io.gitlab.arturbosch.detekt:detekt-cli

detekt

Meet detekt, a static code analysis tool for the Kotlin programming language. Visit the project website for installation guides, rule descriptions, configuration options and more.

Features

• Code smell analysis for your Kotlin projects.
• Highly configurable rule sets.
• Generate baselines to suppress existing issues for legacy projects while making sure no new issues are introduced.
• Suppress issues in source files using @Suppress annotations.
• Support for different report formats: HTML, Markdown, SARIF, XML (Checkstyle) and custom reports.
• Extend detekt with custom rule sets and reports.
• Complexity reports based on lines of code, cyclomatic complexity and number of code smells.
• First party integration with Gradle with our Gradle plugin.
• A community of third party plugins that adds more rules and features to detekt.

Quick-Links

• Changelog and migration guides
• Available CLI options
• Rule set and rule descriptions
• Writing custom rules and extending detekt
• Suppressing issues in code
• Suppressing issues via baseline file
• Configuring detekt
• Sample Gradle integrations examples:
  • multi project (Kotlin DSL)
  • single project (Groovy DSL)
  • single project (Unofficial Maven plugin)

Quick Start ...

with the command-line interface

curl -sSLO https://github.com/detekt/detekt/releases/download/v[version]/detekt-cli-[version]-all.jar
java -jar detekt-cli-[version]-all.jar --help

You can find other ways to install detekt here

with Gradle

plugins {
    id("io.gitlab.arturbosch.detekt").version("[version]")
}

repositories {
    mavenCentral()
}

detekt {
    buildUponDefaultConfig = true // preconfigure defaults
    allRules = false // activate all available (even unstable) rules.
    config.setFrom("$projectDir/config/detekt.yml") // point to your custom config defining rules to run, overwriting default behavior
    baseline = file("$projectDir/config/baseline.xml") // a way of suppressing issues before introducing detekt
}

tasks.withType<Detekt>().configureEach {
    reports {
        html.required.set(true) // observe findings in your browser with structure and code snippets
        xml.required.set(true) // checkstyle like format mainly for integrations like Jenkins
        txt.required.set(true) // similar to the console output, contains issue signature to manually edit baseline files
        sarif.required.set(true) // standardized SARIF format (https://sarifweb.azurewebsites.net/) to support integrations with GitHub Code Scanning
        md.required.set(true) // simple Markdown format
    }
}

// Groovy DSL
tasks.withType(Detekt).configureEach {
    jvmTarget = "1.8"
}
tasks.withType(DetektCreateBaselineTask).configureEach {
    jvmTarget = "1.8"
}

// or

// Kotlin DSL
tasks.withType<Detekt>().configureEach {
    jvmTarget = "1.8"
}
tasks.withType<DetektCreateBaselineTask>().configureEach {
    jvmTarget = "1.8"
}

See maven central for releases and sonatype for snapshots.

If you want to use a SNAPSHOT version, you can find more info on this documentation page.

Requirements

Gradle 6.7.1+ is the minimum requirement. However, the recommended versions together with the other tools recommended versions are:

Detekt Version	Gradle	Kotlin	AGP	Java Target Level	JDK Max Version
1.22.0	7.5.1	1.7.21	7.3.1	1.8	17

The list of recommended versions for previous detekt version is listed here.

Adding more rule sets

detekt itself provides a wrapper over ktlint as the formatting rule set which can be easily added to the Gradle configuration:

dependencies {
    detektPlugins("io.gitlab.arturbosch.detekt:detekt-formatting:[version]")
}

Similarly, there are extra rule sets available for detekt from detekt:

dependencies {
    detektPlugins("io.gitlab.arturbosch.detekt:detekt-rules-libraries:[version]")
    detektPlugins("io.gitlab.arturbosch.detekt:detekt-rules-ruleauthors:[version]")
}

For more info visit the Detekt Marketplace.

Likewise custom extensions can be added to detekt.

Contributing

See CONTRIBUTING

Thanks to all the people who contributed to detekt!

Mentions

As mentioned in...

• driodcon London 2021 - Detekt - State of the Union
• KotlinConf 2018 - Safe(r) Kotlin Code - Static Analysis Tools for Kotlin by Marvin Ramin
• droidcon NYC 2018 - Static Code Analysis For Kotlin
• Kotlin on Code Quality Tools - by @vanniktech Slides Presentation
• Integrating detekt in the Workflow
• Check the quality of Kotlin code
• Kotlin Static Analysis Tools
• Are you still smelling it?: A comparative study between Java and Kotlin language by Flauzino et al.
• Preventing software antipatterns with Detekt

Integrations:

• IntelliJ integration
• SonarQube integration
• Codacy
• Gradle plugin that configures Error Prone, Checkstyle, PMD, CPD, Lint, Detekt & Ktlint
• Violations Lib is a Java library for parsing report files like static code analysis.
• sputnik is a free tool for static code review and provides support for detekt
• Gradle Static Analysis plugin
• Detekt Maven plugin that wraps the Detekt CLI
• Detekt Bazel plugin that wraps the Detekt CLI
• Gradle plugin that helps facilitate GitHub PR checking and automatic commenting of violations
• Codefactor
• GitHub Action: Detekt All
• GitHub Action: Setup detekt
• Sonatype Lift

Custom rules and reports from 3rd parties can be found on our Detekt Marketplace.

Credits

• JetBrains - Creating IntelliJ + Kotlin
• PMD & Checkstyle & ktlint - Ideas for threshold values and style rules