonarLint” from the Marketplace.

How to Use

Right‑click a project or file and select SonarLint analysis. Enable “Perform SonarLint analysis” in commit settings to run checks automatically.

Server Configuration (Optional)

Configure a SonarQube server in the SonarLint settings by providing the server URL, login, and password, then bind a specific project for analysis.

Conclusion

For coding‑style enforcement, Alibaba Java Coding Guidelines is sufficient. For bug detection, combine PMD, FindBugs, and SonarLint: PMD offers strong custom rule support, FindBugs excels at bug discovery, and SonarLint provides the most comprehensive coverage.