Automatic bug detection with SpotBugs and Maven

Apr 2, 2019 by Thibault Debatty | 3274 views

Java

https://cylab.be/blog/19/automatic-bug-detection-with-spotbugs-and-maven

SpotBugs is a fantastic tool to help you write beter java code! It performs static code analysis (SA) and uses a database of more then 400 bug patterns to detect potential bugs in your code.

It is also very simple to install and use: simply add the provided maven plugin in the build/plugins section your pom.xml:

<!-- SpotBugs : https://spotbugs.github.io/ -->
<!-- run with mvn spotbugs:check and mvn spotbugs:gui -->
<plugin>
    <groupId>com.github.spotbugs</groupId>
    <artifactId>spotbugs-maven-plugin</artifactId>
    <version>3.1.11</version>
</plugin>

To run SpotBugs, simply type

mvn spotbugs:check

SpotBugs even has a built-in GUI to help you analyze and fix the discovered bugs. You can run it by typing

mvn spotbugs:gui

If you want to automatically run SpotBugs during the build lifecycle, add an execution entry to your plugin:

<!-- SpotBugs : https://spotbugs.github.io/ -->
<!-- run with mvn spotbugs:check and mvn spotbugs:gui -->
<plugin>
    <groupId>com.github.spotbugs</groupId>
    <artifactId>spotbugs-maven-plugin</artifactId>
    <version>3.1.11</version>
    <executions>
        <execution>
            <id>check</id>
            <phase>verify</phase>
            <goals>
                <goal>check</goal>
            </goals>
        </execution>
    </executions>
</plugin>

This will run SpotBugs each time the verify phase is executed...

This blog post is licensed under CC BY-SA 4.0

Automatic UML diagram generation for Maven projects
Documenting your project is an important part of good software development. Creating and maintaining UML diagrams is one of the things to do. Luckily, there is a maven plugin that does this automatically for you...
Jan 6, 2021 | 7650 views
Implement a Java detector for the Multi-Agent Ranking framework
In previous blog posts we showed how to inject a stream of data in the Multi-Agent Ranking framework, and how to use the built-in detectors to produce a ranking. This time we show how to implement your own detection algorithms.
Dec 21, 2020 | 1811 views
Compute code coverage for a multi-module maven project with Jacoco
In a previous blog post, we showed how to use Jacoco to check the code coverage of your tests in a maven Java project. If your project is substantial, you will have multiple maven modules. So how can we compute the global code coverage?
Oct 6, 2020 | 23725 views
This website uses cookies. More information about the use of cookies is available in the cookies policy.
Accept