Bill Shannon wrote:
> Wow, FindBugs errors went to zero and no one noticed? Are you sure the
> report is correct?
I do not know whether the report is correct.
>
> Rather than going deeper, I'd suggest going broader. Nearly every high
> priority error is a real bug. Many of the medium priority errors require
> more analysis and judgment to determine whether they're really errors.
>
> The "developer report" only addresses a subset of all the code in
> GlassFish.
> The "fancy report" (which is using FindBugs 1.3.6-rc1) still shows
> lots of
> high priority issues. No doubt some of them are in code that we don't
> touch, and so should be excluded. But the rest should be addressed.
If we are seeing high priority issues in the binary components that we
are using... we should push the publishers to fix them. Especially the
stuff that comes out of open source projects.
Were is this 'fancy report' published?
>
> And isn't it past time to integrate these two reports, possibly using the
> Hudson FindBugs plugin?
That makes sense to me.
I thought Maven could generate a FindBugs report as part of its
'standard' build process... I thought it can make a whole site of
reports that would help us keep track of the state of our code.
vbk
>
>