Bye bye FindBugs. Hello SpotBugs

I used to use FindBugs plugin in my Java projects to detect and learn about issues and potential issues in my source code.

Even FindBugs is no longer maintained we have an alternative called SpotBugs.

It requires Maven version 3.1.1 to be executed

Is not so different to use, just add the plugin like any other plugin in your pom.xml file:


And then execute:

mvn spotbugs:check

After checking our code we may display our bugs in a friendly manner

mvn spotbugs:gui
SpotBugs plugin GUI
SpotBugs GUI

Method may fail to close stream
The method creates an IO stream object, does not assign it to any fields, pass it to other methods that might close it, or return it, and does not appear to close the stream on all paths out of the method.  This may result in a file descriptor leak.  It is generally a good idea to use a finally block to ensure that streams are closed.

Example error message when we forget to close streams

Tip: normally we don’t want to execute SpotBugs every time we compile our project so let’s create a profile to skip it


And let’s create a profile to execute it:


And execute like this:

mvn clean install -PrunSpotBugs

Photo by Bud Helisson on Unsplash

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s