spotbugs

Adding SpotBugs to my project

喜夏-厌秋 提交于 2021-02-07 03:15:41
问题 I've been working on adding SpotBugs to the android project I'm currently working on. I managed to get it working but I'm not overly thrilled of the way it's set up. For now the configuration resides inside my app/build.gradle file, which makes the file less manageable. I was wondering if there's an expert on SpotBugs/Gradle who knows a way to pull the configuration out into a separate file. Here's my app/build.gradle (boilerplate removed): buildscript { repositories { ... } dependencies {

Adding SpotBugs to my project

折月煮酒 提交于 2021-02-07 03:14:43
问题 I've been working on adding SpotBugs to the android project I'm currently working on. I managed to get it working but I'm not overly thrilled of the way it's set up. For now the configuration resides inside my app/build.gradle file, which makes the file less manageable. I was wondering if there's an expert on SpotBugs/Gradle who knows a way to pull the configuration out into a separate file. Here's my app/build.gradle (boilerplate removed): buildscript { repositories { ... } dependencies {

How to resolve the slf4j binding error in gradle?

时光毁灭记忆、已成空白 提交于 2019-12-24 20:24:12
问题 I am seeing this error during my gradle build with spotbugs enabled. 0:12.450 [DEBUG] [system.err] SLF4J: Class path contains multiple SLF4J bindings. 21:50:12.450 [DEBUG] [system.err] SLF4J: Found binding in [jar:file:/Users/me/.gradle/caches/modules-2/files-2.1/my-plugin/0.6.1/ced3c13362d615ad7b387350d72eac6b16c1a384/myplugin.jar!/org/slf4j/impl/StaticLoggerBinder.class] 21:50:12.450 [DEBUG] [system.err] SLF4J: Found binding in [jar:file:/Users/me/.gradle/wrapper/dists/gradle-5.4-all

SpotBugs Maven Plugin exclude a directory

我的梦境 提交于 2019-12-21 16:58:30
问题 I use SpotBugs Maven Plugin for a static analysis and I would like to exclude a directory from the inspection. Looking at the spotbugs:check goal documentation, it seems that it is not possible to configure the plugin is such a way. I also checked documentation for a SpotBugs filter file. In Apache Maven PMD Plugin this can be done by using excludeRoots parameter: <excludeRoots> <excludeRoot>target</excludeRoot> </excludeRoots> Is it possible to exclude a directory from SpotBugs inspection?

How to encode response to JSON in filter without failing XSS

邮差的信 提交于 2019-12-13 03:36:00
问题 BELOW IS THE static code analysis report from SpotBugs XSS_SERVLET: Potential XSS in Servlet A potential XSS was found. It could be used to execute unwanted JavaScript in a client's browser. (See references) Vulnerable Code: protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { String input1 = req.getParameter("input1"); [...] resp.getWriter().write(input1); } Solution: protected void doGet(HttpServletRequest req, HttpServletResponse

SpotBugs Maven Plugin exclude a directory

这一生的挚爱 提交于 2019-12-04 10:11:21
I use SpotBugs Maven Plugin for a static analysis and I would like to exclude a directory from the inspection. Looking at the spotbugs:check goal documentation , it seems that it is not possible to configure the plugin is such a way. I also checked documentation for a SpotBugs filter file . In Apache Maven PMD Plugin this can be done by using excludeRoots parameter: <excludeRoots> <excludeRoot>target</excludeRoot> </excludeRoots> Is it possible to exclude a directory from SpotBugs inspection? It is possible to exclude a directory from inspection with SpotBugs, though the approach is different
订阅 spotbugs