-
## Issue Description
When running sonar rules on java code that has the following construct:
https://docs.oracle.com/en/java/javase/17/language/pattern-matching-instanceof-operator.html#GUID-843…
mpet updated
9 months ago
-
### Expected Behavior
The [`CustomizableHtmlReport` interface](https://docs.gradle.org/7.3/javadoc/org/gradle/api/reporting/CustomizableHtmlReport.html) provides methods for [lazy configura…
-
Version: 4.7.3
I found a false negative about the rule [NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION](https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#np-method-tightens-nullness-annotatio…
-
Vulnerable Library - spotbugs-4.7.3.jar
Path to dependency file: /build.gradle
Path to vulnerable library: /home/wss-scanner/.gradle/caches/modules-2/files-2.1/org.apache.bcel/bcel/6.5.0/79b1975ec0…
-
I downloaded standalone spotbugs binary distributions. I am able to use the gui to upload a jar file for analysis. But after analysis the code does not show on the source code pane when I select a bug…
-
Although `enum`s are `Serializable`, they don't behave the same way as other `Serializable`s, and do not require their fields be `transient` or `Serializable`.
So, my understanding is that spotbugs…
-
I fairly often forget to pass values to String.format() that I intended to format. This results in exceptions at runtime, but could certainly be cought by static code analysis.
In other words, Spot…
-
We are using [Guava Immutable objects](https://guava.dev/releases/snapshot/api/docs/com/google/common/collect/ImmutableCollection.html) in our project, and from SpotBugs 4.3.0 we have SpotBugs failure…
-
I found false negatives on DMI_HARDCODED_ABSOLUTE_FILENAME when using SpotBugs to analyze my history code.
> This code constructs a File object using a hard coded to an absolute pathname (e.g., new F…
-
spotbugsMain {
sourceDirs = sourceSets.main.allSource.srcDirs
classDirs = sourceSets.main.output
auxClassPaths = sourceSets.main.compileClasspath
}
how to config these property? i …