FindBugs is a key code quality tool for Java based projects.
It includes several dozens of bug patterns which are used by FindBugs to identify potential bugs and, more in general, weaknesses in our code.
FindBugs has a plugin architecture which can be used to extend the set of detectors (bug patterns) used during the analysis.
There are few open source projects which aim to develop FindBugs plugin.
Let’s have a look at versions dependencies:
|JDK||FindBugs||FB-Contrib||Find Security Bugs|
|7 and 8||3.x||6.x||1.3 and above|
|5 and 6||2.x||5.x||1.2|
All plugins are released in .jar format and they can be easily added to the FindBugs :
- FindBugs stand-alone: place the jar in the plugins dir inside FindBugs installation dir
- Eclipse FindBugs plugin: use the plugin options to specify the plugin path or place the jar file inside FindBugs plugins dir
- NetBeans FindBugs integration: use Custom FindBugs Plugins button inside Editor → Hints → FindBugs page.
- IntelliJ FindBugs plugin: add new plugin in the Plugin Configuration tab.
After adding new plugins, review the list of detectors enabled. New detectors are usually added but not enabled.