The new home of the FindBugs project

Issues
  • Java 9 support

    Java 9 support

    • [x] Need updated ASM (6.0 snapshot works fine)
      • [x] We should temporarily host and build against a snapshot build, I can upload one
    • [x] Need updated BCEL ?(current snapshot seem to work but probably lacks some new constructs). See #106 for BCEL update evaluation.
    • [x] Need JRT FS support (I have a patch, missing: multi-module packages)
      • [x] Need update of runtime requirements and build to Java 8 (I have a patch)
    • [x] Need Eclipse plugin support (I have a patch)
    • [x] Need proper update of JavaVersion parser (see #75 , must be adopted)
    • [x] Requires minor version number increase (3.0 -> 3.1) at least.
    enhancement java9 
    opened by iloveeclipse 22
  • Clarify the license of com.google.code.findbugs : jsr305 : 3.0.1

    Clarify the license of com.google.code.findbugs : jsr305 : 3.0.1

    The maven artifact containing the JSR 305 annotations on Maven Central [1] declares the Apache License 2 as the license to use for the JSR305 annotations. However, the FindBugs project states that all source code is licensed under the LGPL [2].

    Which one is true?

    [1] http://search.maven.org/#artifactdetails|com.google.code.findbugs|jsr305|3.0.1|jar [2] http://findbugs.sourceforge.net/

    opened by ctron 14
  • Evaluate BCEL 6 update strategies

    Evaluate BCEL 6 update strategies

    BCEL 6 broke every single API by moving all types in different package structure, see https://issues.apache.org/jira/browse/BCEL-222. No comments about that move.

    However, to get up to date with latest Java 9 fixes in BCEL we have either to break every FB plugin/user (because we exposed BCEL in FB API all over the place, see for example use of org.apache.bcel.classfile.JavaClass) and ship totally incompatible FB 4.0, or we need to backport BCEL 6 changes to the "old" package structure.

    I'm investigating the later one.

    OK, I've managed to rename the packages back (see https://github.com/iloveeclipse/commons-bcel/tree/old_structure) and with few (not committed) FB changes I was able to run FB with that BCEL version. Problem: it simply doesn't work in few cases anymore, neither on Java 8 nor on Java 9. I had few different exceptions, which I'm not sure where the root cause is - new BCEL code or missing adoption on FB side: bcel_test_result.txt

    Now I'm going to break FB API and use BCEL as is, just to test if BCEL 6 "unchanged" will work with FB.

    java9 
    opened by iloveeclipse 12
  • IllegalArgumentException in OpcodeStack.constantToInt

    IllegalArgumentException in OpcodeStack.constantToInt

    Using findbugs-3.0.1, we run into the following situation during analysis: [findbugs] Executing findbugs FindBugsTask from ant task [findbugs] Running FindBugs... [findbugs] The following errors occurred during analysis: [findbugs] Error processing2 < I, 1 >iadd< Ljava/lang/String;, "", r4 > @ 706 in workflow.fileupload.swift.mt101.Mt101MultibankingWorkflowTest.testMultibankingOkWithMultipleASeqs : ()V [findbugs] java.lang.IllegalArgumentException: [findbugs] At edu.umd.cs.findbugs.OpcodeStack.constantToInt(OpcodeStack.java:2179) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.pushByIntMath(OpcodeStack.java:3198) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.sawOpcode(OpcodeStack.java:1644) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory$JumpStackComputation.sawOpcode(OpcodeStack.java:2846) [findbugs] At edu.umd.cs.findbugs.visitclass.DismantleBytecode.visit(DismantleBytecode.java:883) [findbugs] At edu.umd.cs.findbugs.visitclass.BetterVisitor.visitCode(BetterVisitor.java:218) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.visitCode(PreorderVisitor.java:235) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory$JumpStackComputation.visitCode(OpcodeStack.java:2832) [findbugs] At org.apache.bcel.classfile.Code.accept(Code.java:135) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.doVisitMethod(PreorderVisitor.java:307) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory.computeJumpInfo(OpcodeStack.java:2876) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory.analyze(OpcodeStack.java:2806) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory.analyze(OpcodeStack.java:2789) [findbugs] At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.analyzeMethod(AnalysisCache.java:369) [findbugs] At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.getMethodAnalysis(AnalysisCache.java:322) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.getJumpInfo(OpcodeStack.java:3007) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.resetForMethodEntry(OpcodeStack.java:2978) [findbugs] At edu.umd.cs.findbugs.bcel.OpcodeStackDetector.visitCode(OpcodeStackDetector.java:62) [findbugs] At org.apache.bcel.classfile.Code.accept(Code.java:135) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.doVisitMethod(PreorderVisitor.java:307) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.visitJavaClass(PreorderVisitor.java:395) [findbugs] At org.apache.bcel.classfile.JavaClass.accept(JavaClass.java:215) [findbugs] At edu.umd.cs.findbugs.BytecodeScanningDetector.visitClassContext(BytecodeScanningDetector.java:38) [findbugs] At edu.umd.cs.findbugs.DetectorToDetector2Adapter.visitClass(DetectorToDetector2Adapter.java:76) [findbugs] At edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1089) [findbugs] At edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:283) [findbugs] At edu.umd.cs.findbugs.FindBugs.runMain(FindBugs.java:402) [findbugs] At edu.umd.cs.findbugs.FindBugs2.main(FindBugs2.java:1200) [findbugs] Error processing2 < I, 1 >iadd< Ljava/lang/String;, "", r4 > @ 706 in workflow.fileupload.swift.mt101.Mt101MultibankingWorkflowTest.testMultibankingOkWithMultipleASeqs : ()V [findbugs] java.lang.IllegalArgumentException: [findbugs] At edu.umd.cs.findbugs.OpcodeStack.constantToInt(OpcodeStack.java:2179) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.pushByIntMath(OpcodeStack.java:3198) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.sawOpcode(OpcodeStack.java:1644) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory$JumpStackComputation.sawOpcode(OpcodeStack.java:2846) [findbugs] At edu.umd.cs.findbugs.visitclass.DismantleBytecode.visit(DismantleBytecode.java:883) [findbugs] At edu.umd.cs.findbugs.visitclass.BetterVisitor.visitCode(BetterVisitor.java:218) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.visitCode(PreorderVisitor.java:235) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory$JumpStackComputation.visitCode(OpcodeStack.java:2832) [findbugs] At org.apache.bcel.classfile.Code.accept(Code.java:135) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.doVisitMethod(PreorderVisitor.java:307) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory.computeJumpInfo(OpcodeStack.java:2876) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory.analyze(OpcodeStack.java:2806) [findbugs] At edu.umd.cs.findbugs.OpcodeStack$JumpInfoFactory.analyze(OpcodeStack.java:2789) [findbugs] At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.analyzeMethod(AnalysisCache.java:369) [findbugs] At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.getMethodAnalysis(AnalysisCache.java:322) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.getJumpInfo(OpcodeStack.java:3007) [findbugs] At edu.umd.cs.findbugs.OpcodeStack.resetForMethodEntry(OpcodeStack.java:2978) [findbugs] At edu.umd.cs.findbugs.bcel.OpcodeStackDetector.visitCode(OpcodeStackDetector.java:62) [findbugs] At org.apache.bcel.classfile.Code.accept(Code.java:135) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.doVisitMethod(PreorderVisitor.java:307) [findbugs] At edu.umd.cs.findbugs.visitclass.PreorderVisitor.visitJavaClass(PreorderVisitor.java:395) [findbugs] At org.apache.bcel.classfile.JavaClass.accept(JavaClass.java:215) [findbugs] At edu.umd.cs.findbugs.BytecodeScanningDetector.visitClassContext(BytecodeScanningDetector.java:38) [findbugs] At edu.umd.cs.findbugs.DetectorToDetector2Adapter.visitClass(DetectorToDetector2Adapter.java:76) [findbugs] At edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1089) [findbugs] At edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:283) [findbugs] At edu.umd.cs.findbugs.FindBugs.runMain(FindBugs.java:402) [findbugs] At edu.umd.cs.findbugs.FindBugs2.main(FindBugs2.java:1200) [findbugs] [findbugs] Calculating exit code... [findbugs] Exit code set to: 0

