5

I also asked this question on the SpotBugs issue tracker.

Sorry, still using FindBugs, but we have a ticket in our backlog to upgrade to SpotBugs, and as far as I understand, configuration is the same and I only need to update groupId, artifactId and version.

This is a piece from my pom.xml:

      <plugin>
        <groupId>org.codehaus.mojo</groupId>
        <artifactId>findbugs-maven-plugin</artifactId>
        <version>${findbugs.version}</version>
        <executions>
          <execution>
            <phase>verify</phase>
            <goals>
              <goal>check</goal>
            </goals>
          </execution>
        </executions>
        <configuration>
          <effort>Max</effort>
          <threshold>High</threshold>
          <xmlOutput>true</xmlOutput>
          <failOnError>true</failOnError>
          <excludeFilterFile>findbugs-filter.xml</excludeFilterFile>
          <skip>false</skip>
          <plugins>
            <plugin>
              <groupId>com.mebigfatguy.fb-contrib</groupId>
              <artifactId>fb-contrib</artifactId>
              <version>${fb-contrib.version}</version>
            </plugin>
            <plugin>
              <groupId>com.h3xstream.findsecbugs</groupId>
              <artifactId>findsecbugs-plugin</artifactId>
              <version>${findsecbugs.version}</version>
            </plugin>
          </plugins>
        </configuration>
      </plugin>

I run the following command:

mvn verify

This generates a file target/findbugsXML.xml which contains BugInstances that look like this:

<BugCollection sequence='0' release='' analysisTimestamp='1554129043559' version='3.0.1' timestamp='1554129041000'>
    <BugInstance instanceOccurrenceNum='0' instanceHash='8dc725917956f30f9b8ab828a70d6420' rank='16' abbrev='Bx'
                 category='PERFORMANCE' priority='1' type='DM_BOXED_PRIMITIVE_TOSTRING' instanceOccurrenceMax='0'>
        <ShortMessage>Method allocates a boxed primitive just to call toString</ShortMessage>
        <LongMessage>Primitive boxed just to call toString in com.itextpdf.barcodes.Barcode128.setCode(String)
        </LongMessage>
        <Class classname='com.itextpdf.barcodes.Barcode128' primary='true'>
            <SourceLine classname='com.itextpdf.barcodes.Barcode128' start='67' end='900'
                        sourcepath='com/itextpdf/barcodes/Barcode128.java' sourcefile='Barcode128.java'>
                <Message>At Barcode128.java:[lines 67-900]</Message>
            </SourceLine>
            <Message>In class com.itextpdf.barcodes.Barcode128</Message>
        </Class>
        <Method isStatic='false' classname='com.itextpdf.barcodes.Barcode128' signature='(Ljava/lang/String;)V'
                name='setCode' primary='true'>
            <SourceLine endBytecode='579' classname='com.itextpdf.barcodes.Barcode128' start='682' end='718'
                        sourcepath='com/itextpdf/barcodes/Barcode128.java' sourcefile='Barcode128.java'
                        startBytecode='0'></SourceLine>
            <Message>In method com.itextpdf.barcodes.Barcode128.setCode(String)</Message>
        </Method>
        <Method isStatic='false' role='METHOD_CALLED' classname='java.lang.Integer' signature='()Ljava/lang/String;'
                name='toString'>
            <SourceLine endBytecode='31' classname='java.lang.Integer' start='935' end='935'
                        sourcepath='java/lang/Integer.java' sourcefile='Integer.java' startBytecode='0'></SourceLine>
            <Message>Called method Integer.toString()</Message>
        </Method>
        <Method isStatic='true' role='SHOULD_CALL' classname='java.lang.Integer' signature='(I)Ljava/lang/String;'
                name='toString'>
            <Message>Should call Integer.toString(int) instead</Message>
        </Method>
        <SourceLine endBytecode='135' classname='com.itextpdf.barcodes.Barcode128' start='699' end='699'
                    sourcepath='com/itextpdf/barcodes/Barcode128.java' sourcefile='Barcode128.java' startBytecode='135'
                    primary='true'>
            <Message>At Barcode128.java:[line 699]</Message>
        </SourceLine>
    </BugInstance>
    ...
</BugCollection>

I would like to use this report as a baseline, to prevent new Findbugs errors from creeping in, so I would like to convert this report to a excludeFilterFile.

For the snippet above, the syntax should become:

<FindBugsFilter>
    <Match>
        <Class name="com.itextpdf.barcodes.Barcode128" />
        <Method name="setCode" params="java.lang.String" returns="void" />
        <Bug pattern="DM_BOXED_PRIMITIVE_TOSTRING" />
    </Match>
</FindBugsFilter>

According to this Stack Overflow answer, what I should do, is:

  • run a build to generate target/findbugsXML.xml (already done)
  • run mvn findbugs:gui
  • load the findbugsXml.xml file
  • select the root node of the warnings (because I want all warnings)
  • save the exclusions to findbugs-filter.xml

When I do that, I get a findbugs-filter.xml file with the following content:

<FindBugsFilter></FindBugsFilter>

That's an empty filter file.

So what am I doing wrong here? What is the correct way to generate a filter file? I hope that I don't have to do it manually, because there are literally hundreds of warnings.

Amedee Van Gasse
  • 7,280
  • 5
  • 55
  • 101

0 Answers0