sbt / sbt-findbugs Goto Github PK
View Code? Open in Web Editor NEWFindBugs static analysis plugin for sbt.
License: Eclipse Public License 1.0
FindBugs static analysis plugin for sbt.
License: Eclipse Public License 1.0
When I try to put
findbugsReportType := Some(FindbugsReportType.FancyHtml)
in build.sbt
Instead it...
Complains "Cannot resolve symbol FindbugsReportType"
Solution
Show full working examples of what settings should look like in the build.sbt file instead of PARTIAL examples that are ambiguous
There seems to be a trend with everything SBT related to give ambiguous and incomplete information devoid of clear working examples.
Erics-MBP-2:pci-enclave eric.kolotyluk$ sbt findbugs
[warn] Executing in batch mode.
[warn] For better performance, hit [ENTER] to switch to interactive mode, or
[warn] consider launching sbt without any commands, or explicitly passing 'shell'
[info] Loading project definition from /Users/eric.kolotyluk/perforceRoot/nds/servers/projects/pci-enclave/project
/Users/eric.kolotyluk/perforceRoot/nds/servers/projects/pci-enclave/build.sbt:84: error: not found: value FindbugsReportType
findbugsReportType := Some(FindbugsReportType.FancyHtml)
^
[error] Type error in expression
Version 1.4.0 is referenced in the README but it does not exist in the SBT community repository.
Could you provide an example of setting findbugsReportPath? I would like the report to be generated in target/findbugs/findbugs.xml. Not sure how to do that in Scala.
The README says that the default value is:
Some(crossTarget / "findbugs" / "report.xml"
which seems syntactically incorrect (there is no closing parenthesis) and doesn't seem to match the actual location, which is:
target/scala-2.10/findbugs/findbugs.xml
What line do I put into my build.sbt to set the report path to target/findbugs/findbugs.xml?
Thanks so much
Is there any work underway to customise the findbugs rules for Scala?
I've installed findbugs4sbt
but the core findbugs rules produce lots of false positives around class & method naming conventions that are caused by Scala.
I can't be the first person to notice this -- surely all other users of findbugs4sbt must have the same problems?
Is there a project that has a ruleset for findbugs which is customised to work well with Scala? (Both by removing/fixing rules which give false positives in Scala and also by adding new Scala specific rules.)
If so, I would think that we should add it to the README, as it seems likely to be a FAQ.
If not, perhaps we should start one? Would that be considered out of scope for findbugs4sbt
itself?
Does anyone has a small documented guide on how to use this tool?
It would be nice if the plugin would work with both scala versions. Need to wait for the sbt release on 2.11
http://stackoverflow.com/questions/23282469/does-sbt-builds-againts-scala-2-11
While findbugs code has a good base set of rules, most of Findbug's bug patterns are defined in findbugs-contrib
.
It looks to me like findbugs4sbt
doesn't include findbugs-contrib
by default. Is that correct?
If so, we should probably add it by default (or at least add easy to follow instructions to the docs on how to include).
The README.md file contains this section:
findbugsReportType
Description: Optionally selects the output format for the FindBugs report.
Accepts: Some(FindbugsReportType.{Xml, Html, PlainHtml, FancyHtml, FancyHistHtml, Emacs, Xdoc})
Default: Some(FindbugsReportType.Xml)
But it seems that FindbugsReportType
should be FindbugsReport
It looks like it's been awhile since we've had a release
@jmhofer would you be able to release a new version?
Add support for auto plugins in sbt 0.13.5
Findbugs 3..0 is released.
I am currently unsure of what can be done, suggestions ?
Adding findbugs4sbt and configured with ReportType.Html
does not generate a Html report.
The play-consoles displays:
[play-findbugs4sbt] $ findbugs:findbugsReportType
[info] Some(-html)
The output directory (target/scala-2.10/findbugs/) has only the file "findbugs.xml"
For configuration see https://github.com/carestra/play-findbugs4sbt
It should generate HTML output for a report.
Instead it crashes.
Generating the XML works fine though and I can render the XML to HTML with the standalone findbugs
binary.
Configuration is
addSbtPlugin("com.github.sbt" % "sbt-findbugs" % "2.0.0")
in project/plugins.sbt
, findbugsReportType := Some(FindbugsReport.Html)
in build.sbt
.
Then output is as follows (same for the other report types apart from the XML one):
sbt findbugs
[info] Loading settings from credentials.sbt,plugins.sbt,idea.sbt ...
[info] Loading global plugins from /home/olof/.sbt/1.0/plugins
Waiting for lock on /home/olof/.ivy2/.sbt.ivy.lock to be available...
[info] Loading settings from plugins.sbt ...
