Stack Overflow
Stack Overflow

Questions tagged [spotbugs]

SpotBugs is a program which uses static analysis to look for bugs in Java code. SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community.

SpotBugs is a program which uses static analysis to look for bugs in Java, Groovy, Kotlin, Scala, JSP and Closure code.

SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with the support of its community. It is free software, distributed under the terms of the Lesser GNU Public License.

SpotBugs requires JRE (or JDK) 1.8.0 or later to run. However, it can analyze programs compiled for any version of Java, from 1.0 to 1.9.

165 questions
0
votes
1 answer

ImageView causing UI_INHERITANCE_UNSAFE_GETRESOURCE error from Spotbugs

I am trying to create an ImageView with an Image object which displays a .jpg picture. When I run "mvn clean install", this is the error message I receive: UI_INHERITANCE_UNSAFE_GETRESOURCE I am futhermore provided with this information: Usage of…
Sebastian Sole
  • 55
  • 4
0
votes
1 answer

Static analysis using Spotbugs in Jenkins from git hub project

i am trying to do static analysis using spotbugs in jenkins from github project (multi module ) all module have different spotbugxml.xml file in target (it is not in main target folder ) and pom.xml but when i am trying to static analysis , jenkins…
devendra patidar
  • 1
0
votes
0 answers

Why can I not find com.github.spotbugs:spotbugs-gradle-plugin?

Since yesterday I get the problem that the spotbugs gradle plugin cannot be found. The Version we are looking for is 4.7.1. Gradle Error: Could not find com.github.spotbugs:spotbugs-gradle-plugin I configured the following…
Josef Schauer
  • 1
  • 2
0
votes
1 answer

Spotbugs with Gradle show the both reports

I'm using Spotbugs with Gradle. I moved from Maven to Gradle recently, then I realized that there're many differences between the same plugin in both builder tools... For example, I would like to see Spotbugs GUI with the result of bugs... In Maven…
rios0rios0
  • 735
  • 7
  • 20
0
votes
0 answers

Godot Input Bug, or am I missing something?

I’m making a top-down rpg game, and I want to use the arrow keys to move the player. I keep running into a problem where if all 4 keys are held down at once and then released at roughly the same time, the player starts moving in a direction, usually…
Asbestos
  • 51
  • 1
  • 5
0
votes
1 answer

SonarQube 9.0 - FindBugs/SpotBugs plugin?

Small question regarding SonarQube, the 9.0 version of SonarQube. I went to the market place after installation in order to download some plugins, and found the FindBugs/SpotBugs plugin is absent. May I ask what is the root cause, and how to perform…
PatPanda
  • 3,644
  • 9
  • 58
  • 154
0
votes
1 answer

Exclude LocalDate class for checking by SpotBugs plugin

I'm getting SpotBugs warning with code 'EI_EXPOSE_REP2' for class field private final LocalDate localDate I'm trying to exclude this check for java.util.LocalDate class for whole app. I tried to use annotation @SuppressFBWarnings("EI_EXPOSE_REP2")…
евгений кунцевич
  • 21
  • 7
0
votes
0 answers

Exclude Paths/Folders with Spotbug

I would like to exclude a specific Folder from a Spotbug scan. I tried several solutions but none of them worked for me. Firstly I tried to write into .gitlab-ci.yml which Paths to exclude but I had no luck with that. Secondly I created an XML File…
Mieju
  • 1
  • 1
0
votes
2 answers

How to integrate find-sec-bugs in spotbugs?

Recently I downloaded the findsecbugs-plugin-1.11.0.jar in order to use it in spotbugs. I copied this jar file to the folder plugin of the project spotbugs(4.1.4). I execute spotbugs making use of ant. When I run the ant target I get the following…
J_aka_J
  • 1
0
votes
0 answers

Use custom SpotBugs plugin in multi-module maven project

I have create a custom SpotBugs plugin for maven like described here in a multi-module maven project. But I cannot figure out how to use it. There really is not much documentation or examples for this. Like described here I have used pluginList and…
Sakkaku
  • 1
  • 1
  • 2
0
votes
1 answer

I have a bug "Method may fail to clean up stream or resource" in findBugs and I don't know how to solve this bug, so can someone solve it please?

This method may fail to clean up (close, dispose of) a stream, database object, or other resource requiring an explicit cleanup operation. In general, if a method opens a stream or other resource, the method should use a try/finally block to ensure…
Salama
  • 1
  • 1
0
votes
1 answer

CE_CLASS_ENVY Method excessively uses methods of another class Java

Spotbug is giving the violation for the below code @SpringBootTest @ActiveProfiles("test") class LocationServiceTest { @MockBean LocationService locationService; @Test void shouldFetchAllLocation_whenQueried() { …
Pandit Biradar
  • 1,777
  • 3
  • 20
  • 35
0
votes
1 answer

Reason why findsecbugs report the vulnerabilities in the code segment of the imported library

As shown in the picture below, line 18 shows that a hard-coded vulnerability was scanned. But it does not report the issue when I import this flagged module in other files. And strangely, it also reports this problem when I remove the flagged…
j0ck
  • 1
  • 1
0
votes
1 answer

Plugin definition in settings.xml is not accepting build tag

I would like to define global plugin inside of my Settings.xml file looks like: spotbugs com.github.spotbugs
Mithrand1r
  • 2,313
  • 9
  • 37
  • 76
0
votes
1 answer

maven spotbugs doesn't generate report

I configured maven spotbugs plugin based on docs on its website, but it doesn't generate report. This was a line I saw when running mvn site -X > [INFO] 15 reports detected for > maven-project-info-reports-plugin:3.1.0: ci-management,…
Jahan Zinedine
  • 14,616
  • 5
  • 46
  • 70
1 2 3
10 11