search

spotbugs / spotbugs-maven-plugin

Maven Mojo Plug-In to generate reports based on the SpotBugs Analyzer
https://spotbugs.github.io/spotbugs-maven-plugin/
Apache License 2.0
69 stars 51 forks source link

plugin build setting #673

Closed dylan-tao closed 5 months ago

dylan-tao commented 5 months ago

Describe the feature

maven build target file: spotbugs.html,support set htmlOutputDirectory, current: /target/spotbugs.html, but xml can customize the directory settings.

<configuration>
  <htmlOutputDirectory>${project.reporting.outputDirectory}</htmlOutputDirectory>
</configuration>
dylan-tao commented 5 months ago

Describe the feature

maven build target file: spotbugs.html,support set htmlOutputDirectory, current: /target/spotbugs.html, but xml can customize the directory settings.

<configuration>
  <htmlOutputDirectory>${project.reporting.outputDirectory}</htmlOutputDirectory>
</configuration>

How is the progress now?

hazendaz commented 5 months ago

Hi @dylan-tao. What is the need to do that? Can you explain what you are after here? Maybe contribute a PR once its understood if its necessary or not.

dylan-tao commented 5 months ago

To make it clearer for team members to view bug lists and statistics in HTML instead of XML. For example: PMD plug-ins can be customized, the report generated to the same directory, you can better manage code quality.

@jsotuyod make it clearer for team members to view bug lists and statistics in HTML instead of XML. For example: PMD plug-ins can be customized, the report generated to the same directory, you can better manage code quality.

dylan-tao commented 5 months ago

Hi @dylan-tao. What is the need to do that? Can you explain what you are after here? Maybe contribute a PR once its understood if its necessary or not.

please see here: https://github.com/mathieucarbou/license-maven-plugin/issues/673

hazendaz commented 5 months ago

@dylan-tao Can you offer up a pull request on this feature? I'm limited in time and it would be easier if you do that to get support out.

hazendaz commented 5 months ago

closing as this is already present in support.

See

    /**
     * Location where generated html will be created.
     *
     */
    @Parameter(defaultValue = '${project.reporting.outputDirectory}', required = true)
    File outputDirectory
dylan-tao commented 4 months ago

closing as this is already present in support.

See

    /**
     * Location where generated html will be created.
     *
     */
    @Parameter(defaultValue = '${project.reporting.outputDirectory}', required = true)
    File outputDirectory

spotbugs config:

<configuration>
<includeFilterFile>maven-archiver/spotbugs/official-include-ruleset.xml</includeFilterFile>
<excludeFilterFiles>maven-archiver/spotbugs/official-exclude-ruleset.xml</excludeFilterFiles>
<htmlOutput>true</htmlOutput>
<outputDirectory>${project.reporting.outputDirectory}</outputDirectory>
<xmlOutputDirectory>${project.report.cache.directory}</xmlOutputDirectory>
<spotbugsXmlOutputDirectory>${project.report.cache.directory}</spotbugsXmlOutputDirectory>
<spotbugsXmlOutputFilename>spotbugs-plugin-report.xml</spotbugsXmlOutputFilename>
</configuration>

@hazendaz, When I set outputDirectory to generate html report will report an error. Theoretically, xml generation should be necessary, and it needs to be translated from xml to html. The following error will be reported:

[INFO] --- spotbugs-maven-plugin:4.8.2.0:spotbugs (spotbugs) @ beeico-base ---
[INFO] Fork Value is true
     [java] The following errors occurred during analysis:
     [java]   Could not generate HTML output
     [java]     java.lang.RuntimeException: Error while disabling XML external entities
     [java]       At edu.umd.cs.findbugs.xml.XMLUtil.buildTransformerFactory(XMLUtil.java:60)
     [java]       At edu.umd.cs.findbugs.HTMLBugReporter.finish(HTMLBugReporter.java:69)
     [java]       At edu.umd.cs.findbugs.BugReportDispatcher.lambda$forEach$13(BugReportDispatcher.java:124)

It is recommended to refer to PMD's settings to unify directory management: targetDirectory (xml generation directory) and rulesetsTargetDirectory (configuration rule file storage directory), and then html is generated under ${project.reporting.outputDirectory} by default

hazendaz commented 3 months ago

Just quick circle back on this, your issue is likely a library mismatch and presumably you are using > java 9. The issue is not with the directory, its failing to prevent XXE due to missing library. That tends to lean on library mismatch since java 8. The actual code you are looking at is here https://github.com/spotbugs/spotbugs/blob/6fe5ba97f8769af2b264920fe07d8d3cace9242b/spotbugs/src/main/java/edu/umd/cs/findbugs/xml/XMLUtil.java#L53.

I don't understand your comments on PMD. That is an entirely different plugin.