[jboss-dev] FindBugs Reports

Anil Saldhana Anil.Saldhana at redhat.com
Thu Oct 1 12:34:35 EDT 2009 

And why would you decorate your source code with FindBugs specific 
annotations?

Kabir Khan wrote:
> Sorry, yes I meant maven
> On 1 Oct 2009, at 17:19, Paul Gier wrote:
>
>   
>> You mean in our Maven repo?  Sure, I can add it today.
>>
>> Kabir Khan wrote:
>>     
>>> Paul,
>>> Can we get the latest findbugs plugin in our svn please?
>>> On 30 Sep 2009, at 14:50, Anil Saldhana wrote:
>>>       
>>>> AndyM was saying that before log trace call is finally written to  
>>>> the
>>>> sink, there is some overhead in creating objects etc which are just
>>>> thrown away if trace is not enabled.  So rather than figure out  
>>>> whether
>>>> trace is enabled upfront, log4j does this check at the time of  
>>>> writing
>>>> after having done some processing.
>>>>
>>>> David M. Lloyd wrote:
>>>>         
>>>>> Sometimes.  But doing:
>>>>>
>>>>>  log.trace("foo");
>>>>>
>>>>> is faster than:
>>>>>
>>>>>  if (log.isTraceEnabled()) log.trace("foo");
>>>>>
>>>>> because there's no computation involved in the log parameter, so  
>>>>> it's just
>>>>> a plain method call, and the internal impl will do the same check  
>>>>> anyway.
>>>>>
>>>>> - DML
>>>>>
>>>>> On 09/29/2009 10:53 AM, Anil Saldhana wrote:
>>>>>
>>>>>           
>>>>>> Additionally, as we discussed, flagging log.trace/debug without  
>>>>>> the
>>>>>> log.isTraceEnabled/debugEnabled wrappers.  That may be a feature.
>>>>>>
>>>>>> Jesper Pedersen wrote:
>>>>>>
>>>>>>             
>>>>>>> http://findbugs.sourceforge.net/bugDescriptions.html
>>>>>>>
>>>>>>> looks for doPrivileged in the descriptions.
>>>>>>>
>>>>>>>
>>>>>>> On Tuesday 29 September 2009 11:46:36 Anil Saldhana wrote:
>>>>>>>
>>>>>>>
>>>>>>>               
>>>>>>>> I am wondering if FindBugs does flag the lack of privileged  
>>>>>>>> blocks
>>>>>>>> around sensitive ops such as loadClass, setTCCL etc?  I cannot  
>>>>>>>> find any
>>>>>>>> reference online.
>>>>>>>>
>>>>>>>> David M. Lloyd wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>                 
>>>>>>>>> Does FindBugs support using @SuppressWarnings() or similar?   
>>>>>>>>> This is what
>>>>>>>>> I do with IDEA and it works well.  I use @SuppressWarnings  
>>>>>>>>> (on classes,
>>>>>>>>> members, or local var declarations) or "//noinspection" for  
>>>>>>>>> other cases,
>>>>>>>>> and then add a comment beforehand explaining why the problem  
>>>>>>>>> isn't really
>>>>>>>>> a problem.
>>>>>>>>>
>>>>>>>>> - DML
>>>>>>>>>
>>>>>>>>> On 09/29/2009 08:38 AM, Jesper Pedersen wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>                   
>>>>>>>>>> Hi.
>>>>>>>>>>
>>>>>>>>>> Please, add a FindBugs filter file to the configuration  
>>>>>>>>>> where we can add
>>>>>>>>>> exclusions - f.ex. org.jfree (unless someone wants to submit  
>>>>>>>>>> patches
>>>>>>>>>> upstream).
>>>>>>>>>>
>>>>>>>>>> Feel free to rip the JBJCA setup :)
>>>>>>>>>>
>>>>>>>>>> Best regards,
>>>>>>>>>>  Jesper
>>>>>>>>>>
>>>>>>>>>> On Monday 28 September 2009 22:33:22 Shelly McGowan wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>                     
>>>>>>>>>>> I've published the FindBugs report set up by the JBoss QA  
>>>>>>>>>>> team run
>>>>>>>>>>> against JBoss AS. The reports can be viewed here:
>>>>>>>>>>>
>>>>>>>>>>> http://hudson.jboss.org/hudson/view/JBoss%20AS/job/JBoss-AS-6.0.x-findb
>>>>>>>>>>> ugs/ 8/findbugsResult
>>>>>>>>>>>
>>>>>>>>>>> This report shows a total of 5675 warnings, 877 of which are
>>>>>>>>>>> categorized as High Priority.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> The report for Branch_5_x can be viewed here:
>>>>>>>>>>>
>>>>>>>>>>> http://hudson.jboss.org/hudson/view/JBoss%20AS/job/JBoss-AS-5.x-findbug
>>>>>>>>>>> s/2/ findbugsResult/
>>>>>>>>>>>
>>>>>>>>>>> The Branch_5_x report has 6089 warnings, 977 High Priority.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> These issues should be addressed when committing to trunk or
>>>>>>>>>>> Branch_5_x. Take time out to look at the report data.  Most  
>>>>>>>>>>> of the
>>>>>>>>>>> warnings can be easily addressed.
>>>>>>>>>>>
>>>>>>>>>>> I've started a parent JIRA task for tracking:
>>>>>>>>>>>
>>>>>>>>>>> https://jira.jboss.org/jira/browse/JBAS-7295
>>>>>>>>>>>
>>>>>>>>>>> and will create subtasks as needed after additional review  
>>>>>>>>>>> of the
>>>>>>>>>>> report data.

More information about the jboss-development mailing list