    opened by MascPip 10
  • Value-Based Classes

    Value-Based Classes

    :bangbang: THIS PULL REQUEST IS NOT COMPLETE YET

    This is my shot at implementing Feature Request #313: Warn about identity-sensitive operations on value based classes.

    For brevity's sake I'll use vbi for value-based instance(s), i.e. an instance of a value-based class.

    Current State

    The annotation @ValueBased can be used to mark own value-based classes. These classes and those from the JDK are processed uniformly when it comes to the following checks:

    • :white_check_mark: no reference comparison
    • :white_check_mark: serialization of vbi
      • :white_check_mark: no non-transient field in serializable class (works out of the box)
      • :white_check_mark: no direct serialization via ObjectOutputStream.writeObject (works out of the box)
    • :red_circle: identity hash code
      • :white_check_mark: no argument to System.identityHashCode
      • :red_circle: no key in an IdentityHashMap
    • :white_check_mark: no locking on a vbi
      • :white_check_mark: no use in synchronized block
      • :white_check_mark: no calls to Object.wait
      • :white_check_mark: no calls to Object.notify
      • :white_check_mark: no calls to Object.notifyAll

    Notes

    Ensuring that a class annotated with @ValueBased has all properties described in the official documentation is not in the scope of #313 and hence also not of this pull request.

    opened by nipafx 9
  • Error parsing signature of lambda

    Error parsing signature of lambda

    This is a followup to https://sourceforge.net/p/findbugs/bugs/1415/ I tried if the error still occurs with findbugs 3.1.0_preview2 that contains a newer bcel - it still occurs, but now with a different error message.

    Steps to reproduce: 1.) compile the following code using Eclipse 4.6

    public interface HasUniqueKey<Key> {
      Key getInternId();
    }
    
    public class Util {
      public static List<Integer> toIntegerList(List<? extends HasUniqueKey<Integer>> entities) {
        return entities.stream().map(m -> m.getInternId()).collect(Collectors.toList());
      }
    }
    

    Note that compiling the code with javac will NOT show the problem, as javac produces quite different byte code when compiling the lambda.

    2.) let findbugs analyse the resulting class files (e.g. through the gui). This results in the following stacktrace:

