Hi Marina,
I just checked and I now know the reason.
Since FindBugs only needs jar files to run on, so instead of installing
glassfish, we copy the glassfish snapshot jar file:
\\koori.sfbay\onestop\glassfish\nightly\SunOS\glassfish-image\jars\glassfish-image-SNAPSHOT.jar
...unzip it to get all the jars, and then extract a list of all "*.jar"
files.
It looks like since toplink-essentials jar is present in the snapshot as
"toplink-essentials.jar.pack.gz", it was left out while extracting
"*.jar" files.
I also see some other files that may have been left out of the findbugs
analysis.
I'm fixing this right now...
-aditya
Marina Vatkina changed the world a bit at a time, and said on 9/18/2006
6:59 PM:
>Aditya.
>
>I checked the report named Sep112006fb.html and toplink-essentials.jar is
>missing from the list of jars. Do you know the reason for that?
>
>thanks,
>-marina
>
>Aditya Dada wrote On 09/14/06 16:51,:
>
>
>>I'm sure everyone must have seen the daily FindBugs reports that Terena
>>produces on the nightly glassfish builds.
>>
>>While working with Jerome, Tony and Geoff, we too came to the conclusion
>>that there were way too many warnings for people to go through.
>>So while I had personally filed laundry-list bugs in the last release
>>for each component that were reported to have bugs by the tool, I'm am
>>currently working with Terena to implement the 'delta' feature i.e. the
>>daily email will contain a small list of bugs that were introduced last
>>night (as found by FindBugs of course).
>>
>>the list would be much more readable, and hence, the bugs much easier to
>>identify and fix.
>>
>>till then, if you're interested in knowing the bugs in your area, click
>>on any HTML file at:
>>http://javaweb.sfbay/java/re/glassfish/9.1/nightly/findbugs/snapshot/
>>...and grep for the package that you work on.
>>
>>Also, like Bill just mentioned, FindBugs has the ability to use filters
>>i.e. you can choose to filter out some warnings that are false
>>positives. If there are any such warnings that you'd like filtered out,
>>please let me know and I can work with Terena to incorporate that in the
>>daily FindBugs run.
>>
>>-Aditya
>>
>>
>>Kohsuke Kawaguchi changed the world a bit at a time, and said on
>>9/14/2006 6:57 PM:
>>
>>
>>
>>
>>>Peter Williams wrote:
>>>
>>>
>>>
>>>
>>>>IMO, far too much human interpretation is currently required of the
>>>>results to eliminate false positives to allow any of these options to
>>>>be practical at this time. This goes for FindBugs and PMD as I've
>>>>used those two. Not sure about any others, but I would expect there
>>>>as well.
>>>>
>>>>
>>>Amen to that.
>>>
>>>The best place to do such static analysis is when you are typing code.
>>>IOW, static code analysis should be a part of the IDE. Then you have
>>>natural incentive to fix those, and it also makes you productive as it
>>>catches common data-flow related errors, too.
>>>
>>>The problem with having a separate report later, especially with a
>>>large project like Glassfish, is that for any one developer the S/N
>>>ratio is way too low. Remember, for one developer, everybody else's
>>>problems count as noise. So in practice nothing gets done.
>>>
>>>That said, running it once and fixing obvious problems sound like a
>>>reasonable thing to do.
>>>
>>>
>>>
>>
>>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
>For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
>
>
>
--
"Any project can be estimated accurately (once it's completed)."