Updating Findbugs from 2.0.1 to 2.0.3
BUG=None
R=bulach@chromium.org
Committed: a15fd41
Review URL: https://codereview.chromium.org/139673002
git-svn-id: http://src.chromium.org/svn/trunk/deps/third_party/findbugs@245022 4ff67af0-8c30-449e-8e8b-ad334ec8d88c
diff --git a/OWNERS b/OWNERS
new file mode 100644
index 0000000..5ea25a3
--- /dev/null
+++ b/OWNERS
@@ -0,0 +1,2 @@
+aurimas@chromium.org
+bulach@chromium.org
diff --git a/README.chromium b/README.chromium
index 8a995b8..493dbeb 100644
--- a/README.chromium
+++ b/README.chromium
@@ -1,7 +1,7 @@
Name: FindBugs
URL: http://findbugs.sourceforge.net/
Description: FindBugs is a program to find bugs in Java programs.
-Version: 2.0
+Version: 2.0.3
Security Critical: no
License: LGPL 3
License File: LICENSE
diff --git a/doc/Changes.html b/doc/Changes.html
index 440b153..21b4551 100644
--- a/doc/Changes.html
+++ b/doc/Changes.html
@@ -1,16 +1,17 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
- <head>
- <title>FindBugs Change Log</title>
- <link rel="stylesheet" type="text/css" href="findbugs.css">
-
- </head>
+<head>
+<title>FindBugs Change Log</title>
+<link rel="stylesheet" type="text/css" href="findbugs.css">
- <body>
+</head>
- <table width="100%">
- <tr>
+<body>
-
+ <table width="100%">
+ <tr>
+
+
<td bgcolor="#b9b9fe" valign="top" align="left" width="20%">
<table width="100%" cellspacing="0" border="0">
<tr><td><a class="sidebar" href="index.html"><img src="umdFindbugs.png" alt="FindBugs"></a></td></tr>
@@ -54,1105 +55,1432 @@
</table>
</td>
- <td align="left" valign="top">
+ <td align="left" valign="top">
- <h1>FindBugs Change Log, Version 2.0.1</h1>
-
- <ul>
- <li>New bug patterns; in some cases, bugs previous reported as other bug patterns are reported
- as instances of these new bug patterns in order to make it easier for developers to understand
- the bug reports</li>
- <ul>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#PT_ABSOLUTE_PATH_TRAVERSAL">PT_ABSOLUTE_PATH_TRAVERSAL
- </a>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#PT_RELATIVE_PATH_TRAVERSAL">PT_RELATIVE_PATH_TRAVERSAL
- </a>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR
- </a>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#MS_SHOULD_BE_REFACTORED_TO_BE_FINAL">MS_SHOULD_BE_REFACTORED_TO_BE_FINAL
- </a>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_UNCONFIRMED_CAST_OF_RETURN_VALUE">BC_UNCONFIRMED_CAST_OF_RETURN_VALUE
- </a>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#PT_ABSOLUTE_PATH_TRAVERSAL">PT_ABSOLUTE_PATH_TRAVERSAL
- </a>
- <li><a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS
- </a>
- </ul>
- <li>Changes to fix false negatives for the following bug patterns: <a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_UNCONFIRMED_CAST">BC_UNCONFIRMED_CAST</a>,
- <a href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_BAD_ARRAY_COMPARE">EC_BAD_ARRAY_COMPARE</a>,
- <a href="http://findbugs.sourceforge.net/bugDescriptions.html#EQ_UNUSUAL">EQ_UNUSUAL</a>, <a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#GC_UNRELATED_TYPES">GC_UNRELATED_TYPES</a>,
- and <a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE</a>.
-
-
- <li>Changes to fix false positions for the following bug patterns: <a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#DMI_DOH">DMI_DOH</a>, <a
- href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_UNRELATED_TYPES">EC_UNRELATED_TYPES</a>,
- and <a href="http://findbugs.sourceforge.net/bugDescriptions.html#SE_BAD_FIELD">SE_BAD_FIELD</a>.