    The following errors occurred during analysis:
      Error parsing signature !+LHasUniqueKey<Ljava/lang/Integer;>;
        java.lang.IllegalStateException: Invalid method signature: '(!+LHasUniqueKey<Ljava/lang/Integer;>;)V' : !+LHasUniqueKey<Ljava/lang/Integer;>;)V 
          At edu.umd.cs.findbugs.ba.generic.GenericSignatureParser$ParameterSignatureIterator.next(GenericSignatureParser.java:120)
          At edu.umd.cs.findbugs.ba.generic.GenericSignatureParser$ParameterSignatureIterator.next(GenericSignatureParser.java:45)
          At edu.umd.cs.findbugs.ba.generic.GenericSignatureParser.getNumParameters(GenericSignatureParser.java:184)
          At edu.umd.cs.findbugs.ba.generic.GenericUtilities.getType(GenericUtilities.java:263)
          At edu.umd.cs.findbugs.ba.type.TypeFrameModelingVisitor.getLocalVariable(TypeFrameModelingVisitor.java:827)
          At edu.umd.cs.findbugs.ba.type.TypeFrameModelingVisitor.handleLoadInstruction(TypeFrameModelingVisitor.java:889)
          At edu.umd.cs.findbugs.ba.AbstractFrameModelingVisitor.visitALOAD(AbstractFrameModelingVisitor.java:452)
          At org.apache.bcel.generic.ALOAD.accept(ALOAD.java:56)
          At edu.umd.cs.findbugs.ba.AbstractFrameModelingVisitor.analyzeInstruction(AbstractFrameModelingVisitor.java:84)
          At edu.umd.cs.findbugs.ba.type.TypeFrameModelingVisitor.analyzeInstruction(TypeFrameModelingVisitor.java:197)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transferInstruction(TypeAnalysis.java:406)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transferInstruction(TypeAnalysis.java:86)
          At edu.umd.cs.findbugs.ba.AbstractDataflowAnalysis.transfer(AbstractDataflowAnalysis.java:135)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transfer(TypeAnalysis.java:414)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transfer(TypeAnalysis.java:86)
          At edu.umd.cs.findbugs.ba.Dataflow.execute(Dataflow.java:376)
          At edu.umd.cs.findbugs.classfile.engine.bcel.TypeDataflowFactory.analyze(TypeDataflowFactory.java:83)
          At edu.umd.cs.findbugs.classfile.engine.bcel.TypeDataflowFactory.analyze(TypeDataflowFactory.java:43)
          At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.analyzeMethod(AnalysisCache.java:369)
          At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.getMethodAnalysis(AnalysisCache.java:322)
          At edu.umd.cs.findbugs.classfile.engine.bcel.CFGFactory.analyze(CFGFactory.java:160)
          At edu.umd.cs.findbugs.classfile.engine.bcel.CFGFactory.analyze(CFGFactory.java:65)
          At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.analyzeMethod(AnalysisCache.java:369)
          At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.getMethodAnalysis(AnalysisCache.java:322)
          At edu.umd.cs.findbugs.ba.ClassContext.getMethodAnalysis(ClassContext.java:1005)
          At edu.umd.cs.findbugs.ba.ClassContext.getMethodAnalysisNoDataflowAnalysisException(ClassContext.java:990)
          At edu.umd.cs.findbugs.ba.ClassContext.getCFG(ClassContext.java:303)
          At edu.umd.cs.findbugs.detect.BuildNonnullReturnDatabase.analyzeMethod(BuildNonnullReturnDatabase.java:87)
          At edu.umd.cs.findbugs.detect.BuildNonnullReturnDatabase.considerMethod(BuildNonnullReturnDatabase.java:76)
          At edu.umd.cs.findbugs.detect.BuildNonnullReturnDatabase.visitClassContext(BuildNonnullReturnDatabase.java:67)
          At edu.umd.cs.findbugs.DetectorToDetector2Adapter.visitClass(DetectorToDetector2Adapter.java:76)
          At edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1089)
          At edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:283)
          At edu.umd.cs.findbugs.gui2.BugLoader.doAnalysis(BugLoader.java:101)
          At edu.umd.cs.findbugs.gui2.AnalyzingDialog$AnalysisThread.run(AnalyzingDialog.java:275)
      Error parsing signature !+LHasUniqueKey<Ljava/lang/Integer;>;
        java.lang.IllegalStateException: Invalid method signature: '(!+LHasUniqueKey<Ljava/lang/Integer;>;)V' : !+LHasUniqueKey<Ljava/lang/Integer;>;)V 
          At edu.umd.cs.findbugs.ba.generic.GenericSignatureParser$ParameterSignatureIterator.next(GenericSignatureParser.java:120)
          At edu.umd.cs.findbugs.ba.generic.GenericSignatureParser$ParameterSignatureIterator.next(GenericSignatureParser.java:45)
          At edu.umd.cs.findbugs.ba.generic.GenericSignatureParser.getNumParameters(GenericSignatureParser.java:184)
          At edu.umd.cs.findbugs.ba.generic.GenericUtilities.getType(GenericUtilities.java:263)
          At edu.umd.cs.findbugs.ba.type.TypeFrameModelingVisitor.getLocalVariable(TypeFrameModelingVisitor.java:827)
          At edu.umd.cs.findbugs.ba.type.TypeFrameModelingVisitor.handleLoadInstruction(TypeFrameModelingVisitor.java:889)
          At edu.umd.cs.findbugs.ba.AbstractFrameModelingVisitor.visitALOAD(AbstractFrameModelingVisitor.java:452)
          At org.apache.bcel.generic.ALOAD.accept(ALOAD.java:56)
          At edu.umd.cs.findbugs.ba.AbstractFrameModelingVisitor.analyzeInstruction(AbstractFrameModelingVisitor.java:84)
          At edu.umd.cs.findbugs.ba.type.TypeFrameModelingVisitor.analyzeInstruction(TypeFrameModelingVisitor.java:197)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transferInstruction(TypeAnalysis.java:406)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transferInstruction(TypeAnalysis.java:86)
          At edu.umd.cs.findbugs.ba.AbstractDataflowAnalysis.transfer(AbstractDataflowAnalysis.java:135)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transfer(TypeAnalysis.java:414)
          At edu.umd.cs.findbugs.ba.type.TypeAnalysis.transfer(TypeAnalysis.java:86)
          At edu.umd.cs.findbugs.ba.Dataflow.execute(Dataflow.java:376)
          At edu.umd.cs.findbugs.detect.FindRefComparison.analyzeMethod(FindRefComparison.java:769)
          At edu.umd.cs.findbugs.detect.FindRefComparison.visitClassContext(FindRefComparison.java:696)
          At edu.umd.cs.findbugs.DetectorToDetector2Adapter.visitClass(DetectorToDetector2Adapter.java:76)
          At edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1089)
          At edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:283)
          At edu.umd.cs.findbugs.gui2.BugLoader.doAnalysis(BugLoader.java:101)
          At edu.umd.cs.findbugs.gui2.AnalyzingDialog$AnalysisThread.run(AnalyzingDialog.java:275)
    
    
    opened by barney2k7 8
  • Update JavaVersion for JEP 223 compatibility

    Update JavaVersion for JEP 223 compatibility

    JEP 223 introduces a new version scheme for Java versions >= 9:

    http://openjdk.java.net/jeps/223

    This fixes https://sourceforge.net/p/findbugs/bugs/1432

    java9 
    opened by don-vip 7
  • Supports android.support.annotation.Nullable/NonNull

    Supports android.support.annotation.Nullable/NonNull

    Hi, this introduces support for FindBugs to recognize android.support.annotation.Nullable as CHECK_FOR_NULL and android.support.annotation.NonNull as NONNULL. While it is annoying that there are so many nullability annotations out in the wild and these are just another set of them, these are the only nullability annotations supported by Android Studio, so even if you develop on another IDE, but share code with Android Studio developers, these are the only way to go. Hopefully soon there will be a Java standard for null annotations ...

    opened by martin-rust 7
  • Exception analyzing com.groupgti.shared.router.dao.PostDaoImpl using detector edu.umd.cs.findbugs.detect.FindUnsatisfiedObligation

