I was asking because now the source will have a dependence on FindBugs
at compile time? I understand the "suppresswarning" intent.
David M. Lloyd wrote:
So that you can have findbugs configured to be quite sensitive, but
also be
able to silence false alarms (with an explanation).
- DML
On 10/01/2009 11:34 AM, Anil Saldhana wrote:
> And why would you decorate your source code with FindBugs specific
> annotations?
>
> Kabir Khan wrote:
>
>> Sorry, yes I meant maven
>> On 1 Oct 2009, at 17:19, Paul Gier wrote:
>>
>>
>>
>>> You mean in our Maven repo? Sure, I can add it today.
>>>
>>> Kabir Khan wrote:
>>>
>>>
>>>> Paul,
>>>> Can we get the latest findbugs plugin in our svn please?
>>>> On 30 Sep 2009, at 14:50, Anil Saldhana wrote:
>>>>
>>>>
>>>>> AndyM was saying that before log trace call is finally written to
>>>>> the
>>>>> sink, there is some overhead in creating objects etc which are just
>>>>> thrown away if trace is not enabled. So rather than figure out
>>>>> whether
>>>>> trace is enabled upfront, log4j does this check at the time of
>>>>> writing
>>>>> after having done some processing.
>>>>>
>>>>> David M. Lloyd wrote:
>>>>>
>>>>>
>>>>>> Sometimes. But doing:
>>>>>>
>>>>>> log.trace("foo");
>>>>>>
>>>>>> is faster than:
>>>>>>
>>>>>> if (log.isTraceEnabled()) log.trace("foo");
>>>>>>
>>>>>> because there's no computation involved in the log parameter,
so
>>>>>> it's just
>>>>>> a plain method call, and the internal impl will do the same
check
>>>>>> anyway.
>>>>>>
>>>>>> - DML
>>>>>>
>>>>>> On 09/29/2009 10:53 AM, Anil Saldhana wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> Additionally, as we discussed, flagging log.trace/debug
without
>>>>>>> the
>>>>>>> log.isTraceEnabled/debugEnabled wrappers. That may be a
feature.
>>>>>>>
>>>>>>> Jesper Pedersen wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>>
http://findbugs.sourceforge.net/bugDescriptions.html
>>>>>>>>
>>>>>>>> looks for doPrivileged in the descriptions.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Tuesday 29 September 2009 11:46:36 Anil Saldhana
wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>> I am wondering if FindBugs does flag the lack of
privileged
>>>>>>>>> blocks
>>>>>>>>> around sensitive ops such as loadClass, setTCCL etc?
I cannot
>>>>>>>>> find any
>>>>>>>>> reference online.
>>>>>>>>>
>>>>>>>>> David M. Lloyd wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> Does FindBugs support using @SuppressWarnings()
or similar?
>>>>>>>>>> This is what
>>>>>>>>>> I do with IDEA and it works well. I use
@SuppressWarnings
>>>>>>>>>> (on classes,
>>>>>>>>>> members, or local var declarations) or
"//noinspection" for
>>>>>>>>>> other cases,
>>>>>>>>>> and then add a comment beforehand explaining why
the problem
>>>>>>>>>> isn't really
>>>>>>>>>> a problem.
>>>>>>>>>>
>>>>>>>>>> - DML
>>>>>>>>>>
>>>>>>>>>> On 09/29/2009 08:38 AM, Jesper Pedersen wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> Hi.
>>>>>>>>>>>
>>>>>>>>>>> Please, add a FindBugs filter file to the
configuration
>>>>>>>>>>> where we can add
>>>>>>>>>>> exclusions - f.ex. org.jfree (unless someone
wants to submit
>>>>>>>>>>> patches
>>>>>>>>>>> upstream).
>>>>>>>>>>>
>>>>>>>>>>> Feel free to rip the JBJCA setup :)
>>>>>>>>>>>
>>>>>>>>>>> Best regards,
>>>>>>>>>>> Jesper
>>>>>>>>>>>
>>>>>>>>>>> On Monday 28 September 2009 22:33:22 Shelly
McGowan wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> I've published the FindBugs report
set up by the JBoss QA
>>>>>>>>>>>> team run
>>>>>>>>>>>> against JBoss AS. The reports can be
viewed here:
>>>>>>>>>>>>
>>>>>>>>>>>>
http://hudson.jboss.org/hudson/view/JBoss%20AS/job/JBoss-AS-6.0.x-findb
>>>>>>>>>>>> ugs/ 8/findbugsResult
>>>>>>>>>>>>
>>>>>>>>>>>> This report shows a total of 5675
warnings, 877 of which are
>>>>>>>>>>>> categorized as High Priority.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> The report for Branch_5_x can be viewed
here:
>>>>>>>>>>>>
>>>>>>>>>>>>
http://hudson.jboss.org/hudson/view/JBoss%20AS/job/JBoss-AS-5.x-findbug
>>>>>>>>>>>> s/2/ findbugsResult/
>>>>>>>>>>>>
>>>>>>>>>>>> The Branch_5_x report has 6089 warnings,
977 High Priority.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> These issues should be addressed when
committing to trunk or
>>>>>>>>>>>> Branch_5_x. Take time out to look at the
report data. Most
>>>>>>>>>>>> of the
>>>>>>>>>>>> warnings can be easily addressed.
>>>>>>>>>>>>
>>>>>>>>>>>> I've started a parent JIRA task for
tracking:
>>>>>>>>>>>>
>>>>>>>>>>>>
https://jira.jboss.org/jira/browse/JBAS-7295
>>>>>>>>>>>>
>>>>>>>>>>>> and will create subtasks as needed after
additional review
>>>>>>>>>>>> of the
>>>>>>>>>>>> report data.