Stack Overflow
Stack Overflow

Questions tagged [findbugs]

A program which uses static analysis to look for bugs in Java code.

FindBugs is an open source program created by Bill Pugh and David Hovemeyer which looks for bugs in Java code. It uses static analysis to identify hundreds of different potential types of errors in Java programs. FindBugs operates on Java bytecode, rather than source code. The software is distributed as a stand-alone GUI application. There are also plug-ins available for Eclipse, Netbeans, IntelliJ IDEA, and Hudson.

Related Links:

1001 questions
24
votes
2 answers

What is correct Maven scope of findbugs annotations?

I want to use a library that has the following dependency: com.google.code.findbugs annotations 2.0.3 I read that FindBugs is for static analysis of…
holmis83
  • 15,922
  • 5
  • 82
  • 83
23
votes
3 answers

Test for floating point equality. (FE_FLOATING_POINT_EQUALITY)

I am using a findbugs in an ANT script and I can't figure out how to fix two of my errors. I have read the documentation, but don't understand. Here are my errors and the code that goes with them: Error 1: Test for floating point equality.…
taraloca
  • 9,077
  • 9
  • 44
  • 77
22
votes
2 answers

Resolve findBugs issue in gradle

Overview: I am trying to upgrade Java and Gradle version in my project as follows: java from 8 to 11 Gradle from 5 to 6 My project runs with no issues on the old versions but when runs on Java 11 and Gradle 6 it complains about fireBugs plugin…
saeedj
  • 2,179
  • 9
  • 25
  • 38
22
votes
3 answers

Can not execute Findbugs Caused by: This project contains Java source files that are not compiled

I am currently using the sonarqube server 5.6 with scanner 2.6.1 and I keep getting errors during analysis for a java project. It appears to complain about some java files not compiled in the binaries folder (there aren't any at all in the binaries…
NicolasW
  • 1,519
  • 5
  • 22
  • 34
21
votes
4 answers

disable Find bugs in maven

The team are using find bugs. I would like to skip using find bugs. I can see it has an option maven.findbugs.enable,but I don't know how to use that as an argument to maven. I have tried - Dmaven.findbugs.enable=false but I can see find bugs is…
bharal
  • 15,461
  • 36
  • 117
  • 195
21
votes
5 answers

Why is it considered bad practice to define a covariant compareTo method?

Here's an example from my code: Baseclass: abstract class AbstractBase implements Comparable { private int a; private int b; public int compareTo(AbstractBase other) { // compare using a and b …
Uwe Allner
  • 3,399
  • 9
  • 35
  • 49
20
votes
3 answers

Maven clean command: java.util.Collections.UnmodifiableRandomAccessList to property of type java.util.ArrayList

When executing the clean maven command, the following error occurs: Failed to execute goal org.codehaus.mojo:findbugs-maven-plugin:3.0.0:findbugs (findbugs) on Unable to parse configuration of mojo …
Denisa Todorut
  • 203
  • 1
  • 2
  • 6
20
votes
5 answers

What is the meaning of Possible null pointer dereference in findbug?

I am using Sonar and I have got this kind of violation from it for a peace of my code: Correctness - Possible null pointer dereference Has anyone know about this rule in findbugs? I searched a lot but I can not find a good sample code (in Java)…
Saeed Zarinfam
  • 9,818
  • 7
  • 59
  • 72
20
votes
3 answers

How to suppress multiple FindBugs warnings for the same line of code

I recently discovered FindBugs' @edu.umd.cs.findbugs.annotations.SuppressWarnings annotation which is pretty cool and allows you to basically tell FindBugs to ignore certain warnings. I've successfully implemented my own SLF4J binding by following…
IAmYourFaja
  • 55,468
  • 181
  • 466
  • 756
19
votes
2 answers

Do I need to @Nonnull again at the implementation?

While I think there should be a general rule for inheriting annotations or not, I'm specifically interested in making FindBugs recognize my rules, so this question is FindBugs specific. AFAIK, JavaDoc comments are taken from the interface and are…
Thomas Weller
  • 55,411
  • 20
  • 125
  • 222
19
votes
5 answers

MALICIOUS_CODE EI_EXPOSE_REP Medium

I run findbugs against all of my code and only tackle the top stuff. I finally got the top stuff resolved and now am looking at the details. I have a simple entity, say a user: public class User implements Serializable { protected Date…
Walter White
19
votes
5 answers

Is there a Findbugs and / or PMD equivalent for C/C++?

I was recently asked about alternatives to Coverity Prevent for a code base that includes both C/C++ and Java. Obviously, on the Java side, the free tools available include Findbugs (compiled code analysis) and PMD (static code analysis). They are…
Bob Cross
  • 22,116
  • 12
  • 58
  • 95
18
votes
2 answers

FindBugs filter file for ignoring JUnit tests

I need to set up a filter file for my findbugs ant script that scans only the src/* files and not the test/* files. What is the syntax for checking all classes while ignoring any filename or package name with 'test' in the name?
user64133
  • 1,149
  • 3
  • 9
  • 10
18
votes
3 answers

Findbugs gives "Null pointer dereference of System.out", why?

I am using Java 1.7, Eclipse 3.7 with the FindBugs plugin from the marketplace. The example is as nice as heaven: class Application { public static void main( String[] args ) { System.out.println( "Bla" ); } } This message was not present…
Johnannes Münch
  • 511
  • 4
  • 8
18
votes
4 answers

What's the best way to fix this 'write to static field from instance method' findbugs warning?

I have a class that looks similar to this, and findbugz is complaining about the 'write to the static field from the instance method' (initialize(), and killStaticfield()). I can't set the static field in the ctor. What is the best fix for this…
darrickc
  • 1,872
  • 6
  • 27
  • 38
1 2
3
66 67