Emilio Suarez's WebLog

Wednesday, February 28, 2007

Klocwork Developer for Java

I recently installed the just released Klockwork Developer Plugin for Eclipse, which is supposed to contain all of Klocwork's source code analysis algorithms in a nice package that integrates with Eclipse.

I ran the tool agains several projects that I am working on and some open source code bases, and the results were pretty good. Klocwork displays the complete list of findings that enable you to go through the code and see where the problems are. It works by creating a new perspective which add two panes: Klocwork Findings and Klocwork Details. The details also provide a very comprehensive help page information that shows in detail what the problem is, what the vulnerability/risks and how to fix it.

One thing that I thought was missing was an export capability to something like HTML, so that one could review the issues offline. In general I think this is a pretty good tool, that does a very good job analyzing the code, finding possible bugs and a very complete help system, but being a hard-core user of IntelliJ IDEA, I still find that the code inspections integrated in the IDE are much better and the user interface is better too... and it contains a rudimentary HTML export option which is sometimes handy.

At $299 per Klocwork license I think it is a little expensive... I would rather get IDEA for a little more, but I am getting a powerful code analyzer and a real IDE ;-)