findbugs

I have a class that looks similar to this, and findbugz is complaining about the 'write to the static field from the instance method' ( initialize() , and killStaticfield() ). I can't set the static field in the ctor. What is the best fix for this issue? Would putting staticField in an AtomicReference suffice? public class Something { private static SomeClass staticField = null; private AnotherClass aClass; public Something() { } public void initialize() { //must be ctor'd in initialize aClass = new AnotherClass(); staticField = new SomeClass( aClass ); } public void killStaticField() {

I'm using Windows and Eclipse 3.7 Classic with ADT plugin for Android development. I've just installed FindBugs and it have found a bug in auto-generated R.java class. I want to exclude this class from FindBugs checks. I've found that I can define exclude filters for FindBugs in xml file, so I've created a file D:\Projects\eclipse\FindBugsExculde.xml with text <FindBugsFilter> <Match> <Class name="com.android.demo.notepad3.R$attr" /> </Match> </FindBugsFilter> I've added this file to Eclipse -> Window -> Preferences -> Java -> FindBugs -> Filter files -> "Add..." button near the "Exclude

I really like the code inspection functionalities which are now able with either JSR 305 or Jetbrains' proprietary annotations for IntelliJ. Unfortunately both implementations (JSR 305 and Jetbrains') do not mix well: IntelliJ obviously only understands its own proprietary set of annotations and integrates them quite well. Using Findbugs in my Maven Build, it only supports JSR-305 annotations. The only possible workaround might be to go for JSR-305 and use the Findbugs plugin in IntelliJ. Has anybody a better idea? (please don't say change your IDE ;) ). Thanks Thomas This has been made

If I wanted to research how and where permissions [requested in the Mainfest.xml] were used in an Android app for the purposes of removing them is there an easy way of doing this? Does lint or findbugs offer some sort of support for tracking permissions used/abused in a project? I came from the future to save your lives. Here (in the future), LINT does check for missing permissions as you can see on LINT checks . So, go to your AndroidManifest.xml and remove all tags <uses-permission> using Android permissions (meaning, don't delete permissions that belong to your app, such as UA_DATA and C2D

Consider the class below. If I run Findbugs against it it will give me an error ("Non-transient non-serializable instance field in serializable class") on line 5 but not on line 7. 1 public class TestClass implements Serializable { 2 3 private static final long serialVersionUID = 1905162041950251407L; 4 5 private Set<Integer> mySet; // Findbugs error 6 7 private HashSet<Integer> myOtherSet; 8 9 } That's correct because java.util.Set never implements Serializable in its hierarchy and java.util.HashSet does. However it is best practice to code against interfaces instead of concrete

There was a question comparing PMD and CheckStyle . However, I can't find a nice breakdown on the differences/similarities between PMD and FindBugs. I believe a key difference is that PMD works on source code, while FindBugs works on compiled bytecode files. But in terms of capabilities, should it be an either/or choice or do they complement each other? I'm using both. I think they complement each other. As you said, PMD works on source code and therefore finds problems like: violation of naming conventions, lack of curly braces, misplaced null check, long parameter list, unnecessary

I have the simple code below for testing the findbugs NonNull annotation with maven. I execute "mvn clean install site", and I get a directory target/site/css and target/site/images, but nothing more. I was expecting to get a report, saying that println(null) violates the NonNull condition. What do I need to do to get that report? Also, is there a way to prevent "mvn clean install" to succeed if there are NonNull violations? Note: I am aware that I can get such report with Sonar; However, I would like "mvn clean install" to fail if there are such errors, without the need to use an optional