search

spotbugs / spotbugs-gradle-plugin

https://plugins.gradle.org/plugin/com.github.spotbugs
Apache License 2.0
178 stars 68 forks source link

Configurations for effort and reportLevel are broken. #972

Open victorwss opened 11 months ago

victorwss commented 11 months ago

I am using spotbugs gradle plugin version 6.0.0-beta.3 with Spotbugs 4.7.3, Gradle 8.4-rc-2 and Java 21.

Trying to recompile an old project give some problems. It seems that the effort and reportLevel are broken.

My gradle file used to contain that:

spotbugs {
    toolVersion = versionSpotBugs
    effort = "max"
    reportLevel = "low"
    omitVisitors = ["WeakExceptionMessaging", "OverlyPermissiveMethod"]
    ignoreFailures = true
}

It gives the following error:

Cannot set the value of extension 'spotbugs' property 'effort' of type com.github.spotbugs.snom.Effort using an instance of type java.lang.String.

After fixing it, it also complains about reportLevel not being an instance of Confidence. For fixing it, I needed to change it to that:

spotbugs {
    toolVersion = versionSpotBugs
    effort = com.github.spotbugs.snom.Effort.MAX
    reportLevel = com.github.spotbugs.snom.Confidence.values()[0]
    omitVisitors = ["WeakExceptionMessaging", "OverlyPermissiveMethod"]
    ignoreFailures = true
}

Using com.github.spotbugs.snom.Confidence.LOW doesn't works for some reason that I couldn't understand, it seems that it somehow wrongly thinks that LOW is a class.

Anyway, I doubt that this change was intended, at least not in the way it is.

I can provide a minimal project reproducing it, if you really need to.

hazendaz commented 11 months ago

Hi @victorwss, try taking a look over at spotbugs main project https://github.com/spotbugs/spotbugs/blob/master/gradle/java.gradle. I just got that updated to 6.0.0-beta.3 and like you likely ran into it did not work per release notes options to try. Not sure if it will help you or not but worth taking a look.

KengoTODA commented 11 months ago

Could you check "Changes for Kotlin buildscripts" in the changelog for beta.1 release? Hope that it helps you.

Vest commented 11 months ago

I confirm, my Gradle project doesn't like "low" as a string too. I had to use Confidence.valueOf('low') to overcome the error. But unfortunately, the import of the package doesn't work either. It seems that the classpath doesn't have required jars, or so.

victorwss commented 11 months ago

So, if I'm understanding correctly, this was somewhat intended?

Anyway, it would be really appreciated if you could somehow either completely forgive the user for that or perhaps give a warning and continue business as usual in order to avoid breaking existing buildscripts without an outstanding reason for that when people are just bumping up dependencies.

Or, at least fail with a very clear and direct error message telling what should be done to fix other than just "Dude, it is not a string anymore, it is now an enum. Good luck figuring out in Google how to fill in this correctly."

Or minimally, make reportLevel = com.github.spotbugs.snom.Confidence.LOW work.

Anyway, the change is not a big deal. For now, I will stick to effort = com.github.spotbugs.snom.Effort.MAX and reportLevel = com.github.spotbugs.snom.Confidence.valueOf("LOW") (as suggested by @Vest). No need to import stuff because that don't really make the situation any better.

Keep up with the good job!

Vest commented 10 months ago

try taking a look over at spotbugs main project

I have stolen your code from the java.build file:

def classLoader = plugins['com.github.spotbugs'].class.classLoader
def SpotBugsTask = classLoader.findLoadedClass( 'com.github.spotbugs.snom.SpotBugsTask' )
def SpotBugsEffort = classLoader.findLoadedClass( 'com.github.spotbugs.snom.Effort' )
def SpotBugsConfidence = classLoader.findLoadedClass( 'com.github.spotbugs.snom.Confidence' )
...
reportLevel = SpotBugsConfidence.LOW

