Meet detekt, a static code analysis tool for the Kotlin programming language. It operates on the abstract syntax tree provided by the Kotlin compiler.
- Code smell analysis for your Kotlin projects
- Complexity reports based on lines of code, cyclomatic complexity and amount of code smells
- Highly configurable rule sets
- Suppression of findings with Kotlin's
@Suppressand Java's@SuppressWarningsannotations - Specification of quality gates which will break your build
- Code Smell baseline and suppression for legacy projects
- Gradle plugin for code analysis via Gradle builds
- SonarQube integration
- Extensibility by enabling incorporation of personal rule sets,
FileProcessListener'sandOutputReport's - IntelliJ integration
- Third party integrations for Maven, Bazel and Github Actions (Docker based and Javascript based)
Visit the project website for installation guides, release notes, migration guides, rule descriptions and configuration options.
- Changelog and migration guides
- Available CLI options
- Rule set and rule descriptions
- Writing custom rules and extending detekt
- Suppressing issues in code
- Suppressing issues via baseline file
- Configuring detekt
- Sample Gradle integrations examples:
curl -sSLO https://github.com/detekt/detekt/releases/download/v[version]/detekt-cli-[version]-all.jar
java -jar detekt-cli-[version]-all.jar --helpYou can find other ways to install detekt here
plugins {
id("io.gitlab.arturbosch.detekt").version("[version]")
}
repositories {
mavenCentral()
}
detekt {
buildUponDefaultConfig = true // preconfigure defaults
allRules = false // activate all available (even unstable) rules.
config = files("$projectDir/config/detekt.yml") // point to your custom config defining rules to run, overwriting default behavior
baseline = file("$projectDir/config/baseline.xml") // a way of suppressing issues before introducing detekt
}
tasks.withType<Detekt>().configureEach {
reports {
html.required.set(true) // observe findings in your browser with structure and code snippets
xml.required.set(true) // checkstyle like format mainly for integrations like Jenkins
txt.required.set(true) // similar to the console output, contains issue signature to manually edit baseline files
sarif.required.set(true) // standardized SARIF format (https://sarifweb.azurewebsites.net/) to support integrations with Github Code Scanning
}
}
// Groovy DSL
tasks.withType(Detekt).configureEach {
jvmTarget = "1.8"
}
tasks.withType(DetektCreateBaselineTask).configureEach {
jvmTarget = "1.8"
}
// or
// Kotlin DSL
tasks.withType<Detekt>().configureEach {
jvmTarget = "1.8"
}
tasks.withType<DetektCreateBaselineTask>().configureEach {
jvmTarget = "1.8"
}See maven central for releases and sonatype for snapshots.
If you want to use a SNAPSHOT version, you can find more info on this documentation page.
Gradle 6.1+ is the minimum requirement. However, the recommended versions together with the other tools recommended versions are:
| Detekt Version | Gradle | Kotlin | AGP | Java Target Level | JDK Max Version |
|---|---|---|---|---|---|
1.20.0 |
7.4.2 |
1.6.20 |
7.1.3 |
1.8 |
17 |
The list of recommended versions for previous detekt version is listed here.
detekt itself provides a wrapper over ktlint as a formatting rule set
which can be easily added to the Gradle configuration:
dependencies {
detektPlugins("io.gitlab.arturbosch.detekt:detekt-formatting:[version]")
}Likewise custom extensions can be added to detekt.
See CONTRIBUTING
Thanks to all the people who contributed to detekt!
As mentioned in...
- KotlinConf 2018 - Safe(r) Kotlin Code - Static Analysis Tools for Kotlin by Marvin Ramin
- droidcon NYC 2018 - Static Code Analysis For Kotlin
- Kotlin on Code Quality Tools - by @vanniktech Slides Presentation
- Integrating detekt in the Workflow
- Check the quality of Kotlin code
- Kotlin Static Analysis Tools
- Are you still smelling it?: A comparative study between Java and Kotlin language by Flauzino et al.
- Preventing software antipatterns with Detekt
Integrations:
- Codacy
- Gradle plugin that configures Error Prone, Checkstyle, PMD, CPD, Lint, Detekt & Ktlint
- Violations Lib is a Java library for parsing report files like static code analysis.
- sputnik is a free tool for static code review and provides support for detekt
- Novoda Gradle Static Analysis plugin
- Detekt Maven plugin that wraps the Detekt CLI
- Detekt Bazel plugin that wraps the Detekt CLI
- Gradle plugin that helps facilitate GitHub PR checking and automatic commenting of violations
- Codefactor
- GitHub Action: Detekt All
- IntelliJ Platform Plugin Template
- Sonatype Lift
Custom rules and reports from 3rd parties:
- detekt-verify-implementation by cph-cachet
- detekt-hint by mkohm is a plugin to detekt that provides detection of design principle violations through integration with Danger
- GitLab report format
- JetBrains - Creating IntelliJ + Kotlin
- PMD & Checkstyle & ktlint - Ideas for threshold values and style rules