-
We aim to meet the OpenSSF Best Practices passing or higher badge level. One of the requirements is to run static code analysis on the project's source code.
See the "Analysis" section here: https:…
-
For some time, we have a `@Null` ([source](https://github.com/libgdx/libgdx/blob/master/gdx/src/com/badlogic/gdx/utils/Null.java)) annotation in libGDX. This triggered a discussion on the Discord serv…
-
SpotBugs version: 4.8.6.4 (but the bug seems to occur in all 4.8 versions)
Java: 21
Consider the attached mini project: [spotbugs.tar.gz](https://github.com/user-attachments/files/17295369/spotbugs.…
mbert updated
1 month ago
-
For example, if I want to ignore the RV_RETURN_VALUE_IGNORED_BAD_PRACTICE warning but only when the bug detail text states "Exceptional return value of java.io.File.mkdirs() ignored". Is that possible…
-
## Environment
| Component | Version |
| ------------------ | ------- |
| Java | 8 |
| SpotBugs | 4.7.3 |
| FindSecBugs | 1.12.0 |
## Problem
F…
-
Example 1: Report the vulnerability in the code segment of the imported library
Exa…
-
As a galasa contributor, I want to know what coding standards and best practices are used, so that I can contribute to the same level of standard as other contributors.
## Tasks
- [ ] The team shou…
-
Currently FindBugs settings ignore all medium-priority issues. It's bad, because this level contains NPE checks and other serious issues.
TODOs:
Remove filtering of medium-priority issues by settin…
timja updated
4 years ago
-
We currently have a few hundred `:all` bottles in this repository. I count another 200 or so more (see candidate formulae below) that could have an `:all` bottle but don't currently have one.
These…
-
CodeNarc sensor reports a lot of errors like:
```
Compilation failed for [CustomCompilerPhaseSourceDecorator[SourceString[import jenkins.model.Jenkins
// full source code
; org.codehaus.groovy.c…