JDepend: A Beginner’s Guide to Java Dependency Analysis

JDepend vs. Modern Dependency Tools: When to Use Which

JDepend — lightweight, package-level metrics (afferent/efferent couplings, abstractness, instability, distance, cycles). Good for quick architectural health checks and automated unit tests that assert no package cycles.
Modern tools — broader ecosystems (SonarQube, ArchUnit, Structure101, Classycle, Deptective, commercial architecture tools). Offer richer analysis: rule engines, visualizations, CI integration, layering/enforcement, language support, tech debt tracking, and remediation guidance.

Use JDepend when
1. You want a simple, fast way to compute classic package metrics (A, I, D) and detect package cycles.
2. You need an easy JUnit-style test to fail the build on cycles or metric thresholds.
3. You prefer a small dependency with minimal setup for legacy Java codebases.
Use modern tools when
1. You need policy enforcement (architectural rules, layering constraints) with fine-grained, testable rules (ArchUnit, SonarQube).
2. You require visual dependency graphs, interactive exploration, or refactoring guidance (Structure101, commercial tools).
3. You want CI dashboards, historical trends, tech‑debt tracking, multi-language support, or IDE integration.
4. You need automated remediation suggestions or integration with issue trackers.

Depth vs. simplicity: JDepend is simple but limited to package metrics; modern tools provide deeper analysis and workflow features at the cost of complexity and resource use.
Enforcement: ArchUnit and CI-integrated tools let you codify architectural rules; JDepend mainly reports metrics (though you can assert thresholds in tests).
Visualization & remediation: Modern tools win for visualizing large codebases and guiding fixes.
Performance & overhead: JDepend is lightweight; enterprise tools can require servers, plugins, or licenses.

Start with JDepend for quick checks and to add simple cycle/metric tests in CI for small/legacy Java projects.
Add ArchUnit for fine-grained, code-level architectural tests (layers, forbidden dependencies).
Use SonarQube (or commercial analyzers/Structure101) when you need dashboards, historical trends, multi-language analysis, or team-level governance.
Combine tools: use JDepend/ArchUnit for automated gating and a visualization/analysis platform for periodic architectural reviews and refactoring planning.

Need minimal, fast package metrics → JDepend.
Need codified architectural rules per-class/package → ArchUnit.
Need CI dashboards, multi-language scanning, and tech‑debt tracking → SonarQube.
Need interactive visuals and refactoring planning at scale → Structure101 / commercial tools.

If you want, I can suggest example ArchUnit rules or a simple JUnit test using JDepend to block package cycles.