-
For a personal project, I use the created sarif from the analysis to automatically parse an Pojo (https://github.com/Contrast-Security-OSS/java-sarif) so i can work on the java object after that. When…
-
It's being inherited from `log4j-bom`. In 3.2.x (Log4j 2.21), it's contributing management for the following dependencies:
- `biz.aQute.bnd:biz.aQute.bnd.annotation:6.4.1`
- `com.github.spotbugs:s…
-
I'm not sure since when this is broken: all descriptions on https://spotbugs.github.io/spotbugs-maven-plugin/plugin-info.html and all goals like https://spotbugs.github.io/spotbugs-maven-plugin/check-…
-
Customer feedback:
I would like to see a tool like spotbugs that can do static analysis on class files.
-
**Problem**
Sometimes specific Goals fail to be forked
~**Verification required**
We suspect that issue this is the result of an edge case where the `groupId` of the forked goal is inherited from…
-
I have the Exception by scanning with Ant:
[spotbugs] edu.umd.cs.findbugs.ba.DataflowAnalysisException: not enough values on stack: access=1, avail=0
[spotbugs] At edu.umd.cs.findbu…
-
I'm trying to understand why SpotBugs doesn't report DLS_DEAD_LOCAL_STORE warnings for primitive types.
I've noticed that when I assign a value to a primitive type variable and then don't use it la…
-
This issue needs to go into the backlog until the underly problem with Spotbugs/FindSecBugs is resolved:
https://github.com/spotbugs/spotbugs/issues/527
Spotbugs works properly, however the build outp…
-
Hey, can somebody write a linter for this? @mr-karan ? This is strategically important and would need a proper linter with good configurability.
-
I would be interested to put some effort to build a modern website. It would make it clear that SpotBugs is the modern version of FindBugs. Also, it would be cool to build. 😎
I would keep it simpl…