    Exception analyzing com.groupgti.shared.router.dao.PostDaoImpl using detector edu.umd.cs.findbugs.detect.FindUnsatisfiedObligation

    When running FB 3.1.0 Preview from the command line with: "C:\Program Files\Java\jdk1.8.0_92\jre\bin\java.exe" -Xmx512m -Dfile.encoding=UTF8 -classpath C:\Users\njt\Downloads\findbugs-noUpdateChecks-3.1.0-dev-20160609-91ad577\findbugs-3.1.0-dev-20160609-91ad577\lib\findbugs.jar;C:\Users\njt\.m2\repository\net\jcip\jcip-annotations\1.0\jcip-annotations-1.0.jar;C:\Users\njt\Downloads\findbugs-noUpdateChecks-3.1.0-dev-20160609-91ad577\findbugs-3.1.0-dev-20160609-91ad577\lib\jsr305.jar;C:\Users\njt\Downloads\findbugs-noUpdateChecks-3.1.0-dev-20160609-91ad577\findbugs-3.1.0-dev-20160609-91ad577\lib\bcel-6.0-SNAPSHOT.jar;C:\Users\njt\Downloads\findbugs-noUpdateChecks-3.1.0-dev-20160609-91ad577\findbugs-3.1.0-dev-20160609-91ad577\lib\jFormatString.jar;C:\Users\njt\Downloads\findbugs-noUpdateChecks-3.1.0-dev-20160609-91ad577\findbugs-3.1.0-dev-20160609-91ad577\lib\dom4j-1.6.1.jar;C:\Users\njt\.m2\repository\xml-apis\xml-apis\1.0.b2\xml-apis-1.0.b2.jar;C:\Users\njt\.m2\repository\org\ow2\asm\asm-debug-all\5.0.2\asm-debug-all-5.0.2.jar;C:\Users\njt\.m2\repository\org\ow2\asm\asm-commons\5.0.2\asm-commons-5.0.2.jar;C:\Users\njt\.m2\repository\org\ow2\asm\asm-tree\5.0.2\asm-tree-5.0.2.jar;C:\Users\njt\.m2\repository\org\ow2\asm\asm\5.0.2\asm-5.0.2.jar;C:\Users\njt\.m2\repository\commons-lang\commons-lang\2.6\commons-lang-2.6.jar;C:\Users\njt\.m2\repository\com\apple\AppleJavaExtensions\1.4\AppleJavaExtensions-1.4.jar;C:\Users\njt\.m2\repository\jaxen\jaxen\1.1.6\jaxen-1.1.6.jar;C:\Users\njt\.m2\repository\org\apache\ant\ant\1.9.4\ant-1.9.4.jar;C:\Users\njt\.m2\repository\org\apache\ant\ant-launcher\1.9.4\ant-launcher-1.9.4.jar;C:\Users\njt\.m2\repository\org\codehaus\groovy\groovy-all\2.4.3\groovy-all-2.4.3.jar;C:\Users\njt\.m2\repository\org\apache\maven\reporting\maven-reporting-impl\2.1\maven-reporting-impl-2.1.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-project\2.0.10\maven-project-2.0.10.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-settings\2.0.10\maven-settings-2.0.10.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-profile\2.0.10\maven-profile-2.0.10.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-plugin-registry\2.0.10\maven-plugin-registry-2.0.10.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-interpolation\1.1\plexus-interpolation-1.1.jar;C:\Users\njt\.m2\repository\commons-validator\commons-validator\1.2.0\commons-validator-1.2.0.jar;C:\Users\njt\.m2\repository\commons-beanutils\commons-beanutils\1.7.0\commons-beanutils-1.7.0.jar;C:\Users\njt\.m2\repository\commons-digester\commons-digester\1.6\commons-digester-1.6.jar;C:\Users\njt\.m2\repository\commons-logging\commons-logging\1.0.4\commons-logging-1.0.4.jar;C:\Users\njt\.m2\repository\oro\oro\2.0.8\oro-2.0.8.jar;C:\Users\njt\.m2\repository\org\apache\maven\reporting\maven-reporting-api\3.0\maven-reporting-api-3.0.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-plugin-api\2.0\maven-plugin-api-2.0.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-plugin-descriptor\2.2.1\maven-plugin-descriptor-2.2.1.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-artifact\2.2.1\maven-artifact-2.2.1.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-core\1.4\doxia-core-1.4.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-logging-api\1.4\doxia-logging-api-1.4.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-component-annotations\1.5.5\plexus-component-annotations-1.5.5.jar;C:\Users\njt\.m2\repository\xerces\xercesImpl\2.9.1\xercesImpl-2.9.1.jar;C:\Users\njt\.m2\repository\org\apache\httpcomponents\httpclient\4.0.2\httpclient-4.0.2.jar;C:\Users\njt\.m2\repository\commons-codec\commons-codec\1.3\commons-codec-1.3.jar;C:\Users\njt\.m2\repository\org\apache\httpcomponents\httpcore\4.0.1\httpcore-4.0.1.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-sink-api\1.4\doxia-sink-api-1.4.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-decoration-model\1.4\doxia-decoration-model-1.4.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-site-renderer\1.4\doxia-site-renderer-1.4.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-module-xhtml\1.4\doxia-module-xhtml-1.4.jar;C:\Users\njt\.m2\repository\org\apache\maven\doxia\doxia-module-fml\1.4\doxia-module-fml-1.4.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-i18n\1.0-beta-7\plexus-i18n-1.0-beta-7.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-velocity\1.1.7\plexus-velocity-1.1.7.jar;C:\Users\njt\.m2\repository\org\apache\velocity\velocity\1.5\velocity-1.5.jar;C:\Users\njt\.m2\repository\org\apache\velocity\velocity-tools\2.0\velocity-tools-2.0.jar;C:\Users\njt\.m2\repository\commons-chain\commons-chain\1.1\commons-chain-1.1.jar;C:\Users\njt\.m2\repository\sslext\sslext\1.2-0\sslext-1.2-0.jar;C:\Users\njt\.m2\repository\org\apache\struts\struts-core\1.3.8\struts-core-1.3.8.jar;C:\Users\njt\.m2\repository\antlr\antlr\2.7.2\antlr-2.7.2.jar;C:\Users\njt\.m2\repository\org\apache\struts\struts-taglib\1.3.8\struts-taglib-1.3.8.jar;C:\Users\njt\.m2\repository\org\apache\struts\struts-tiles\1.3.8\struts-tiles-1.3.8.jar;C:\Users\njt\.m2\repository\commons-collections\commons-collections\3.2.1\commons-collections-3.2.1.jar;C:\Users\njt\.m2\repository\org\apache\maven\shared\maven-doxia-tools\1.2.1\maven-doxia-tools-1.2.1.jar;C:\Users\njt\.m2\repository\commons-io\commons-io\1.4\commons-io-1.4.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-artifact-manager\2.0.6\maven-artifact-manager-2.0.6.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-repository-metadata\2.0.6\maven-repository-metadata-2.0.6.jar;C:\Users\njt\.m2\repository\org\apache\maven\maven-model\2.0.6\maven-model-2.0.6.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-container-default\1.0-alpha-9\plexus-container-default-1.0-alpha-9.jar;C:\Users\njt\.m2\repository\classworlds\classworlds\1.1-alpha-2\classworlds-1.1-alpha-2.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-resources\1.0-alpha-7\plexus-resources-1.0-alpha-7.jar;C:\Users\njt\.m2\repository\org\codehaus\plexus\plexus-utils\1.5.6\plexus-utils-1.5.6.jar;C:\Users\njt\.m2\repository\org\sonatype\plexus\plexus-build-api\0.0.7\plexus-build-api-0.0.7.jar edu.umd.cs.findbugs.FindBugs2 -xml:withMessages -auxclasspathFromInput -projectName "Content Router Core" -effort:max -low -nested:false -onlyAnalyze com.groupgti.shared.router.- -output D:\Work\shared_content_router\content_router_core\target\findbugsTemp.xml D:\Work\shared_content_router\content_router_core\target\classes

