SourceMeter for Java is a source code analysis tool able to perform the deep static source code analysis of complex Java systems. SourceMeter can analyze source code conforming to Java 10.
Source code metrics are used to quantify different source code characteristics. FrontEndART SourceMeter computes source code metrics for the following source code element types: components (e.g. archives), source files, packages, class types (including classes, interfaces, enums and annotations) and methods. The calculated metrics are divided into 6 categories, which are the following:Cohesion metrics measure the extent of coheresion between source code elements in the system.Complexity metrics measure the complexity of given source code elements (typically algorithms).Coupling metrics measure the amount of interdependencies between source code elements.Documentation metrics measure the amount of comments and documentation of source code elements in the system.Inheritance metrics measure the different aspects of the system's inheritance hierarchy.Size metrics measure the basic properties of the analyzed system in terms of different cardinalities (e.g. number of code lines, number of classes or methods).
Code cloning (or copy-paste programming) is the copying of an existing piece of source code and pasting it somewhere else while performing smaller modifications on it. FrontEndART SourceMeter is capable of identifying Type-2 clones, i.e. code fragments that are structurally identical, but may differ in variable names, literals, identifiers, etc. Clones are tracked during the source code analysis of consecutive revisions of the analyzed software system. FrontEndART SourceMeter detects suspicious, inconsistently changing code copies referred to as "clone smells".
FrontEndART SourceMeter incorporates PMD (http://pmd.github.io) and SpotBugs (https://spotbugs.github.io/) for coding rule violation check and imports their results. SourceMeter also associates the issued rule violations with source code elements (i.e. methods, classes, packages, and components) and calculates metrics for the source code elements, which represent the amount of violations of each ruleset, rule and priority groups, respectively. In addition, SourceMeter uses an optimized PMD setting, where poorly performing PMD rule checks are disabled and all other rules are reprioritized by our software developer and QA experts. Please note that if a valid FaultHunter license key is available, the reimplemented PMD rules will be disabled and FaultHunter will provide the results instead. If no license key is available (e.g. when running the free version), then the original PMD rule violation checks will be executed.
FrontEndART SourceMeter lists the source code elements which violate a certain metric threshold value as coding issues (the thresholds can be fine-tuned). This way, the riskiest elements of the code can be found immediately (e.g. the most complex algorithms).
FaultHunter is the coding rule violation checker module of SourceMeter. This module makes it possible to identify common Java coding rule violations in the code (so-called bad practices) in a similar way as provided by the PMD tool. However, the algorithms implemented in the FaultHunter module work on the precise Abstract Semantic Graph of SourceMeter which results in higher precision and recall compared to other tools using rough syntactic analyzer. FaultHunter reimplements many PMD rule violation checks, reporting less noise (false positives) and a number of valid problems not detected by PMD (true negatives). It also provides additional checks that are not available in PMD.
The VulnerabilityHunter module of SourceMeter can detect OWASP security vulnerabilities in Java web applications (Command Injection, Cross-Site Scripting, HTTP Response Splitting, LDAP Injection, Path Traversal, SQL Injection) which could be potentially used by attackers to steal sensitive information. The majority of these attacks build on the improper or lacking implementation of user input validation to achieve unwanted program behavior.
The RTEHunter module of SourceMeter can detect potential runtime errors (e.g. NullPointerException) in Java applications. These runtime errors are represented by the instances of Java class RuntimeException. The detection is based on an interprocedural symbolic execution engine.
AndroidHunter is the module of SourceMeter, which seeks Android specific coding rule violations. This module checks the Java sources of the Android projects for common Android specific faults and anti-patterns. AndroidHunter reimplements all the corresponding PMD rules and additionally it provides some checks that are not available in PMD. Such as the other modules of SourceMeter, AndroidHunter also works on the precise Abstract Semantic Graph which results in higher precision and recall compared to other tools with a rougher syntactic analysis.
In addition to the built-in metrics, users can create their own metrics by using the UserDefinedMetrics (UDM) module. These new metrics can be established with a formula that can use any previous SourceMeter metric and can even depend on other custom user-defined metrics.
The limited-level support includes technical assistance regarding the installation and operation of SourceMeter through email communication and also includes the management of reported issues within a moderate time frame and providing simple workarounds if possible. The full-level support also includes short reaction times of two working days, providing dedicated and top priortity bugfix releases for our customers in order to allow them flawless business continuity.
