Hi, I was scanning a third party source code using Findbugs (just to be cautious before integrating into it mine), and found the following warning: long a = b << 32 | c Bug: Integer shift by 32 Pattern id: ICAST_BAD_SHIFT_AMOUNT, type: BSHIFT, category: CORRECTNESS The code performs an integer shift by a constant amount...
I'm using a class that extends BytecodeScanningDetector to check for some problematic fields in a class. After detecting whether the field is problematic, I add it to the bug report like below: Once I run findbugs, it identifies the bug, lists it in the left pane, but does not highlight the corresponding source line. Any hints/help o...
I am in the process of evaluating FindBugs and am trying to make use of the excludeFilter so that the tool does not process the test packages or the generated ejb stubs. I have tried the following: <FindBugsFilter> <!-- Match any test packages --> <Match> <Package name="~.*\.test"/> </Match> <Match> <Or> <Class name="~.*\....
I have a piece of code that load a very big image in memory. So it seemed like a reasonable thing to call System.gc(); before loading the image. From what I can tell it works with no issues. Yesterday i decided to use a pretty useful piece of software called FindBugs that scans your code and reports back issues that might cause bugs...
As an alternative to littering my code with thousands of final keywords in front of my parameters, I'm trying to enforce it using FindBugs. It doesn't seem possible to do this, but there should be a way, shouldn't there? Thanks ...
I would like Maven to generate a FindBugs report where the bugs are grouped by severity, not by file. Then I would be able to focus on the most serious bugs immediately. I have seen similar functionality with the FindBugs plugin for Eclipse. Is this possible with Maven? ...
Does anybody know how to configure the maven findbugs plugin to output a summary of the bugs to the console (similar to the pmd plugin)? At present findbugs:check just prints out how many bugs there are in total and I need to check the individual modules target/findbugs directory and each findbugs.xml file to fix the issues. <plugin> ...
Hi Folks, I've been experimenting with the jsr 305 annotations for use with Findbugs, specifically the @CheckForNull annotation which would have avoided a bug I just found making it out to customers. I've added jsr305.jar and annotations.jar to my build path but the bugs aren't found by findbugs. I'm using Eclipse with the Eclipse Findb...
I'm trying to invoke FindBugs from inside Ant. In order to control the amount of memory available to FindBugs, I've chosen not to use the ant-task. The problem I have now is that I want to pass a number of jars on the command-line to FindBugs: java -jar .../findbugs.jar foo.jar bar.jar fie.jar However, since these jars actually are Ec...
anyone ever run into the problem where findbugs reports a -1 for the line? File: foo.java, Line: -1, Type: NP_NULL_ON_SOME_PATH, Priority: Normal, Category: CORRECTNESS here ...
Findbugs provides a way to do data mining of bugs. That looks interesting as it helps in trending of bugs over various revisions. What I want to do is: On each commit to version control, findbugs will be run and a report will be generated. Is it possible to generate a report that takes data from all these reports and shows the trend? Ha...
I'm trying to get the FindBugs ant task to include source info in the generated report. <findbugs home="${findbugs.home}" output="xml" outputFile="${basedir}/findbugs/findbugs-${package.basename}.xml" excludeFilter="${basedir}/findbugsExclude.xml" jvmargs="-Xmx1048m"> <sourcePath path="${package.srcdir}" /> <class location="${packa...
I was recently asked about alternatives to Coverity Prevent for a code base that includes both C/C++ and Java. Obviously, on the Java side, the free tools available include Findbugs (compiled code analysis) and PMD (static code analysis). They are very powerful, especially when you start investigating integration with IDEs (which, agai...
Hello! Note: those annotations, I'm talking about, are specified by JSR305. I have the latest Findbugs (1.3.9) and it finds errors correctly when some field, annotated with @Nonnull, is assigned to null. But, in my project, the "non-null logic" is the default case. I would say that null is explicitely allowed only in 5% of cases. So,...
1. Regarding PMD: 1.1 How do I set the PMD checks, to ignore some of them, like "Variable name is too short, or too long", "Remove empty constructor, etc" - and if I do that, another warning appears that says the class must have some static methods. Basically, the class was empty, for later development, and I like to leave it that way f...
Is it possible to specify the classes location like you can in the findbugs ant task? or is there another way to exclude a directory of class files (we compile our test classes to a different directory and don't want to use findbugs on those) P.V. Goddijn ...
Hello, I have a code piece that I am reviewing (using FindBug). public class MyClass{ ... private BlockedQueue q = new LinkedBlockingQueue<MyData>(1000); private static final batchSize = 1000; public boolean testMethod(){ boolean done = false; synchronized(q){ if(q.size == batchSize){ q.notify(); done...
OK, after reviewing some code with PMD and FindBugs code analyzers, i was able to do great changes on the reviewed code. However, there are some things i don't know how to fix. I'll iterate them bellow, and (for better reference) i will give each question a number. Feel free to answer to any/all of them. Thanks for your patience. 1. Ev...
It's easy to add the findbugs plugin to maven so that it will run if I do mvn site However, I would like it to run whenever I do mvn install just like unit tests. That is, I don't want the install to succeed if findbugs finds any bugs. Is there are way for me to do this? ...
Hi all, I run findbugs against all of my code and only tackle the top stuff. I finally got the top stuff resolved and now am looking at the details. I have a simple entity, say a user: public class User implements Serializable { protected Date birthDate; public Date getBirthDate() {return(birthDate);} public void se...