    I get this error: Exception analyzing com.groupgti.shared.router.dao.PostDaoImpl using detector edu.umd.cs.findbugs.detect.FindUnsatisfiedObligation org.apache.bcel.classfile.ClassFormatException: Expected class 'CONSTANT_Class' at index 2 and got CONSTANT_Fieldref[9](class_index = 242, name_and_type_index = 468) At org.apache.bcel.classfile.ConstantPool.getConstant(ConstantPool.java:261) At org.apache.bcel.classfile.ConstantPool.getConstantString(ConstantPool.java:293) At org.apache.bcel.generic.FieldOrMethod.getReferenceType(FieldOrMethod.java:116) At edu.umd.cs.findbugs.ba.obl.InstructionActionCache.getActions(InstructionActionCache.java:107) At edu.umd.cs.findbugs.ba.obl.ObligationAnalysis.transferInstruction(ObligationAnalysis.java:139) At edu.umd.cs.findbugs.ba.obl.ObligationAnalysis.transferInstruction(ObligationAnalysis.java:68) At edu.umd.cs.findbugs.ba.AbstractDataflowAnalysis.transfer(AbstractDataflowAnalysis.java:135) At edu.umd.cs.findbugs.ba.obl.ObligationAnalysis.transfer(ObligationAnalysis.java:160) At edu.umd.cs.findbugs.ba.obl.ObligationAnalysis.transfer(ObligationAnalysis.java:68) At edu.umd.cs.findbugs.ba.Dataflow.execute(Dataflow.java:376) At edu.umd.cs.findbugs.classfile.engine.bcel.ObligationDataflowFactory.analyze(ObligationDataflowFactory.java:75) At edu.umd.cs.findbugs.classfile.engine.bcel.ObligationDataflowFactory.analyze(ObligationDataflowFactory.java:45) At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.analyzeMethod(AnalysisCache.java:369) At edu.umd.cs.findbugs.classfile.impl.AnalysisCache.getMethodAnalysis(AnalysisCache.java:322) At edu.umd.cs.findbugs.detect.FindUnsatisfiedObligation$MethodChecker.analyzeMethod(FindUnsatisfiedObligation.java:240) At edu.umd.cs.findbugs.detect.FindUnsatisfiedObligation.visitMethodCFG(FindUnsatisfiedObligation.java:158) At edu.umd.cs.findbugs.bcel.CFGDetector.visitClass(CFGDetector.java:93) At edu.umd.cs.findbugs.detect.FindUnsatisfiedObligation.visitClass(FindUnsatisfiedObligation.java:144) At edu.umd.cs.findbugs.FindBugs2.analyzeApplication(FindBugs2.java:1089) At edu.umd.cs.findbugs.FindBugs2.execute(FindBugs2.java:283) At edu.umd.cs.findbugs.FindBugs.runMain(FindBugs.java:402) At edu.umd.cs.findbugs.FindBugs2.main(FindBugs2.java:1200) At edu.umd.cs.findbugs.LaunchAppropriateUI.launch(LaunchAppropriateUI.java:106)

    java8 
    opened by Yaytay 7
  • bcel updates

    bcel updates

    I'm not sure where the custom bcel code is for findbugs anymore, but you may want to check your version of Constants.java for these changes... i think they are not included

    Index: dev/bcel/src/main/java/org/apache/commons/bcel6/Constants.java

    --- dev/bcel/src/main/java/org/apache/commons/bcel6/Constants.java (revision 1745834) +++ dev/bcel/src/main/java/org/apache/commons/bcel6/Constants.java (revision 1741710) @@ -1037,10 +1037,6 @@ /** Java VM opcode. * @see * Opcode definitions in The Java Virtual Machine Specification */

    java9 
    opened by mebigfatguy 7
  • Bump ant from 1.7.1 to 1.10.9 in /findbugs

    Bump ant from 1.7.1 to 1.10.9 in /findbugs

    Bumps ant from 1.7.1 to 1.10.9.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Detect the object-level redundancy issue

    Detect the object-level redundancy issue

    Hello,

    We ran findbugs with our tool and detected the object-level redundancy issues (object-level redundancies that happen across objects sharing the same calling context). Our tool reports an object, BasicBlock block, which is accessed at line 183 in method lookupOrCreateFact of class BasicAbstractDataflowAnalysis. The optimized code is in this pull request.

    opened by anonymousemberxxx 2
  • Bump junit from 4.11 to 4.13.1 in /findbugs

    Bump junit from 4.11 to 4.13.1 in /findbugs

    Bumps junit from 4.11 to 4.13.1.