-
- </ul>
-
- <h1>
- FindBugs Change Log, Version 2.0.0
- </h1>
-
- <h2> Changes since version 1.3.8</h2>
- <ul>
- <li>New bug patterns; in some cases, bugs previous reported as other bug patterns are reported as instances
- of these new bug patterns in order to make it easier for developers to understand the bug reports</li>
- <ul>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST ">BC_IMPOSSIBLE_DOWNCAST </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY ">BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_INCOMPATIBLE_ARRAY_COMPARE ">EC_INCOMPATIBLE_ARRAY_COMPARE </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#JLM_JSR166_UTILCONCURRENT_MONITORENTER ">JLM_JSR166_UTILCONCURRENT_MONITORENTER </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE ">LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_CLOSING_NULL ">NP_CLOSING_NULL </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE ">RC_REF_COMPARISON_BAD_PRACTICE </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN ">RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED ">RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#SIC_THREADLOCAL_DEADLY_EMBRACE ">SIC_THREADLOCAL_DEADLY_EMBRACE </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR ">UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED ">VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED </a>
- </ul>
- <li>Providing a bug rank (1-20), and the ability to filter by bug rank. Eventually,
- it will be possible to specify your own rules for ranking bugs, but the procedure for doing so hasn't been specified yet.
- <li>Fixed about <a href="https://sourceforge.net/search/index.php?group_id=96405&search_summary=1&search_details=1&type_of_search=artifact&group_artifact_id%5B%5D=614693&open_date_start=2009-03-16&open_date_end=2009-08-20&form_submit=Search">45 bugs filed</a> through SourceForge
- <li>Various reclassifications and priority tweaks
- <li>Added more bug annotations to a variety of bug reports.
- This provides more context for understanding bug reports
- (e.g., if the value in question was is the return value
- of a method, the method is described as the source of
- the value in a bug annotation). This also provide more
- accurate tracking of issues across versions of the code
- being analyzed, but has the downside that when comparing
- results from FindBugs 1.3.8 and FindBugs 1.3.9 on the
- same version of code being analyzed,
- FindBugs may think that mistakenly believe that the
- issue reported by 1.3.8 was fixed and a new issue was
- introduced that was reported by FindBugs 1.3.9. While
- annoying, it would be unusual for more than a dozen
- issues per million
- lines of codes to be mistracked.
- <li> Lots of internal changes moving towards FindBugs 2.0, but these
- features are undocumented, not yet officially supported, and subject to
- radical changes before FindBugs 2.0 is released.
-
-
- </ul>
-
-
-
- <p> Changes since version 1.3.8</p>
- <ul>
- <li>New bug patterns; in some cases, bugs previous reported as other bug patterns are reported as instances
- of these new bug patterns in order to make it easier for developers to understand the bug reports</li>
- <ul>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST ">BC_IMPOSSIBLE_DOWNCAST </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY ">BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_INCOMPATIBLE_ARRAY_COMPARE ">EC_INCOMPATIBLE_ARRAY_COMPARE </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#JLM_JSR166_UTILCONCURRENT_MONITORENTER ">JLM_JSR166_UTILCONCURRENT_MONITORENTER </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE ">LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_CLOSING_NULL ">NP_CLOSING_NULL </a>
- <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE ">RC_REF_COMPARISON_BAD_PRACTICE </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN ">RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED ">RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#SIC_THREADLOCAL_DEADLY_EMBRACE ">SIC_THREADLOCAL_DEADLY_EMBRACE </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR ">UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR </a> <li><a href="http://findbugs.sourceforge.net/bugDescriptions.html#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED ">VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED </a>
- </ul>
- <li>Providing a bug rank (1-20), and the ability to filter by bug rank. Eventually,
- it will be possible to specify your own rules for ranking bugs, but the procedure for doing so hasn't been specified yet.
- <li>Fixed about <a href="https://sourceforge.net/search/index.php?group_id=96405&search_summary=1&search_details=1&type_of_search=artifact&group_artifact_id%5B%5D=614693&open_date_start=2009-03-16&open_date_end=2009-08-20&form_submit=Search">45 bugs filed</a> through SourceForge
- <li>Various reclassifications and priority tweaks
- <li>Added more bug annotations to a variety of bug reports.
- This provides more context for understanding bug reports
- (e.g., if the value in question was is the return value
- of a method, the method is described as the source of
- the value in a bug annotation). This also provide more
- accurate tracking of issues across versions of the code
- being analyzed, but has the downside that when comparing
- results from FindBugs 1.3.8 and FindBugs 1.3.9 on the
- same version of code being analyzed,
- FindBugs may think that mistakenly believe that the
- issue reported by 1.3.8 was fixed and a new issue was
- introduced that was reported by FindBugs 1.3.9. While
- annoying, it would be unusual for more than a dozen
- issues per million
- lines of codes to be mistracked.
- <li> Lots of internal changes moving towards FindBugs 2.0, but these
- features are undocumented, not yet officially supported, and subject to
- radical changes before FindBugs 2.0 is released.
