-
## [Should issue warning for SecureRandom object created and used only once](https://github.com/spotbugs/spotbugs/issues/1464)
I found a false negative when spotbugs-maven-plugin checked [the follo…
-
## Description
`log4j-bom` inherits from `logging-parent`. Unfortunately, this results in `log4j-bom` managing a number of dependencies that are unrelated to a consumer's use of Log4j2. Those depen…
-
Question:
Task Name: Maven
Environment: Azure Pipelines, hosted agent
The Maven task has the option of enabling Findbugs static analysis tool. Findbugs seems to be [no longer be maintained](h…
-
FindbugsParser.ParseReportOutput methods can only parse bugInstance of spotbugs.xml, but spotbugs can give missing class and error reports.
So add ParseMissingClassReportOutput and ParseErrorClassRep…
-
**Describe the bug**
When attempting to disable the spotbugsIntegrationTest task in a separate spotbugs.gradle file and then applying this file in the main build.gradle, I encounter a groovy.lang.Mis…
-
detected at https://github.com/checkstyle/checkstyle/pull/14117?notification_referrer_id=NT_kwDOAAxnuLE4Njc0Mzg0MTcxOjgxMjk4NA#issuecomment-1844198684
exceptions in ctors are added in scope of http…
-
It's sad, but the FindBugs is announced as dead: https://mailman.cs.umd.edu/pipermail/findbugs-discuss/2017-September/004383.html
All further development is moved to SpotBugs. It will be fine to sw…
-
Attempted to implement Shenmon's Javafx-gradle plugin but experienced a travis build failure. The plugin is fairly old: https://bitbucket.org/shemnon/javafx-gradle/
This allowed spotbugs to work but …
-
When using AGP 3.6.0 + Gradle 5.6.4 I can't run SpotBugs task successfully.
The following error gets thrown on a normal `build` task:
(Caused by: org.gradle.api.InvalidUserDataException: No classe…
-
#### Feature summary
Spotbugs (4.7.3.6) correctly identifies missing assertions, as documented in https://assertj.github.io/doc/#forgetting-to-call-an-assertion
Is there a way to have the same b…