    Release notes

    Sourced from junit's releases.

    JUnit 4.13.1

    Please refer to the release notes for details.

    JUnit 4.13

    Please refer to the release notes for details.

    JUnit 4.13 RC 2

    Please refer to the release notes for details.

    JUnit 4.13 RC 1

    Please refer to the release notes for details.

    JUnit 4.13 Beta 3

    Please refer to the release notes for details.

    JUnit 4.13 Beta 2

    Please refer to the release notes for details.

    JUnit 4.13 Beta 1

    Please refer to the release notes for details.

    JUnit 4.12

    Please refer to the release notes for details.

    JUnit 4.12 Beta 3

    Please refer to the release notes for details.

    JUnit 4.12 Beta 2

    No release notes provided.

    JUnit 4.12 Beta 1

    No release notes provided.

    Commits
    • 1b683f4 [maven-release-plugin] prepare release r4.13.1
    • ce6ce3a Draft 4.13.1 release notes
    • c29dd82 Change version to 4.13.1-SNAPSHOT
    • 1d17486 Add a link to assertThrows in exception testing
    • 543905d Use separate line for annotation in Javadoc
    • 510e906 Add sub headlines to class Javadoc
    • 610155b Merge pull request from GHSA-269g-pwp5-87pp
    • b6cfd1e Explicitly wrap float parameter for consistency (#1671)
    • a5d205c Fix GitHub link in FAQ (#1672)
    • 3a5c6b4 Deprecated since jdk9 replacing constructor instance of Double and Float (#1660)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump spring-core from 3.1.2.RELEASE to 4.3.19.RELEASE in /findbugsTestCases

    Bump spring-core from 3.1.2.RELEASE to 4.3.19.RELEASE in /findbugsTestCases

    Bumps spring-core from 3.1.2.RELEASE to 4.3.19.RELEASE.

    Release notes

    Sourced from spring-core's releases.

    4.1.1 Release

    :star: New Features

    • Allow configuring custom executor with WebSocket message broker [SPR-12272] #16877
    • Clarify the single class restriction with @JsonView for a response body advice [SPR-12270] #16875
    • PreparedStatement#setBlob(int, InputStream) is not supported in DefaultLobCreator [SPR-12265] #16870
    • Update default SockJS CDN [SPR-12254] #16868
    • Message broker thread pools should be set up in allowCoreThreadTimeOut mode [SPR-12249] #16863
    • Consistent Environment access in XML bean definition parsing code [SPR-12248] #16862
    • Create builder for Jackson ObjectMapper [SPR-12243] #16857
    • Data binding with java.util.Optional: traversal of nested paths, detection of empty holders [SPR-12241] #16855
    • INSERT SELECT of large CLOB causes ORA-01461 on setString [SPR-12240] #16854
    • LocalSessionFactoryBean doesn't support JPA 2.1 auto-apply @Converter on Hibernate 4.3 [SPR-12234] #16849
    • Expose @Bean method metadata in the BeanDefinition [SPR-12232] #16847
    • Provide subclassing hooks in PathMatchingResourcePatternResolver [SPR-12231] #16846
    • Explicitly release rolled-back database savepoints during (long-running) transaction [SPR-12228] #16843
    • Further optimize ReflectionUtils.isCglibRenamedMethod [SPR-12227] #16842
    • Support Jackson based XML serialization in RestTemplate [SPR-12225] #16840
    • Improve performance of MapPropertySource.containsProperty [SPR-12224] #16839
    • JndiLocatorDelegate.isDefaultJndiEnvironmentAvailable() should apply stronger checks [SPR-12223] #16838
    • Support ordering of conditions [SPR-12219] #16833
    • Allow configuring custom HandlerMethodArgumentResolver and HandlerMethodReturnValueHandler [SPR-12217] #16831
    • DISCONNECT messages created in StompSubProtocolHandler do not contain user information [SPR-12215] #16829
    • Add JavaConfig equivalent of tx:jta-transaction-manager [SPR-12197] #16811
    • Spring HTTP clients do not enforce RFC 6265 (cookies in a single header) [SPR-12196] #16810
    • Add spring macros support for Groovy Markup Templates [SPR-12193] #16807
    • Scheduled/JmsListenerAnnotationBeanPostProcessor needlessly scans every scoped instance [SPR-12189] #16803
    • Access to propertySources in CompositePropertySource [SPR-12182] #16796
    • Set Jackson DEFAULT_VIEW_INCLUSION property to false by default [SPR-12179] #16793
    • Using websocket scope in application event listener [SPR-12172] #16786
    • Consistent support for java.util.Optional for all applicable handler method arguments [SPR-12171] #16785
    • XML bean singleton attribute silently ignored [SPR-12167] #16781
    • Log warning for single optional constructor when no default constructor to fall back to [SPR-12161] #16775
    • SessionDisconnectEvent should extend AbstractSubProtocolEvent [SPR-12156] #16770
    • Use DEBUG log level for broken WebSocket client connections or write failures [SPR-12155] #16769
    • ResponseBodyAdvice to accept null values? [SPR-12152] #16766
    • FormHttpMessageConverter writes ASCII encoded so that a multipart form data can not contain filenames with German Umlaute [SPR-12108] #16724
    • Set Jackson FAIL_ON_UNKNOWN_PROPERTIES property to false by default [SPR-11891] #16510
    • please let context:component-scan base-package eval placeholder then split by comma [SPR-10425] #15058
    • make context:exclude-filter expression supports placeholder like context:component-scan base-package [SPR-10424] #15057
    • Improve @RequestParam defaultValue's value JavaDoc [SPR-9967] #14601
    • Section 15.3.2 - example description not matching example code [SPR-8025] #12680

