findbugs

可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效，请关闭广告屏蔽插件后再试): 问题: i am new to sonar. i am running sonar from Jenkins with sonar pulgin. When i am running from jenkins i am getting out of memory exception at findbugs below is the error: Out of memory Total memory: 1037M free memory: 30M Analyzed: D:\Victor\autocreated\webapp\WEB-INF\classes Aux: C:\DOCUME~1\NADBHA~1\LOCALS~1\Temp\findbugs4165854405681394173.jar Aux: C:\DOCUME~1\NADBHA~1\LOCALS~1\Temp\findbugs4688505485649811865.jar Total time: 2:04:49.155s Final Memory: 358M/989M Exception in thread "main" org.sonar.batch.bootstrapper.BootstrapException:

Does anybody know how to configure the maven findbugs plugin to output a summary of the bugs to the console (similar to the pmd plugin)? At present findbugs:check just prints out how many bugs there are in total and I need to check the individual modules target/findbugs directory and each findbugs.xml file to fix the issues. <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findbugs-maven-plugin</artifactId> <version>2.0.1</version> <configuration> <xmlOutput>true</xmlOutput> <xmlOutputDirectory>findbugsreports</xmlOutputDirectory> <findbugsXmlOutput>true</findbugsXmlOutput>

I am in the process of evaluating FindBugs and am trying to make use of the excludeFilter so that the tool does not process the test packages or the generated ejb stubs. I have tried the following: <FindBugsFilter> <!-- Match any test packages --> <Match> <Package name="~.*\.test"/> </Match> <Match> <Or> <Class name="~.*\.^_*"/> <Class name="~.*EJS*"/> </Or> <Bug pattern="MALICIOUS_CODE"/> </Match> The generated EJB's are still being looked at. Can someone provide some better direction on this. I want to exclude out all classes that start with "_" Example: com/mycompany/business/admin/ejb/

I have couple of areas in my application where I get the error while manipulating value of static variable from instance method. "Write to static field from instance method" . If we take multi-threading out of the equation, does this scenario pose any potential issue even if multiple instances write to the same static variable ? Not a bug From the documentation... This instance method writes to a static field. This is tricky to get correct if multiple instances are being manipulated, and generally bad practice. Firstly it says that it is a bad practice , not incorrect. Second thing is the

My question is a follow-up to this one . In past versions of FindBugs, it was possible to use @DefaultAnnotation(Nonnull.class) or @DefaultAnnotationForFields(Nonnull.class) to indicate that all fields in a package should be treated as @Nonnull . In the current version of FindBugs (2.0), @DefaultAnnotation and @DefaultAnnotationForFields are deprecated, and we should all use JSR-305 instead. But JSR-305 doesn't seem to cover everything the (now deprecated) FindBugs annotations cover. The javadoc does suggest a number of alternatives: @ParametersAreNonnullByDefault . This (obviously) only

I am using Sonar and I have got this kind of violation from it for a peace of my code: Correctness - Possible null pointer dereference Has anyone know about this rule in findbugs? I searched a lot but I can not find a good sample code (in Java) which describe this rule, unfortunately findbugs site did not have any sample code or good description about this rule. Why does this violation appear? SiB It says here NP: Possible null pointer dereference (NP_NULL_ON_SOME_PATH) There is a branch of statement that, if executed, guarantees that a null value will be dereferenced, which would generate a

I am currently using the sonarqube server 5.6 with scanner 2.6.1 and I keep getting errors during analysis for a java project. It appears to complain about some java files not compiled in the binaries folder (there aren't any at all in the binaries folder). Once I add the -X parameter I get more exceptions (flagged as ignored), see below. any clues? sonar-project.properties followed by logs sonar.projectKey=myproj sonar.projectName=myproj sonar.projectVersion=1.1 sonar.branch=1.1 sonar.sources=./java sonar.binaries=./deploy sonar.log.level=DEBUG sonar.verbose=false sonar.sourceEncoding=UTF-8