--group <scope>to chose whether issues should be grouped by Java class or only by JAR file, like a level of detail.
--level <level>to set issue severity threshold to "error", "warn", or "info". (Prerequisite: categorization of all issues)
--release <number>to specify the Java release (for correct handling of multi-release JAR files).
--verboseto generate more detailed output.
- Load and analyze Java class files found in WAR files under WEB-INF/classes/.
- Compile and analyze JSP files found in WAR files.
- Support individual *.class files on the classpath (cobine them into an artificial "classes.jar").
- Correct handling of multi-release JAR files (requires option
- Blacklist: Add option "--blacklist " to pass a file with blacklist patterns.
- Blacklist: Use of native code (declaration of or calls to native methods).
- Blacklist: Use of
- API similarity: Calculate similarity level as percentage value. If two classes have a different API, calculate "how different" they are.
- New analyzer: Detect class files for non-Java languages (Kotlin, ...). Is there a way to detect whether a class has been generated from another language?
- New analyzer: "JPMS Module Dependencies" (requires, exports, opens, ...).
- Binary Compatibility: Check annotation references (does the annotation exist, are all mandatory parameters present, is the target class accessible, etc.)
- Binary Compatibility: Is overriding of a method allowed?
- JAR Dependencies: Include "soft" dependencies through constant strings containing Java class names (potential use of reflection).
- JAR Dependencies: Include dependencies from metadata, e.g., service provider configuration in META-INF/services/, etc.
- JAR Dependencies: Add a "dependency weight" by the number of references.
- JAR Dependencies: Report circular dependencies.
- JAR Files: Report code signing information (certificate, subject, ...). Validate signrature.
- JAR Files: Add link to Maven Central using SHA-1 checksum of a JAR file (HTML report only).
- Add an "Overview" section listing the number of issues (errors, warnings, infos) found in every section.
- Report Format: Make implementations self-describing: getType() returns "text" or "html", getExtensions() returns "txt" or "html", etc. Goal: The factory can decide automatically which implementation to use based on command line arguments.
- Support generation of multiple reports (text AND HTML) at the same time.
- GUI: Create a minimal graphical user interface which can be used instead of the command line.
- Create various plugins: Maven, Gradle, Ant, IntelliJ, Eclipse, TeamCity, SonarQube, ...
- Packages: Do not report "split package" issue because of duplicate classes.
--use-artifact-namefor nested JAR files.
- Implement consistent sorting of JAR files in report sections (some are case-sensitive, some case-insensitive).
- Optimize memory usage. Maybe intern frequently used Strings like class names?
- Declare "features" an analyzer depends on to minimize/optimize classpath loading.
- Code redesign: Main (static entry point) -> Application (command line application) -> Engine ( "core", reused in plugins etc.)
- Maven: Split into multi-module project? jarhc-core, jarhc-cli, jarhc-jmh, jarhc-gui, jarhc-maven-plugin, jarhc-gradle-plugin, jarhc-intellij-plugin, jarhc-sonar-plugin, jarhc-ant-task, ...
- Maven: Deploy site to GitHub Pages (use GitHub Maven Plugin?)
- Maven: Integrate FindBugs, Checkstyle, etc
- Tests: Remove dependency on junit-pioneer after migration to JUnit 5.4+. Migrate to new TempDirectory extension added in JUnit 5.4.
- Motivation: Write some good use cases.
- Better documentation of individual report sections with good examples.
- Document local cache directory ".jarhc".