    :beetle: Bug Fixes

    • Java 8 introspection causes breakage with FreeMarker Configuration bean [SPR-12448] #17053
    • Duplicate entries in ResolvableType cache [SPR-12275] #16880
    • MethodReference isn't thread-safe [SPR-12269] #16874
    • Spring 4.1 with WebMvcConfigurationSupport enabled does not register a default view resolver [SPR-12267] #16872
    • Web Async responses force concurrentResult.toString() call [SPR-12253] #16867
    ... (truncated)
    Commits
    • f428cbb Release version 4.3.19.RELEASE
    • 6a5d986 Fix SpEL compilation for non trivial elvis operand
    • 8ce9236 Polishing
    • 1a626ab SpelExpression consistently exposes EvaluationContext to compiled AST
    • 56194a1 Transactional timeout documented as seconds in annotation javadoc
    • a496836 Upgrade to Tomcat 8.5.33 and Netty 4.1.29
    • 974e7b8 Polishing
    • 069704f Support Jackson filters in combination with serialization view
    • d38eb9d SimpleAliasRegistry.hasAlias properly resolves multiple chained aliases
    • 5bd4f88 Polishing
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • [SECURITY] Use HTTPS to resolve dependencies in Maven Build

    [SECURITY] Use HTTPS to resolve dependencies in Maven Build

    mitm_build


    This is a security fix for a vulnerability in your Apache Maven pom.xml file(s).

    The build files indicate that this project is resolving dependencies over HTTP instead of HTTPS. This leaves your build vulnerable to allowing a Man in the Middle (MITM) attackers to execute arbitrary code on your or your computer or CI/CD system.

    This vulnerability has a CVSS v3.0 Base Score of 8.1/10.

    POC code has existed since 2014 to maliciously compromise a JAR file in-flight. MITM attacks against HTTP are increasingly common, for example Comcast is known to have done it to their own users.

    This contribution is a part of a submission to the GitHub Security Lab Bug Bounty program.

    Detecting this and Future Vulnerabilities

    This vulnerability was automatically detected by LGTM.com using this CodeQL Query.

    As of September 2019 LGTM.com and Semmle are officially a part of GitHub.

    You can automatically detect future vulnerabilities like this by enabling the free (for open-source) LGTM App.

    I'm not an employee of GitHub nor of Semmle, I'm simply a user of LGTM.com and an open-source security researcher.

    Source

    Yes, this contribution was automatically generated, however, the code to generate this PR was lovingly hand crafted to bring this security fix to your repository.

    The source code that generated and submitted this PR can be found here: JLLeitschuh/bulk-security-pr-generator

    Opting-Out

    If you'd like to opt-out of future automated security vulnerability fixes like this, please consider adding a file called .github/GH-ROBOTS.txt to your repository with the line:

    User-agent: JLLeitschuh/bulk-security-pr-generator
    Disallow: *
    

    This bot will respect the ROBOTS.txt format for future contributions.

    Alternatively, if this project is no longer actively maintained, consider archiving the repository.

    CLA Requirements

    This section is only relevant if your project requires contributors to sign a Contributor License Agreement (CLA) for external contributions.

    It is unlikely that I'll be able to directly sign CLAs. However, all contributed commits are already automatically signed-off.

    The meaning of a signoff depends on the project, but it typically certifies that committer has the rights to submit this work under the same license and agrees to a Developer Certificate of Origin (see https://developercertificate.org/ for more information).

    - Git Commit Signoff documentation

    If signing your organization's CLA is a strict-requirement for merging this contribution, please feel free to close this PR.

    Tracking

    All PR's generated as part of this fix are tracked here: https://github.com/JLLeitschuh/bulk-security-pr-generator/issues/2

    opened by JLLeitschuh 0
  • ExcludeBaseLineBug files configuration failed.: Failing reading D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Sax error while parsing D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Invalid top-level element (expected BugCollection, saw FindBugsFilter)

    ExcludeBaseLineBug files configuration failed.: Failing reading D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Sax error while parsing D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Invalid top-level element (expected BugCollection, saw FindBugsFilter)

    Product Infos FindBugs: 3.0.1 FindBugs-IDEA: FindBugs-IDEA 1.0.1 IDEA: IntelliJ IDEA 2018.1.6 IDEA-Build: IU-181.5540.7, July 11, 2018 JRE: 1.8.0_152-release-1136-b39 amd64 JVM: OpenJDK 64-Bit Server VM JetBrains s.r.o

