I used to use FindBugs plugin in my Java projects to detect and learn about issues and potential issues in my source code.

Even FindBugs is no longer maintained we have an alternative called SpotBugs.

It requires Maven version 3.1.1 to be executed

Is not so different to use, just add the plugin like any other plugin in your pom.xml file:

      

<plugin>
  <groupId>com.github.spotbugs</groupId>
  <artifactId>spotbugs-maven-plugin</artifactId>
  <version>3.1.11</version>
  <executions>
    <execution>
      <goals>
        <goal>check</goal>
        <goal>gui</goal>
        <goal>help</goal>
        <goal>spotbugs</goal>
      </goals>
      <id>check</id>
    </execution>
  </executions>
  <configuration>
    <foo>bar</foo>
  </configuration>
</plugin>

   
    

And then execute:

      
mvn spotbugs:check
   
    

After checking our code we may display our bugs in a friendly manner

      
mvn spotbugs:gui
   
    

Example of a detected issue when we forget to close streams:

Method may fail to close stream

The method creates an IO stream object, does not assign it to any fields, pass it to other methods that might close it, or return it, and does not appear to close the stream on all paths out of the method. This may result in a file descriptor leak. It is generally a good idea to use a finally block to ensure that streams are closed.

      
<profile>
  <id>default</id>
  <properties>
    <spotbugs.skip>true</spotbugs.skip>
  </properties>
  <activation>
    <activeByDefault>true</activeByDefault>
  </activation>
</profile>

   
    

And let’s create a profile to execute it:

      
<profile>
  <id>runSpotBugs</id>
  <properties>
    <spotbugs.skip>false</spotbugs.skip>
  </properties>
</profile>

   
    

And execute like this:

      
mvn clean install -PrunSpotBugs
   
    

Photo by Bud Helisson on Unsplash