Seems it does the job. Can you please tell me, why is this working? Why have you decided to write it like that? When I was trying to write import com.github.spotbugs.snom.Confidence, I was always getting an error Could not get unknown property 'com' for extension 'spotbugs' of type java.lang.Object.

hazendaz commented 10 months ago

Hi @Vest I'm still too new to gradle to understand the why. I had issues to until I did that. It didn't quite make sense to me either. If I recall, I saw another part of the script that did something similar so I gave that a shot.

sebastian-peter commented 9 months ago

Same problem here, using a separate gradle file to configure spotbugs. Using the classloader works, but seems a bit hacky to me - there has to be a better way?

javintx commented 9 months ago

Same problem here, using a separate gradle file to configure spotbugs. Using the classloader works, but seems a bit hacky to me - there has to be a better way?

I'm using the gradle plugin 6.0.2 with gradle 8.5 and I have the same problem. I'm using a separate gradle file to configure spotbugs. The classloader solution works fine, but it's too tricky and a bit ugly.

When I was trying to write import com.github.spotbugs.snom.Confidence, I was always getting an error Could not get unknown property 'com' for extension 'spotbugs' of type java.lang.Object. And the same for the effort value.

Is there a better way to configure spotbugs in a different gradle file?

pbilstein commented 9 months ago

Same problem here as @javintx and @sebastian-peter

Using a separate groovy gradle file to configure spotbugs and using ugly classloader workaround works. Would like to get rid of it.

ArtemioRamirez commented 6 months ago

Having the same issue the example shown on https://github.com/spotbugs/spotbugs-gradle-plugin using 

// require Gradle 8.2+
import com.github.spotbugs.snom.Confidence
import com.github.spotbugs.snom.Effort
spotbugs {
    ignoreFailures = false
    showStackTraces = true
    showProgress = true
    effort = Effort.DEFAULT
    reportLevel = Confidence.DEFAULT
    visitors = listOf("FindSqlInjection", "SwitchFallthrough")
    omitVisitors = listOf("FindNonShortCircuit")
    reportsDir = file("$buildDir/spotbugs")
    includeFilter = file("include.xml")
    excludeFilter = file("exclude.xml")
    baselineFile = file("baseline.xml")
    onlyAnalyze = listOf("com.foobar.MyClass", "com.foobar.mypkg.*")
    maxHeapSize = "1g"
    extraArgs = listOf("-nested:false")
    jvmArgs = listOf("-Duser.language=ja")
}

Literally doesn't work and will fail with message:

Cannot set the value of extension 'spotbugs' property 'reportLevel' of type com.github.spotbugs.snom.Confidence using an instance of type java.lang.Class.

KaurKadakWise commented 6 months ago

Same error for me, could not add import com.github.spotbugs.snom.Effort into gradle file using Groovy DSL. Encountered exception

ASullivan219 commented 5 months ago

Same problem here for me as well cannot import the Confidence object. The only thing that works is the class loader option referenced above from the user Vest.

Azhrei commented 5 months ago

Another bump.

This is fairly important — the documentation describes how to do something and it CLEARLY doesn't work. This is going to trip up a lot of developers until either the documentation is corrected or the bug is fixed!

ben-wharton commented 3 months ago

Unfortunately spent a lot of time trying to fix this issue, didn't find a better solution than the classloader solution above.

NaradaBW commented 1 month ago

same

david-vasconcelos-tw commented 1 month ago

same here

kybercryst4l commented 2 weeks ago

Until it's fixed i'm using:

import com.github.spotbugs.snom.Confidence
import com.github.spotbugs.snom.Effort
spotbugs {
   effort = Effort.MAX
   // 0: LOW, 1: MEDIUM, 2: DEFAULT, 3: HIGH
   reportLevel = Confidence.values()[2]
   [...]
}

Using Effort.MAX is woking, if not, Effort.values()[2] should also work.