    ExcludeBaseLineBug files configuration failed.: Failing reading D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Sax error while parsing D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Invalid top-level element (expected BugCollection, saw FindBugsFilter) org.dom4j.DocumentException: Failing reading D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Sax error while parsing D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Invalid top-level element (expected BugCollection, saw FindBugsFilter) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:328) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:309) at edu.umd.cs.findbugs.ExcludingHashesBugReporter.addToExcludedInstanceHashes(ExcludingHashesBugReporter.java:57) at edu.umd.cs.findbugs.ExcludingHashesBugReporter.(ExcludingHashesBugReporter.java:44) at edu.umd.cs.findbugs.FindBugs.configureBaselineFilter(FindBugs.java:533) at edu.umd.cs.findbugs.FindBugs2.excludeBaselineBugs(FindBugs2.java:379) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.configureFilter(FindBugsStarter.java:485) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.executeImpl(FindBugsStarter.java:349) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.asyncStartImpl(FindBugsStarter.java:244) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.asyncStart(FindBugsStarter.java:217) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.access$300(FindBugsStarter.java:73) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter$3.run(FindBugsStarter.java:201) at com.intellij.openapi.progress.impl.CoreProgressManager$TaskRunnable.run(CoreProgressManager.java:750) at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$1(CoreProgressManager.java:157) at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:580) at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:525) at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:85) at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:144) at com.intellij.openapi.progress.impl.CoreProgressManager$4.run(CoreProgressManager.java:395) at com.intellij.openapi.application.impl.ApplicationImpl$1.run(ApplicationImpl.java:305) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Nested exception: org.dom4j.DocumentException: Sax error while parsing D:\IdeaProject\console-navigator\findbugs-exclude.xml Nested exception: Invalid top-level element (expected BugCollection, saw FindBugsFilter) at edu.umd.cs.findbugs.SortedBugCollection.doReadXML(SortedBugCollection.java:422) at edu.umd.cs.findbugs.SortedBugCollection.doReadXML(SortedBugCollection.java:384) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:360) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:324) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:309) at edu.umd.cs.findbugs.ExcludingHashesBugReporter.addToExcludedInstanceHashes(ExcludingHashesBugReporter.java:57) at edu.umd.cs.findbugs.ExcludingHashesBugReporter.(ExcludingHashesBugReporter.java:44) at edu.umd.cs.findbugs.FindBugs.configureBaselineFilter(FindBugs.java:533) at edu.umd.cs.findbugs.FindBugs2.excludeBaselineBugs(FindBugs2.java:379) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.configureFilter(FindBugsStarter.java:485) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.executeImpl(FindBugsStarter.java:349) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.asyncStartImpl(FindBugsStarter.java:244) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.asyncStart(FindBugsStarter.java:217) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.access$300(FindBugsStarter.java:73) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter$3.run(FindBugsStarter.java:201) at com.intellij.openapi.progress.impl.CoreProgressManager$TaskRunnable.run(CoreProgressManager.java:750) at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$1(CoreProgressManager.java:157) at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:580) at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:525) at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:85) at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:144) at com.intellij.openapi.progress.impl.CoreProgressManager$4.run(CoreProgressManager.java:395) at com.intellij.openapi.application.impl.ApplicationImpl$1.run(ApplicationImpl.java:305) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Nested exception: org.xml.sax.SAXException: Invalid top-level element (expected BugCollection, saw FindBugsFilter) at edu.umd.cs.findbugs.SAXBugCollectionHandler.startElement(SAXBugCollectionHandler.java:188) at org.apache.xerces.parsers.AbstractSAXParser.startElement(Unknown Source) at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown Source) at org.apache.xerces.impl.XMLNSDocumentScannerImpl$NSContentDispatcher.scanRootElementHook(Unknown Source) at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source) at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source) at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) at edu.umd.cs.findbugs.SortedBugCollection.doReadXML(SortedBugCollection.java:412) at edu.umd.cs.findbugs.SortedBugCollection.doReadXML(SortedBugCollection.java:384) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:360) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:324) at edu.umd.cs.findbugs.SortedBugCollection.readXML(SortedBugCollection.java:309) at edu.umd.cs.findbugs.ExcludingHashesBugReporter.addToExcludedInstanceHashes(ExcludingHashesBugReporter.java:57) at edu.umd.cs.findbugs.ExcludingHashesBugReporter.(ExcludingHashesBugReporter.java:44) at edu.umd.cs.findbugs.FindBugs.configureBaselineFilter(FindBugs.java:533) at edu.umd.cs.findbugs.FindBugs2.excludeBaselineBugs(FindBugs2.java:379) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.configureFilter(FindBugsStarter.java:485) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.executeImpl(FindBugsStarter.java:349) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.asyncStartImpl(FindBugsStarter.java:244) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.asyncStart(FindBugsStarter.java:217) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter.access$300(FindBugsStarter.java:73) at org.twodividedbyzero.idea.findbugs.core.FindBugsStarter$3.run(FindBugsStarter.java:201) at com.intellij.openapi.progress.impl.CoreProgressManager$TaskRunnable.run(CoreProgressManager.java:750) at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$1(CoreProgressManager.java:157) at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:580) at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:525) at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:85) at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:144) at com.intellij.openapi.progress.impl.CoreProgressManager$4.run(CoreProgressManager.java:395) at com.intellij.openapi.application.impl.ApplicationImpl$1.run(ApplicationImpl.java:305) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745)

    opened by huangyichun 0
  • Report issues here: https://github.com/spotbugs/spotbugs/

    Report issues here: https://github.com/spotbugs/spotbugs/

    This project continues development in a new home: https://github.com/spotbugs/spotbugs/

    Please do not open new issues here anymore!

    READ ME!!! 
    opened by iloveeclipse 0
Releases(3.1.0_preview2)
Owner
The FindBugs project
Project working on the FindBugs project, a static analysis tool for Java
The FindBugs project
SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community. SpotBugs is licensed unde

null 2.3k Jun 8, 2021
A tool to help eliminate NullPointerExceptions (NPEs) in your Java code with low build-time overhead

NullAway: Fast Annotation-Based Null Checking for Java NullAway is a tool to help eliminate NullPointerExceptions (NPEs) in your Java code. To use Nul

Uber Open Source 3k Jun 18, 2021
:coffee: SonarSource Static Analyzer for Java Code Quality and Security

Code Quality and Security for Java This SonarSource project is a code analyzer for Java projects. Information about the analysis of Java features is a

SonarSource 787 Jun 16, 2021
⚡️Lightning-fast linter for .env files. Written in Rust 🦀

⚡️ Lightning-fast linter for .env files. Written in Rust ?? Dotenv-linter can check / fix / compare .env files for problems that may cause the applica

null 933 Jun 9, 2021
Continuous Inspection

SonarQube Continuous Inspection SonarQube provides the capability to not only show health of an application but also to highlight issues newly introdu

SonarSource 5.9k Jun 16, 2021
Sourcetrail - free and open-source interactive source explorer

Sourcetrail Sourcetrail is a free and open-source cross-platform source explorer that helps you get productive on unfamiliar source code. Windows: Lin

Coati Software 11.5k Jun 18, 2021
Your Software. Your Structures. Your Rules.

jQAssistant Master Repository We splitted jQAssistant in multiple single repositories to be able to build a better and more flexible build an release

null 159 May 30, 2021
Astra: a Java tool for analysing and refactoring Java source code

What is Astra? Astra is a Java tool for analysing and refactoring Java source code. For example: "References to type A should instead reference type B

Alfa 32 Jun 8, 2021
Inria 1.1k Jun 16, 2021
An extensible multilanguage static code analyzer.

PMD About PMD is a source code analyzer. It finds common programming flaws like unused variables, empty catch blocks, unnecessary object creation, and

PMD 3.4k Jun 14, 2021
OpenGrok is a fast and usable source code search and cross reference engine, written in Java

Copyright (c) 2006, 2020 Oracle and/or its affiliates. All rights reserved. OpenGrok - a wicked fast source browser OpenGrok - a wicked fast source br

Oracle 3.3k Jun 14, 2021
Catch common Java mistakes as compile-time errors

Error Prone Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. public class ShortSet { public

Google 5.6k Jun 14, 2021