I would like to suggest using SonarQube to keep code quality up. SonarQube is a code analyzer to point out bugs, potential security issues and code smells. SonarCloud is free to use for opensource projects and is easy to connect. I took the liberty to connect my pf4j fork to the SonarQ cloud: https://sonarcloud.io/dashboard?id=wolframhaussig_pf4j

Here is the PR for the change to support SonarQube: https://github.com/wolframhaussig/pf4j/pull/1/files . You can get started by going to the projects settings -> integrations -> SonarQube