Free
$0/Year
Source code metrics are used to quantify different source code characteristics. FrontEndART SourceMeter computes source code metrics for the following source code element types: components (e.g. archives), source files, packages, class types (including classes, interfaces, enums and annotations) and methods. The calculated metrics are divided into 6 categories, which are the following:Cohesion metrics measure the extent of coheresion between source code elements in the system.Complexity metrics measure the complexity of given source code elements (typically algorithms).Coupling metrics measure the amount of interdependencies between source code elements.Documentation metrics measure the amount of comments and documentation of source code elements in the system.Inheritance metrics measure the different aspects of the system's inheritance hierarchy.Size metrics measure the basic properties of the analyzed system in terms of different cardinalities (e.g. number of code lines, number of classes or methods).
Code cloning (or copy-paste programming) is the copying of an existing piece of source code and pasting it somewhere else while performing smaller modifications on it. FrontEndART SourceMeter is capable of identifying Type-2 clones, i.e. code fragments that are structurally identical, but may differ in variable names, literals, identifiers, etc. Clones are tracked during the source code analysis of consecutive revisions of the analyzed software system. FrontEndART SourceMeter detects suspicious, inconsistently changing code copies referred to as "clone smells".
FrontEndART SourceMeter incorporates PMD (http://pmd.github.io) and SpotBugs (https://spotbugs.github.io/) for coding rule violation check and imports their results. SourceMeter also associates the issued rule violations with source code elements (i.e. methods, classes, packages, and components) and calculates metrics for the source code elements, which represent the amount of violations of each ruleset, rule and priority groups, respectively. In addition, SourceMeter uses an optimized PMD setting, where poorly performing PMD rule checks are disabled and all other rules are reprioritized by our software developer and QA experts. Please note that if a valid FaultHunter license key is available, the reimplemented PMD rules will be disabled and FaultHunter will provide the results instead. If no license key is available (e.g. when running the free version), then the original PMD rule violation checks will be executed.
FrontEndART SourceMeter lists the source code elements which violate a certain metric threshold value as coding issues (the thresholds can be fine-tuned). This way, the riskiest elements of the code can be found immediately (e.g. the most complex algorithms).
FaultHunter is the coding rule violation checker module of SourceMeter. This module makes it possible to identify common Java coding rule violations in the code (so-called bad practices) in a similar way as provided by the PMD tool. However, the algorithms implemented in the FaultHunter module work on the precise Abstract Semantic Graph of SourceMeter which results in higher precision and recall compared to other tools using rough syntactic analyzer. FaultHunter reimplements many PMD rule violation checks, reporting less noise (false positives) and a number of valid problems not detected by PMD (true negatives). It also provides additional checks that are not available in PMD.
The VulnerabilityHunter module of SourceMeter can detect OWASP security vulnerabilities in Java web applications (Command Injection, Cross-Site Scripting, HTTP Response Splitting, LDAP Injection, Path Traversal, SQL Injection) which could be potentially used by attackers to steal sensitive information. The majority of these attacks build on the improper or lacking implementation of user input validation to achieve unwanted program behavior.
The RTEHunter module of SourceMeter can detect potential runtime errors (e.g. NullPointerException) in Java applications. These runtime errors are represented by the instances of Java class RuntimeException. The detection is based on an interprocedural symbolic execution engine.
AndroidHunter is the module of SourceMeter, which seeks Android specific coding rule violations. This module checks the Java sources of the Android projects for common Android specific faults and anti-patterns. AndroidHunter reimplements all the corresponding PMD rules and additionally it provides some checks that are not available in PMD. Such as the other modules of SourceMeter, AndroidHunter also works on the precise Abstract Semantic Graph which results in higher precision and recall compared to other tools with a rougher syntactic analysis.
In addition to the built-in metrics, users can create their own metrics by using the UserDefinedMetrics (UDM) module. These new metrics can be established with a formula that can use any previous SourceMeter metric and can even depend on other custom user-defined metrics.
The limited-level support includes technical assistance regarding the installation and operation of SourceMeter through email communication and also includes the management of reported issues within a moderate time frame and providing simple workarounds if possible. The full-level support also includes short reaction times of two working days, providing dedicated and top priortity bugfix releases for our customers in order to allow them flawless business continuity.