[info] Loading project definition from /home/olof/src/<project>/project
[info] Loading settings from build.sbt ...
[info] Set current project to libplugin (in build file:/home/olof/src/<project>/)
[info] Compiling 1 Scala source to /home/olof/src/<project>/target/classes ...
[info] Done compiling.
[error] Warning: at xsl:variable on line 349 column 56 of default.xsl:
[error] SXWN9001: A variable with no following sibling instructions has no effect
[error] Warning: at xsl:variable on line 352 column 59 of default.xsl:
[error] SXWN9001: A variable with no following sibling instructions has no effect
[error] Error on line 72 of default.xsl:
[error] SEPM0009: Values of 'standalone' and 'omit-xml-declaration' conflict
[error] The following errors occurred during analysis:
[error] Could not generate HTML output
[error] net.sf.saxon.trans.XPathException: Values of 'standalone' and 'omit-xml-declaration' conflict
[error] At net.sf.saxon.serialize.XMLEmitter.writeDeclaration(XMLEmitter.java:229)
[error] At net.sf.saxon.serialize.XMLEmitter.openDocument(XMLEmitter.java:162)
[error] At net.sf.saxon.serialize.XMLEmitter.characters(XMLEmitter.java:576)
[error] At net.sf.saxon.serialize.XMLIndenter.indent(XMLIndenter.java:315)
[error] At net.sf.saxon.serialize.XMLIndenter.startElement(XMLIndenter.java:113)
[error] At net.sf.saxon.event.ProxyReceiver.startElement(ProxyReceiver.java:132)
[error] At net.sf.saxon.event.NamespaceReducer.startElement(NamespaceReducer.java:73)
[error] At net.sf.saxon.event.ComplexContentOutputter.startContent(ComplexContentOutputter.java:566)
[error] At net.sf.saxon.event.ComplexContentOutputter.startElement(ComplexContentOutputter.java:189)
[error] At net.sf.saxon.expr.instruct.ElementCreator.processLeavingTail(ElementCreator.java:443)
[error] At net.sf.saxon.expr.instruct.ElementCreator.processLeavingTail(ElementCreator.java:389)
[error] At net.sf.saxon.expr.instruct.Block.processLeavingTail(Block.java:669)
[error] At net.sf.saxon.expr.instruct.Instruction.process(Instruction.java:144)
[error] At net.sf.saxon.expr.instruct.ElementCreator.processLeavingTail(ElementCreator.java:450)
[error] At net.sf.saxon.expr.instruct.ElementCreator.processLeavingTail(ElementCreator.java:389)
[error] At net.sf.saxon.expr.instruct.Template.applyLeavingTail(Template.java:336)
[error] At net.sf.saxon.trans.Mode.applyTemplates(Mode.java:1124)
[error] At net.sf.saxon.Controller.transformDocument(Controller.java:2106)
[error] At net.sf.saxon.Controller.transform(Controller.java:1705)
[error] At net.sf.saxon.s9api.XsltTransformer.transform(XsltTransformer.java:547)
[error] At net.sf.saxon.jaxp.TransformerImpl.transform(TransformerImpl.java:179)
[error] At edu.umd.cs.findbugs.HTMLBugReporter.finish(HTMLBugReporter.java:73)
[error] At edu.umd.cs.findbugs.DelegatingBugReporter.finish(DelegatingBugReporter.java:89)
[error] At edu.umd.cs.findbugs.DelegatingBugReporter.finish(DelegatingBugReporter.java:89)
[error] At edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1138)
[error] At edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:283)
[error] At edu.umd.cs.findbugs.FindBugs.runMain(FindBugs.java:402)
[error] At edu.umd.cs.findbugs.FindBugs2.main(FindBugs2.java:1200)
[error] At edu.umd.cs.findbugs.LaunchAppropriateUI.launch(LaunchAppropriateUI.java:106)
[error] At edu.umd.cs.findbugs.LaunchAppropriateUI.main(LaunchAppropriateUI.java:198)
[error] Warnings generated: 90
[success] Total time: 24 s, completed 24-May-2018 12:40:35
Given the poor handling of the recent security incident (https://arstechnica.com/information-technology/2021/09/travis-ci-flaw-exposed-secrets-for-thousands-of-open-source-projects/) I'm suspending Travis CI integration indefinitely.
Let's move on to GitHub Actions.
There are some java8 related bugs that were fixed in Findbugs 3.0.1, in particular, the current version (3.0.0) throws a medium level warning due to an unused private method when the method is actually used via method reference.
See: https://sourceforge.net/p/findbugs/bugs/1370/
Fixed in Findbugs 3.0.1
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.