-
-
- </ul>
- <p> Changes since version 1.3.7</p>
- <ul>
- <li>Primarily another small bugfix release.</li>
- <li>FindBugs base:</li>
- <ul>
- <li>New Reports:</li>
- <ul>
- <li>SF_SWITCH_NO_DEFAULT: missing default case in switch statement.</li>
- <li>SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW: value ignored when switch fallthrough leads to
- thrown exception.</li>
- <li>INT_VACUOUS_BIT_OPERATION: bit operations that don't do any meaningful work.</li>
- <li>FB_UNEXPECTED_WARNING: warning generated that conflicts with @NoWarning FindBugs annotation.</li>
- <li>FB_MISSING_EXPECTED_WARNING: warning not generated despite presence of @ExpectedWarning FindBugs annotation.</li>
- <li>NOISE category: intended for use in data mining experiments.</li>
- <ul>
- <li>NOISE_NULL_DEREFERENCE: fake null point dereference warning.</li>
- <li>NOISE_METHOD_CALL: fake method call warning.</li>
- <li>NOISE_FIELD_REFERENCE: fake field dereference warning.</li>
- <li>NOISE_OPERATION: fake operation warning.</li>
- </ul>
- </ul>
- <li>Other:</li>
- <ul>
- <li>Garvin Leclaire has created a new Apache Maven repository for FindBugs at
- <a href="http://code.google.com/p/findbugs/">the Google Code FindBugs SVN repository</a>. (Thanks Garvin!)</li>
- </ul>
- <li>Fixes:</li>
- <ul>
- <li>[ 2317842 ] Highlighting broken in Windows</li>
- <li>[ 2515908 ] check for oddness should track sign of argument</li>
- <li>[ 2487936 ] "L B GC" false pos cast from Map.Entry.getKey() to Map.get()</li>
- <li>[ 2528264 ] Ant tasks not compatible with Ant 1.7.1</li>
- <li>[ 2539590 ] SF_SWITCH_FALLTHROUGH wrong message reported </li>
- <li>[ 2020066 ] Bug history displayed in fancy-hist.xsl is incorrect</li>
- <li>[ 2545098 ] Invalid character in analysis results file</li>
- <li>[ 2492673 ] Plugin sites should specify 'requires Eclipse 3.3 or newer'</li>
- <li>[ 2588044 ] a tiny typing error</li>
- <li>[ 2589048 ] Documentation for convertXmlToText insufficient</li>
- <li>[ 2638739 ] NullPointerException when building</li>
- </ul>
- <li>Patches:</li>
- <ul>
- <li>[ 2538184 ] Make BugCollection implement Iterable<BugInstance> (thanks to Tomas Pollak)</li>
- <li>[ 2249771 ] Add Maven2 Findbugs plugin link to the Links page (thanks to Garvin Leclaire)</li>
- <li>[ 2609526 ] Japanese manual update (thanks to K. Hashimoto)</li>
- <li>[ 2119482 ] CheckBcel checks for nonexistent classes (thanks to Jerry James)</li>
- </ul>
- </ul>
- <li>FindBugs Eclipse plugin:</li>
- <ul>
- <li>Major feature enhancements (thanks to Andrey Loskutov).
- See <a href="http://andrei.gmxhome.de/findbugs/index.html">this overview</a> for more information.</li>
- <li>Major test improvements (thanks to Tomas Pollak).</li>
- <li>Fixes:</li>
- <ul>
- <li>[ 2532365 ] Compiler warning</li>
- <li>[ 2522989 ] Fix filter files selection</li>
- <li>[ 2504068 ] NullPointerException</li>
- <li>[ 2640849 ] NPE in Eclipse plugin 1.3.7 and Eclipse 3.5 M5</li>
- </ul>
- <li>Patches:</li>
- <ul>
- <li>[ 2143140 ] Unchecked conversion fixes for Eclipse plugin (thanks to Jerry James)
- </ul>
- </ul>
- </ul>
- </ul>
-
- <p> Changes since version 1.3.6</p>
- <ul>
- <li>Overall, a small bugfix release.
- <li>New detection of accidental vacuous/useless calls to EasyMock methods,
- and of generic signatures that proclaim the use of unhashable classes
- in ways that require that they be hashed.
- <li>Eliminate some false positives where we were warning about
- a useless call (e.g., comparing two incompatible types for equality),
- but the only thing the code was doing with the result was
- passing it to assertFalse.
