Re: [jboss-dev] FindBugs Reports

I was asking because now the source will have a dependence on FindBugs at compile time? I understand the "suppresswarning" intent. David M. Lloyd wrote: > So that you can have findbugs configured to be quite sensitive, but also be > able to silence false alarms (with an explanation). > > - DML > > On 10/01/2009 11:34 AM, Anil Saldhana wrote: > >> And why would you decorate your source code with FindBugs specific >> annotations? >> >> Kabir Khan wrote: >> >>> Sorry, yes I meant maven >>> On 1 Oct 2009, at 17:19, Paul Gier wrote: >>> >>> >>> >>>> You mean in our Maven repo? Sure, I can add it today. >>>> >>>> Kabir Khan wrote: >>>> >>>> >>>>> Paul, >>>>> Can we get the latest findbugs plugin in our svn please? >>>>> On 30 Sep 2009, at 14:50, Anil Saldhana wrote: >>>>> >>>>> >>>>>> AndyM was saying that before log trace call is finally written to >>>>>> the >>>>>> sink, there is some overhead in creating objects etc which are just >>>>>> thrown away if trace is not enabled. So rather than figure out >>>>>> whether >>>>>> trace is enabled upfront, log4j does this check at the time of >>>>>> writing >>>>>> after having done some processing. >>>>>> >>>>>> David M. Lloyd wrote: >>>>>> >>>>>> >>>>>>> Sometimes. But doing: >>>>>>> >>>>>>> log.trace("foo"); >>>>>>> >>>>>>> is faster than: >>>>>>> >>>>>>> if (log.isTraceEnabled()) log.trace("foo"); >>>>>>> >>>>>>> because there's no computation involved in the log parameter, so >>>>>>> it's just >>>>>>> a plain method call, and the internal impl will do the same check >>>>>>> anyway. >>>>>>> >>>>>>> - DML >>>>>>> >>>>>>> On 09/29/2009 10:53 AM, Anil Saldhana wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>>> Additionally, as we discussed, flagging log.trace/debug without >>>>>>>> the >>>>>>>> log.isTraceEnabled/debugEnabled wrappers. That may be a feature. >>>>>>>> >>>>>>>> Jesper Pedersen wrote: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>> http://findbugs.sourceforge.net/bugDescriptions.html >>>>>>>>> >>>>>>>>> looks for doPrivileged in the descriptions. >>>>>>>>> >>>>>>>>> >>>>>>>>> On Tuesday 29 September 2009 11:46:36 Anil Saldhana wrote: >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>>> I am wondering if FindBugs does flag the lack of privileged >>>>>>>>>> blocks >>>>>>>>>> around sensitive ops such as loadClass, setTCCL etc? I cannot >>>>>>>>>> find any >>>>>>>>>> reference online. >>>>>>>>>> >>>>>>>>>> David M. Lloyd wrote: >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> Does FindBugs support using @SuppressWarnings() or similar? >>>>>>>>>>> This is what >>>>>>>>>>> I do with IDEA and it works well. I use @SuppressWarnings >>>>>>>>>>> (on classes, >>>>>>>>>>> members, or local var declarations) or "//noinspection" for >>>>>>>>>>> other cases, >>>>>>>>>>> and then add a comment beforehand explaining why the problem >>>>>>>>>>> isn't really >>>>>>>>>>> a problem. >>>>>>>>>>> >>>>>>>>>>> - DML >>>>>>>>>>> >>>>>>>>>>> On 09/29/2009 08:38 AM, Jesper Pedersen wrote: >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> Hi. >>>>>>>>>>>> >>>>>>>>>>>> Please, add a FindBugs filter file to the configuration >>>>>>>>>>>> where we can add >>>>>>>>>>>> exclusions - f.ex. org.jfree (unless someone wants to submit >>>>>>>>>>>> patches >>>>>>>>>>>> upstream). >>>>>>>>>>>> >>>>>>>>>>>> Feel free to rip the JBJCA setup :) >>>>>>>>>>>> >>>>>>>>>>>> Best regards, >>>>>>>>>>>> Jesper >>>>>>>>>>>> >>>>>>>>>>>> On Monday 28 September 2009 22:33:22 Shelly McGowan wrote: >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> I've published the FindBugs report set up by the JBoss QA >>>>>>>>>>>>> team run >>>>>>>>>>>>> against JBoss AS. The reports can be viewed here: >>>>>>>>>>>>> >>>>>>>>>>>>> http://hudson.jboss.org/hudson/view/JBoss%20AS/job/JBoss-AS-6.0.x-findb >>>>>>>>>>>>> ugs/ 8/findbugsResult >>>>>>>>>>>>> >>>>>>>>>>>>> This report shows a total of 5675 warnings, 877 of which are >>>>>>>>>>>>> categorized as High Priority. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> The report for Branch_5_x can be viewed here: >>>>>>>>>>>>> >>>>>>>>>>>>> http://hudson.jboss.org/hudson/view/JBoss%20AS/job/JBoss-AS-5.x-findbug >>>>>>>>>>>>> s/2/ findbugsResult/ >>>>>>>>>>>>> >>>>>>>>>>>>> The Branch_5_x report has 6089 warnings, 977 High Priority. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> These issues should be addressed when committing to trunk or >>>>>>>>>>>>> Branch_5_x. Take time out to look at the report data. Most >>>>>>>>>>>>> of the >>>>>>>>>>>>> warnings can be easily addressed. >>>>>>>>>>>>> >>>>>>>>>>>>> I've started a parent JIRA task for tracking: >>>>>>>>>>>>> >>>>>>>>>>>>> https://jira.jboss.org/jira/browse/JBAS-7295 >>>>>>>>>>>>> >>>>>>>>>>>>> and will create subtasks as needed after additional review >>>>>>>>>>>>> of the >>>>>>>>>>>>> report data. _______________________________________________ jboss-development mailing list jboss-development(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-development