FindBugs is another tool that uses static analysis to inspect Java bytecode for bugs in a Java code. It is based on the concept of bug patterns. A bug pattern is a code snippet that is often an error.
Let us see how we can use the Maven FindBugs plugin to analyze and identify defects in our code:
mvn clean compile findbugs:findbugs
[INFO] --- maven-compiler-plugin:3.1:compile (default-compile) @ project-with-violations --- [INFO] Changes detected - recompiling the module! [INFO] Compiling 1 source file to C:projectsapache-maven cookbookproject-with-violations argetclasses [INFO] [INFO] --- findbugs-maven-plugin:3.0.0:findbugs (default-cli) @ project-with-violations --- [INFO] Fork Value is true [java] Warnings generated: 3 [INFO] Done FindBugs Analysis....
findbugsXml.xml
in the target
folder:When the findbugs
goal of the FindBugs plugin is run, it analyzes the bytecode and reports errors to an output file in the XML format. Unlike Checkstyle and the PMD plugins, it does not generate a default site report unless configured differently.
FindBugs also provides several options that allow you to specify the classes to be included/excluded from analysis, specify the rules to be run, and to fail when errors crop up during the build. Let's briefly discuss some examples that describe the basic usage of the FindBugs plugin:
<plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findbugs-maven-plugin</artifactId> <version>3.0.1-SNAPSHOT</version> <configuration> <excludeFilterFile>findbugs exclude.xml</excludeFilterFile> <includeFilterFile>findbugs-include.xml</includeFilterFile> </configuration> </plugin>
<plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>findbugs-maven-plugin</artifactId> <version>3.0.1-SNAPSHOT</version> <configuration> <visitors>FindDeadLocalStores,UnreadFields</visitors> </configuration> </plugin>
13.58.220.83