- <li>Japanese localization and manual by K.Hashimoto. (Thanks!)
- <li>Added -exclude and -outputDir command line options to rejarForAnalysis
- <li>Extended -adjustPriorities option to FindBugs analysis textui so that you
- can modify the priorities of individual bug patterns as well as visitors,
- and also completely suppress individual bug patterns or visitors.
+ <h1>FindBugs Change Log, Version 2.0.3</h1>
+ <ul>
+ <li>New Bug patterns: <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#DM_BOXED_PRIMITIVE_FOR_PARSING">DM_BOXED_PRIMITIVE_FOR_PARSING</a>,
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_METHOD_RETURN_RELAXING_ANNOTATION">NP_METHOD_RETURN_RELAXING_ANNOTATION</a>,
+ and
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION</a>
+ </li>
+ <li>Add the ability in the GUI to save the currently viewable/filtered bugs to HTML output.
+ <li>When dataflow does't terminate, make sure we continue with
+ analysis.
+
+ <li>Fix some problems that resulting in dataflow analysis not
+ terminating
+
+ <li>Get parameter annotations from default parameters
+ annotations applied to the method.
+ <li>Add subversion change number to eclipse plugin qualifier.
+
+ <li>Disabled detector for <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#AM_CREATES_EMPTY_JAR_FILE_ENTRY">AM_CREATES_EMPTY_JAR_FILE_ENTRY</a>;
+ it complaints inappropriately about code that creates directory
+ entries.
+
+ <li>Add warnings about incompatible types passed to
+ org.testng.Assert.assertEquals</li>
+ <li>Add logic that understands more of the Google Guava APIs.
+ <li>Disable type qualifier validator execution within Eclipse plugin;
+ too many problems with class loading and security manager (see #1154 Random obscure Eclipse failures)
+ <li>Consistently check both access flags and attributes to see if something is synthetic. Compiler is
+ inconsistent about where synthetic elements are marked.
+
+ <li>Fixed false positives for the following bug patterns (17
+ occurrences in findbugsTestCases):
<ul>
- <li> e.g., -adjustPriority MS_SHOULD_BE_FINAL=suppress,MS_PKGPROTECT=suppress,EI_EXPOSE_REP=suppress,EI_EXPOSE_REP2=suppress,PZLA_PREFER_ZERO_LENGTH_ARRAYS=raise
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC">BC</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_INSTANCEOF">BC_IMPOSSIBLE_INSTANCEOF</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_UNCONFIRMED_CAST">BC_UNCONFIRMED_CAST</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_UNRELATED_TYPES">EC_UNRELATED_TYPES</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#IS2_INCONSISTENT_SYNC">IS2_INCONSISTENT_SYNC</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#OBL_UNSATISFIED_OBLIGATION">OBL_UNSATISFIED_OBLIGATION</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#SA_FIELD_SELF_COMPARISON">SA_FIELD_SELF_COMPARISON</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED</a>
+ </li>
</ul>
- </ul>
-
+ <li>Fixed false negatives for the following bug patterns (45
+ occurrences in findbugsTestCases):
+ <ul>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_UNCONFIRMED_CAST">BC_UNCONFIRMED_CAST</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#DM_NUMBER_CTOR">DM_NUMBER_CTOR</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_ARRAY_AND_NONARRAY">EC_ARRAY_AND_NONARRAY</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_INCOMPATIBLE_ARRAY_COMPARE">EC_INCOMPATIBLE_ARRAY_COMPARE</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_UNRELATED_TYPES">EC_UNRELATED_TYPES</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#GC_UNRELATED_TYPES">GC_UNRELATED_TYPES</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#IS_FIELD_NOT_GUARDED">IS_FIELD_NOT_GUARDED</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#IT_NO_SUCH_ELEMENT">IT_NO_SUCH_ELEMENT</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS">JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NULL_ON_SOME_PATH">NP_NULL_ON_SOME_PATH</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NONNULL_PARAM_VIOLATION">NP_NONNULL_PARAM_VIOLATION</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_STORE_INTO_NONNULL_FIELD">NP_STORE_INTO_NONNULL_FIELD</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RE_POSSIBLE_UNINTENDED_PATTERN">RE_POSSIBLE_UNINTENDED_PATTERN</a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#SA_FIELD_SELF_COMPARISON">SA_FIELD_SELF_COMPARISON</a>
+ </ul>
+ </ul>
+ <h1>FindBugs Change Log, Version 2.0.2</h1>
+
+ <ul>
+ <li>Fix false positions for <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR</a>
+ - fixing <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3547559&group_id=96405&atid=614693">Bug3547559</a>,
+ <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3555408&group_id=96405&atid=614693">Bug3555408</a>,
+ <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3580266&group_id=96405&atid=614693">Bug3580266</a>
+ and <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3587164&group_id=96405&atid=614693">Bug3587164</a>.
