findbugs

问题 This is more of a follow-up to questions 1 & 2. As told in the questions the below code public Date getSomeDate() { return someDate; } will give you the findbug error issue. The suggested solution was to duplicate the Date object in both getters and setters like public Date getSomeDate() { return new Date(someDate.getTime()); } Is this a good approach or are there any alternative ways to this? Is there any Immutable Date library available in java that can overcome this issue? 回答1: JodaTime

问题 I have a class that looks similar to this, and findbugz is complaining about the 'write to the static field from the instance method' ( initialize() , and killStaticfield() ). I can't set the static field in the ctor. What is the best fix for this issue? Would putting staticField in an AtomicReference suffice? public class Something { private static SomeClass staticField = null; private AnotherClass aClass; public Something() { } public void initialize() { //must be ctor'd in initialize

问题 There was a question comparing PMD and CheckStyle. However, I can't find a nice breakdown on the differences/similarities between PMD and FindBugs. I believe a key difference is that PMD works on source code, while FindBugs works on compiled bytecode files. But in terms of capabilities, should it be an either/or choice or do they complement each other? 回答1: I'm using both. I think they complement each other. As you said, PMD works on source code and therefore finds problems like: violation of

问题 FindBugs raises a bug called EI_EXPOSE_REP with the following description : EI: May expose internal representation by returning reference to mutable object Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new

问题 I run findbugs against all of my code and only tackle the top stuff. I finally got the top stuff resolved and now am looking at the details. I have a simple entity, say a user: public class User implements Serializable { protected Date birthDate; public Date getBirthDate() {return(birthDate);} public void setBirthDate(final Date birthDate) {this.birthDate = birthDate;} } This class is incomplete, so don't harp me about it missing the serialVersionUID and other standard stuff, I am just

问题 I've made several attempts at getting package annotation @ParametersAreNonnullByDefault to work for me in a maven project but with no success. Could someone share a link to a minimal/sample maven project where this is setup (or post the pom.xml and package-info.java and demo class)? I'm talking about having findbugs processor enforce it for me. 回答1: How to apply @ParametersAreNonnullByDefault Create a file package-info.java in your package where you want to enforce the desired behavior. In

问题 We are introducing static analysis tools into the build system for our Java product. We are using Maven2 so Checkstyle and PMD integration come for free. However it looks like there is a large overlap in functionality between these two tools, in terms of enforcing basic style rules. Is there a benefit from utilizing both of these? I don't want to maintain 2 tools if one will work. If we choose one, which one should we use and why? We are also planning on using FindBugs. Are there other static

问题 FindBugs IDEA v1.0.1 Android Studio 3.4 I get this error when running FindBugs. I don't use com.google.wireless.android.sdk anywhere in the app. Error:Internal error: (java.lang.ClassNotFoundException) com.google.wireless.android.sdk.stats.IntellijIndexingStats$Index java.lang.ClassNotFoundException: com.google.wireless.android.sdk.stats.IntellijIndexingStats$Index at java.net.URLClassLoader.findClass(URLClassLoader.java:381) at java.lang.ClassLoader.loadClass(ClassLoader.java:424) at java

问题 I am using a findbugs in an ANT script and I can't figure out how to fix two of my errors. I have read the documentation, but don't understand. Here are my errors and the code that goes with them: Error 1: Test for floating point equality. (FE_FLOATING_POINT_EQUALITY) private boolean equals(final Quantity other) { return this.mAmount == convertedAmount(other); } Error 2: EQ_COMPARETO_USE_OBJECT_EQUALS public final int compareTo(final Object other) { return this.description().compareTo((

问题 Using findbugs I get the following: The following classes needed for analysis were missing: foo.bar.Class1 foo.bar.Class2 I know why these classes are missing, and I'm fine with it. Since I'm using this via ant, I could use the quietErrors parameter, but It would also quiet "serious analysis errors", which I'd want to know about. If, in the future, there winds up being other missing classes, I want to be told about it so I can determine if I do mind those other classes being missing. So, is