-
The nullness checker of SpotBugs ignores the JSR308 `TYPE_USE` annotations like `org.checkerframework.checker.nullness.qual.Nullable`. This specific annotation is known to SpotBugs since https://githu…
-
-
It seems, that RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE is still behaving different based on the JDK used in some situations. I expected my problems to be solved with #259, #647, #1248 or #1250, but t…
-
Hi,
I'm using Spotbugs together with the Find Security Bugs plugin and for regulatory reasons I have to document that the plugin was included in the scan. Reports already contain the version of Spo…
-
I wish the package/modules (at least for ddd/event) were "Null marked". `@Nullmarked` being the annotation provided by https://jspecify.dev. Although I wouldn't care if another JPMS compatible library…
-
Product Infos
IntelliJ SpotBugs plugin: 1.2.7
IDEA: IntelliJ IDEA 2022.2.3
IDEA-Build: IU-222.4345.14, October 5, 2022
JRE: 17.0.4.1+7-b469.62 aarch64
JVM: OpenJDK 64-Bit Server VM JetBrains s.r.…
-
Assuming [JEP 411](https://openjdk.java.net/jeps/411) is accepted, `DoInsideDoPrivileged` will be issuing recommendations to insert API calls which are slated to be officially deprecated and either de…
-
spotbugs added https://spotbugs.readthedocs.io/en/stable/bugDescriptions.html#ct-constructor-throw, which is an unlikely attack vector that can be mitigated by making classes final.
With bytecode m…
-
- Find if SpotBugs can contribute to Security Score?
- PoC identify ways to integrate it into the core
Ref: https://github.com/spotbugs/spotbugs
-
This issue is meant to discuss **best practices** for how to pass additional, user-configurable options to a detector. As far as I can see, there are three alternatives to do so:
1. Pass the option…