- <p> Changes since version 1.3.5</p>
- <ul>
- <li>Added fairly exhaustive static analysis
- of uses of format strings, checking for missing or
- extra arguements, invalid format specifiers,
- or mismatched format specifiers and arguments (e.g,
- passing a String value for a %d format specifier).
- The logic for doing so is derived from Sun's java.util.Formatter class,
- and available separately from FindBugs as part of the
- <a href="https://jformatstring.dev.java.net/">jFormatString</a> project.
-
- <li>More tuning of the unsatisfied obligation detector. Since this
- detector is still rather noisy and an unfinished research project,
- I've moved the generated issues to a new category: EXPERIMENTAL.
-
- <li>Added check for <a href="http://findbugs.sourceforge.net/bugDescriptions.html#BIT_ADD_OF_SIGNED_BYTE">BIT_ADD_OF_SIGNED_BYTE</a>; similar to <a href="http://findbugs.sourceforge.net/bugDescriptions.html#BIT_IOR_OF_SIGNED_BYTE">BIT_IOR_OF_SIGNED_BYTE</a>, except that
- addition is being used to combine shifted signed bytes.
-
- <li>Changed detection of EI_EXPOSE_REP2, so we only report it if the value stored
- is guaranteed to be the same value that was passed in as a parameter.
-
- <li>Added <a href="http://findbugs.sourceforge.net/bugDescriptions.html#EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS">EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS</a>, a warning when
- an equals method checks to see if an operand is an instance of a class not
- compatible with itself. For example, if the Foo class checks to see if the argument
- is an instance of String. This is either a questionable design decision or a coding mistake.
- <li>Added <a href="http://findbugs.sourceforge.net/bugDescriptions.html#DMI_INVOKING_HASHCODE_ON_ARRAY">DMI_INVOKING_HASHCODE_ON_ARRAY</a>,
- which checks for invoking <code>hashCode()</code> on an array, which returns a hash code that ignores the contents of the array.
- <li>Added checks for using <code>x.removeAll(x)</code> to rather than <code>x.clear()</code>
- to clear an array.
- <li>Add checks for calls such as <code>x.contains(x)</code>, <code>x.remove(x)</code> and <code>x.containsAll(x)</code>.
- <li>Improvements to Eclipse plugin (thanks to Andrey Loskutov):
- <ul>
- <li>Report separate markers for each occurrence of an issue that appears multiple times in a method
- <li> fine tuning for reported markers: add only one marker for fields, add marker on right position
- <li> link bugs selected in bug explorer view to the opened editor and vice versa
- <li> select bugs selected in editor ruler in the opened bug explorer view
- <li> consistent abbreviations used in both bug explorer and bug details view
- <li> added "Expand All" button to the bug explorer view
- <li> added "Go Into/Go Up" buttons to the bug explorer view
- <li> added "Copy to clipboard" menu/functionality to the details view list widget
- <li> fix for CNF exception if loading the backup solution for broken browser widget
-
- </ul></ul>
-
-
- <p> Changes since version 1.3.4</p>
- <ul>
+ </li>
+ <li>Fix false positives for <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#SF_SWITCH_NO_DEFAULT">SF_SWITCH_NO_DEFAULT</a>
+ <li>Inline access methods for private fields,
+ fixing false positive in <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3484713&group_id=96405&atid=614693">Bug3484713</a>.
+
+ <li>Type qualifier annotations, including nullness
+ annotations, are now ignored on vararg parameters (including
+ default and inherited annotations), awaiting JSR308.
+ <li>Defined new bug pattern to give better explanations of
+ issues involving strict type qualifiers <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED</a>
+ <li>Adjusted analysis of type qualifiers, now giving warnings
+ where a computed value is used in a place where a value with a
+ strict type qualifier is required.
+ <li>Complain about missing classes only if they are
+ encountered while analyzing application classes; ignore missing
+ classes that are encounted while analyzing classes loaded from the
+ auxclasspath. Fix for <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3588379&group_id=96405&atid=614693">Bug3588379</a>
+ <li>Fixed false positive null pointer warning coming from
+ synthetic bridge methods, fixing <a
+ href="https://sourceforge.net/tracker/?func=detail&aid=3589328&group_id=96405&atid=614693">Bug3589328</a>
+ <li>In general, suppress warnings in synthetic methods.
