Stack Overflow
Stack Overflow

Questions tagged [spotbugs]

SpotBugs is a program which uses static analysis to look for bugs in Java code. SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community.

SpotBugs is a program which uses static analysis to look for bugs in Java, Groovy, Kotlin, Scala, JSP and Closure code.

SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with the support of its community. It is free software, distributed under the terms of the Lesser GNU Public License.

SpotBugs requires JRE (or JDK) 1.8.0 or later to run. However, it can analyze programs compiled for any version of Java, from 1.0 to 1.9.

165 questions
5
votes
1 answer

Spotbugs configuration for multi project setup

I have a multi-project Gradle setup like so: RootProject | ---- ProjectA | ---- ProjectB | ---- ProjectC I want to apply SpotBugs to all my projects. Doing the following in every project explicitly works. For example, the…
Vicky
  • 16,679
  • 54
  • 139
  • 232
5
votes
2 answers

Java/SpotBugs, What is a "named static inner class", if it's being declared in an interface?

I inherited a codebase that uses MyBatis. SpotBugs is telling me that that SubjectRepositoryQueries could be refactored into a named _static_ inner class. I've never encountered this term, I was hoping someone could explain what exactly it's asking…
Jonathan S. Fisher
  • 8,189
  • 6
  • 46
  • 84
4
votes
3 answers

Spotbugs exclude filter in gradle project

I am new to gradle and am trying to configure Spotbugs. I've added the plugin to the build.gradle and the spotbugs issues showed up. However I want to exclude the Findbugs EI_EXPOSE_REP and EI_EXPOSE_REP2 rules, because they show up for all my…
Yoanna E.
  • 105
  • 2
  • 5
4
votes
1 answer

Getting error while running spot bugs "A failure occurred while executing com.github.spotbugs.snom.internal.SpotBugsRunnerForWorker$SpotBugsExecutor"

Getting error while running spot bugs "A failure occurred while executing com.github.spotbugs.snom.internal.SpotBugsRunnerForWorker$SpotBugsExecutor" Gradle Version :- 6.6.1 SpotBug plugin- 4.2 plugins { id 'java' id 'io.quarkus' id…
Codinggeek
  • 111
  • 1
  • 8
4
votes
1 answer

SpotBugsTask: java.lang.NoSuchMethodError: 'java.lang.Object org.gradle.util.DeprecationLogger

with Gradle 6.7 and spotbugs toolVersion 4.1.4. I am getting following error. looks like I have to exclude some unwanted version, any help? stack trace Caused by: org.gradle.api.tasks.TaskInstantiationException: Could not create task of type…
nothing_authentic
  • 2,927
  • 3
  • 17
  • 22
4
votes
1 answer

Skip Spot Bugs stack traces when features require ASM8_EXPERIMENTAL

I'm using spotbugs-maven-plugin 4.0.0 (+ spotbugs 4.0.2 dependency). The problem is that it cannot recognize Java 14 records. Every time when it finds a record or a class that uses that record, it prints a long stacktrace. [INFO] >>>…
ROMANIA_engineer
  • 54,432
  • 29
  • 203
  • 199
4
votes
2 answers

How to find @SuppressFBWarnings annotations that are no longer needed?

I'm working with a mid-size Java codebase that has a lot of @SuppressFBWarnings annotations. A few of them, not all, are no longer needed because code's been made generic, APIs improved, etc. Is there a way to find out which of those annotations…
Bob Jacobsen
  • 1,150
  • 6
  • 9
4
votes
1 answer

How to mark false positive in spotbug report

I went through the documentation of spotbug https://spotbugs.readthedocs.io/en/stable/ However information on false positive is not comprehensive. Kindly help me with the steps to mark certain bug reported as false positive and so that those are not…
subir
  • 310
  • 4
  • 13
4
votes
4 answers

Integrating Spotbugs into Maven Pom - Won't generate a report?

I am in the middle of trying to integrate the Maven Spotbugs plugin into my project's pom.xml file and make it so that it will generate a report in the "Project Reports" section after running the "mvn site" command. I am able to get other reports,…
macdoodles
  • 83
  • 1
  • 9
4
votes
1 answer

Relationship of FindBugs bug rank, category and type

I'm using FindBug and I want to understand the .XML report generated by it for documentation purpose. Sample I got is below. So as it…
prime
  • 14,464
  • 14
  • 99
  • 131
3
votes
3 answers

spotbugs configuration in gradle build not working correctly (full build throws error while individual subproject runs without any output for spotbugs

I have been trying to run spotbugs plugin on my projects using a global build.gradle setup. The plugin is added and seems that build is running. Build and spotbugsMain both are successful when I run them using ./gradlew…
hariom
  • 51
  • 1
  • 5
3
votes
0 answers

SpotBugs ignore whole directory in src folder

Hy, In my maven setup, I have a plugin, which generates source code and puts it into my java src folder. As this code is auto generated, I'd like to exclude it from all SpotBugs checks. The file structure is as follows: -- src | ---…
Chris
  • 432
  • 3
  • 14
3
votes
1 answer

Suppress Spotbugs warnings globally

I have one warning from spotbugs. This is suppressed with @SuppressFBWarnings in all those files. I need to find a way to suppress this from one place so that I don't have to @SuppressFBWarnings in each file in that package.
Chitransh Saxena
  • 43
  • 1
  • 7
3
votes
2 answers

Spotbugs build issue

Built failed while creating aws-sdk-v2 jars due to spotbugs plugin. Steps to reproduce the error: clone latest version of aws-sdk-java-v2 In terminal, go to directory and run mvn clean install Error: Failed to execute goal…
Noura
  • 149
  • 1
  • 2
  • 9
3
votes
2 answers

SonarQube FindBugs analyzer (with SpotBugs 3.1.0-RC6) does not suport JDK 11

I migrated my application to OpenJDK11 and Jenkins build is failing because Findbug is no longer supported. The plugin : sonar-maven-plugin - Is internally calling Findbug in java 11 env and it's breaking the Jenkins build How do I migrate this…
nanospeck
  • 3,388
  • 3
  • 36
  • 45
1
2
3
10 11