quality@glassfish.java.net

Re: New Findbugs Reports

From: Bill Pugh <pugh_at_cs.umd.edu>
Date: Fri, 29 Sep 2006 14:10:20 -0400

Cool.

You are using FindBugs 1.0.0. You should really move up to FindBugs
1.1.0 (or wait a few days, for FindBugs 1.1.1, which will be released
within a week).


Two big changes:

* Reclassification of a lot of bugs so that the Correctness
categories contains only the stuff that makes you go "Yow! We should
fix that ASAP". Some bugs previously classified as correctness, such
as a class that overrides equals but not hashCode, have been
reclassified as Bad Practice or Dodgy code (the new name for what was
previously classified as Style problems).

* Significant improvements to the null pointer bug detection. We now
report about twice as many null pointer bugs without increasing the
number of false positives.

More details about FindBugs 1.1.0 at:
        http://findbugs.sourceforge.net/

Bill

On Sep 29, 2006, at 1:28 PM, Aditya Dada wrote:

> Hi All,
>
> We are regularly running FindBugs - the static analysis tool, on
> Glassfish. Recent results have been posted on the Glassfish Quality
> Portal (https://glassfish.dev.java.net/quality/) under "Testing
> Project Glassfish -> FindBugs Reports".
>
> The results were generated by analyzing Platform Edition and
> Enterprise Edition jar files for GlassFish. Only high priority
> warnings were generated in order to keep the number of warnings
> manageable, and also because our goal is to go through the high
> priority warnings and try and fix them before tackling the medium
> priority ones.
>
> The reports are available in 2 formats: Full and Detailed.
>
> Full report includes warnings that are sorted by type.
> Detailed report provides links on the top of the report to see
> Summary, Analysis Information, Bugs by Category or Bugs by Package
>
> If you have any questions regarding the reports, please let me know.
>
> Thanks,
> -Aditya