Skip to content
This repository has been archived by the owner on Oct 21, 2021. It is now read-only.
/ findbugs4sbt Public archive
forked from sbt/sbt-findbugs

An SBT plug-in that adds a "findbugs" task to SBT for static code analysis of Java code via the great "FindBugs" tool.

3 stars 13 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

AlejandroRivera/findbugs4sbt

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

132 Commits
project
project
 
 
src/main
src/main
 
 
.gitignore
.gitignore
 
 
build.sbt
build.sbt
 
 
publish.sbt
publish.sbt
 
 
readme.md
readme.md
 
 

Repository files navigation

findbugs4sbt - Static code analysis via FindBugs from within SBT

This SBT plug-in enables you to analyze your (Java) code with the help of the great FindBugs tool. It defines a findbugs sbt action for that purpose.

Version 1.4.0 of this plug-in is available for SBT 0.13.x.

Getting findbugs4sbt

findbugs4sbt is hosted at the sbt Community Repository. This repository is automatically available from within SBT. This means that you just have to add findbugs4sbt as a plug-in to your project (see the next section).

If you want to go bleeding edge, you can also:

git clone https://github.com/sbt/findbugs4sbt.git
cd findbugs4sbt 
sbt publish-local

Adding findbugs4sbt as a plug-in to your project

Add the following to your project's build.sbt file:

import de.johoop.findbugs4sbt.FindBugs._

findbugsSettings

Also, you have to add the plugin dependency to your project's ./project/plugins.sbt or the global .sbt/plugins/build.sbt:

addSbtPlugin("de.johoop" % "findbugs4sbt" % "1.4.0")

The old settings specified below are still mostly valid, but they're now specified using the settings system of SBT 0.13.

Executing Findbugs

You can execute findbugs to analyze your project and produce a report.

You can execute findbugs-check to analyze your project, produce an XML report and automatically break the build if issues are found.

You can also execute findbugs-gui to display Findbugs GUI. If you previously generated a report, it will be automatically loaded.

Defining exclude/include filters

Defining filters inline

Just use Scala inline XML for the setting, for example:

findbugsIncludeFilters := Some(<FindBugsFilter>
  <Match>
    <Class name="de.johoop.Meep" />
  </Match>
</FindBugsFilter>)

Using filter files

You can also read the filter settings from files in a more conventional way:

findbugsIncludeFilters := Some(scala.xml.XML.loadFile(baseDirectory.value / "findbugs-include-filters.xml"))

Or, when your configuration is zipped and previously published to a local repo:

findbugsIncludeFilters := {
  val configFiles = update.value.select(module = moduleFilter(name = "velvetant-sonar"))
  val configFile = configFiles.headOption flatMap { zippedFile =>
    IO.unzip(zippedFile, target.value / "rules") find (_.name contains "velvetant-sonar-findbugs.xml")
  }

  configFile map scala.xml.XML.loadFile orElse sys.error("unable to find config file in update report")
}

Settings

(see also the FindBugs documentation)

findbugsReportType

  • Description: Optionally selects the output format for the FindBugs report.
  • Accepts: Some(ReportType.{Xml, Html, PlainHtml, FancyHtml, FancyHistHtml, Emacs, Xdoc})
  • Default: Some(ReportType.Xml)

findbugsReportPath

  • Description: Target path of the report file to generate (optional).
  • Accepts: any legal file path
  • Default: Some(crossTarget.value / "findbugs" / "report.xml")

findbugsPriority

  • Description: Suppress reporting of bugs based on priority.
  • Accepts: Priority.{Relaxed, Low, Medium, High}
  • Default: Priority.Medium

findbugsEffort

  • Description: Decide how much effort to put into analysis.
  • Accepts: Effort.{Minimum, Default, Maximum}
  • Default: Effort.Default

findbugsOnlyAnalyze

  • Description: Optionally, define which packages/classes should be analyzed.
  • Accepts: An option containing a List[String] of packages and classes.
  • Default: None (meaning: analyze everything).

findbugsMaxMemory

  • Description: Maximum amount of memory to allow for FindBugs (in MB).
  • Accepts: any reasonable amount of memory as an integer value
  • Default: 1024

findbugsAnalyzeNestedArchives

  • Description: Whether FindBugs should analyze nested archives or not.
  • Accepts: true and false
  • Default: true

findbugsSortReportByClassNames

  • Description: Whether the reported bug instances should be sorted by class name or not.
  • Accepts: true and false
  • Default: false

findbugsIncludeFilters

  • Description: Optional filter file XML content defining which bug instances to include in the static analysis.
  • Accepts: None and Option[Node]
  • Default: None (no include filters).

findbugsExcludeFilters

  • Description: Optional filter file XML content defining which bug instances to exclude in the static analysis.
  • Accepts: None and Some[Node]
  • Default: None (no exclude filters).

findbugsAnalyzedPath

  • Description: The path to the classes to be analyzed.
  • Accepts: any sbt.Path
  • Default: Seq(classDirectory in Compile value)

Contributors

Thanks to @asflierl and @anishathalye for their contributions!

License

Copyright (c) 2011 - 2014 Joachim Hofer & contributors

All rights reserved.

This program and the accompanying materials are made available under the terms of the Eclipse Public License v1.0 which accompanies this distribution, and is available at http://www.eclipse.org/legal/epl-v10.html

About

An SBT plug-in that adds a "findbugs" task to SBT for static code analysis of Java code via the great "FindBugs" tool.

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

16 tags

Packages

No packages published

Languages

  • Scala 60.0%
  • HTML 40.0%