Basic
$349/Year
Source code metrics are used to quantify different source code characteristics. FrontEndART SourceMeter computes source code metrics for the following source code element types: components (e.g. archives), source files, packages, class types (including classes, interfaces, enums and annotations) and methods. The calculated metrics are divided into 6 categories, which are the following:Cohesion metrics measure the extent of coheresion between source code elements in the system.Complexity metrics measure the complexity of given source code elements (typically algorithms).Coupling metrics measure the amount of interdependencies between source code elements.Documentation metrics measure the amount of comments and documentation of source code elements in the system.Inheritance metrics measure the different aspects of the system's inheritance hierarchy.Size metrics measure the basic properties of the analyzed system in terms of different cardinalities (e.g. number of code lines, number of classes or methods).
Code cloning (or copy-paste programming) is the copying of an existing piece of source code and pasting it somewhere else while performing smaller modifications on it. FrontEndART SourceMeter is capable of identifying Type-2 clones, i.e. code fragments that are structurally identical, but may differ in variable names, literals, identifiers, etc. Clones are tracked during the source code analysis of consecutive revisions of the analyzed software system. FrontEndART SourceMeter detects suspicious, inconsistently changing code copies referred to as "clone smells".
FrontEndART SourceMeter incorporates PMD (http://pmd.github.io) and SpotBugs (https://spotbugs.github.io/) for coding rule violation check and imports their results. SourceMeter also associates the issued rule violations with source code elements (i.e. methods, classes, packages, and components) and calculates metrics for the source code elements, which represent the amount of violations of each ruleset, rule and priority groups, respectively. In addition, SourceMeter uses an optimized PMD setting, where poorly performing PMD rule checks are disabled and all other rules are reprioritized by our software developer and QA experts. Please note that if a valid FaultHunter license key is available, the reimplemented PMD rules will be disabled and FaultHunter will provide the results instead. If no license key is available (e.g. when running the free version), then the original PMD rule violation checks will be executed.
FrontEndART SourceMeter lists the source code elements which violate a certain metric threshold value as coding issues (the thresholds can be fine-tuned). This way, the riskiest elements of the code can be found immediately (e.g. the most complex algorithms).
FaultHunter is the coding rule violation checker module of SourceMeter. This module makes it possible to identify common Java coding rule violations in the code (so-called bad practices) in a similar way as provided by the PMD tool. However, the algorithms implemented in the FaultHunter module work on the precise Abstract Semantic Graph of SourceMeter which results in higher precision and recall compared to other tools using rough syntactic analyzer. FaultHunter reimplements many PMD rule violation checks, reporting less noise (false positives) and a number of valid problems not detected by PMD (true negatives). It also provides additional checks that are not available in PMD.
The VulnerabilityHunter module of SourceMeter can detect OWASP security vulnerabilities in Java web applications (Command Injection, Cross-Site Scripting, HTTP Response Splitting, LDAP Injection, Path Traversal, SQL Injection) which could be potentially used by attackers to steal sensitive information. The majority of these attacks build on the improper or lacking implementation of user input validation to achieve unwanted program behavior.
The RTEHunter module of SourceMeter can detect potential runtime errors (e.g. NullPointerException) in Java applications. These runtime errors are represented by the instances of Java class RuntimeException. The detection is based on an interprocedural symbolic execution engine.
AndroidHunter is the module of SourceMeter, which seeks Android specific coding rule violations. This module checks the Java sources of the Android projects for common Android specific faults and anti-patterns. AndroidHunter reimplements all the corresponding PMD rules and additionally it provides some checks that are not available in PMD. Such as the other modules of SourceMeter, AndroidHunter also works on the precise Abstract Semantic Graph which results in higher precision and recall compared to other tools with a rougher syntactic analysis.
In addition to the built-in metrics, users can create their own metrics by using the UserDefinedMetrics (UDM) module. These new metrics can be established with a formula that can use any previous SourceMeter metric and can even depend on other custom user-defined metrics.
The limited-level support includes technical assistance regarding the installation and operation of SourceMeter through email communication and also includes the management of reported issues within a moderate time frame and providing simple workarounds if possible. The full-level support also includes short reaction times of two working days, providing dedicated and top priortity bugfix releases for our customers in order to allow them flawless business continuity.
Pro
$1,499/Year
Information below is used for billing and contact purposes only.