I used to use FindBugs plugin in my Java projects to detect and learn about issues and potential issues in my source code.
Even FindBugs is no longer maintained we have an alternative called SpotBugs.
It requires Maven version 3.1.1 to be executed
Is not so different to use, just add the plugin like any other plugin in your pom.xml file:
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<version>3.1.11</version>
<executions>
<execution>
<goals>
<goal>check</goal>
<goal>gui</goal>
<goal>help</goal>
<goal>spotbugs</goal>
</goals>
<id>check</id>
</execution>
</executions>
<configuration>
<foo>bar</foo>
</configuration>
</plugin>
And then execute:
mvn spotbugs:check
After checking our code we may display our bugs in a friendly manner
mvn spotbugs:gui
Example of a detected issue when we forget to close streams:
Method may fail to close stream
The method creates an IO stream object, does not assign it to any fields, pass it to other methods that might close it, or return it, and does not appear to close the stream on all paths out of the method. This may result in a file descriptor leak. It is generally a good idea to use a finally block to ensure that streams are closed.
<profile>
<id>default</id>
<properties>
<spotbugs.skip>true</spotbugs.skip>
</properties>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
</profile>
And let’s create a profile to execute it:
<profile>
<id>runSpotBugs</id>
<properties>
<spotbugs.skip>false</spotbugs.skip>
</properties>
</profile>
And execute like this:
mvn clean install -PrunSpotBugs
Photo by Bud Helisson on Unsplash