+ <li>Fix some false positives involving <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#GC_UNRELATED_TYPES">GC_UNRELATED_TYPES</a>
+ on classes that extend generic collection classes.
+
+ </li>
+ <li>Combine multiple identical warnings about
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#DM_DEFAULT_ENCODING">DM_DEFAULT_ENCODING</a>
+ that occur in the same method,
+ simplifying issue triage.
+
+ <li>Changes by Andrey Loskutov
+ <ul>
+ <li>fixed job scheduling errors in 3.8/4.2 Eclipse <a
+ href="https://bugs.eclipse.org/bugs/show_bug.cgi?id=393748">bug
+ report</a>
+ <li>more realistic progress bar updates for jobs
+ <li>added nullness annotations for some common Eclipse API
+ methods known to usually return null values
+ <li>Added support for org.eclipse.jdt.annotation.Nullable,
+ NonNull and NonNullByDefault annotations (introduced with
+ Eclipse 3.8/4.2)</li>
+ </ul>
+ <li>Documentation improvements
+ <li><a href="http://code.google.com/p/findbugs/source/list">lots
+ of other small changes</a>
+ </ul>
+ <h1>FindBugs Change Log, Version 2.0.1</h1>
+
+ <ul>
+ <li>New bug patterns; in some cases, bugs previous reported as
+ other bug patterns are reported as instances of these new bug
+ patterns in order to make it easier for developers to understand
+ the bug reports
+ <ul>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#PT_ABSOLUTE_PATH_TRAVERSAL">PT_ABSOLUTE_PATH_TRAVERSAL</a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#PT_RELATIVE_PATH_TRAVERSAL">PT_RELATIVE_PATH_TRAVERSAL</a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR</a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#MS_SHOULD_BE_REFACTORED_TO_BE_FINAL">MS_SHOULD_BE_REFACTORED_TO_BE_FINAL</a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_UNCONFIRMED_CAST_OF_RETURN_VALUE">BC_UNCONFIRMED_CAST_OF_RETURN_VALUE</a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#PT_ABSOLUTE_PATH_TRAVERSAL">PT_ABSOLUTE_PATH_TRAVERSAL</a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS</a></li>
+ </ul>
+ </li>
+
+ <li>Changes to fix false negatives for the following bug
+ patterns: <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_UNCONFIRMED_CAST">BC_UNCONFIRMED_CAST</a>,
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_BAD_ARRAY_COMPARE">EC_BAD_ARRAY_COMPARE</a>,
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EQ_UNUSUAL">EQ_UNUSUAL</a>,
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#GC_UNRELATED_TYPES">GC_UNRELATED_TYPES</a>,
+ and <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE</a>.
+ </li>
+
+ <li>Changes to fix false positions for the following bug
+ patterns: <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#DMI_DOH">DMI_DOH</a>,
+ <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_UNRELATED_TYPES">EC_UNRELATED_TYPES</a>,
+ and <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#SE_BAD_FIELD">SE_BAD_FIELD</a>.
+ </li>
+ </ul>
+
+ <h1>FindBugs Change Log, Version 2.0.0</h1>
+
+ <h2>Changes since version 1.3.8</h2>
+ <ul>
+ <li>New bug patterns; in some cases, bugs previous reported as
+ other bug patterns are reported as instances of these new bug
+ patterns in order to make it easier for developers to understand
+ the bug reports
+ <ul>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST ">BC_IMPOSSIBLE_DOWNCAST
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY ">BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_INCOMPATIBLE_ARRAY_COMPARE ">EC_INCOMPATIBLE_ARRAY_COMPARE
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#JLM_JSR166_UTILCONCURRENT_MONITORENTER ">JLM_JSR166_UTILCONCURRENT_MONITORENTER
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE ">LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_CLOSING_NULL ">NP_CLOSING_NULL
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE ">RC_REF_COMPARISON_BAD_PRACTICE
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN ">RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED ">RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#SIC_THREADLOCAL_DEADLY_EMBRACE ">SIC_THREADLOCAL_DEADLY_EMBRACE
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR ">UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR
+ </a></li>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED ">VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED
+ </a></li>
+ </ul>
+ </li>
+ <li>Providing a bug rank (1-20), and the ability to filter by
+ bug rank. Eventually, it will be possible to specify your own
+ rules for ranking bugs, but the procedure for doing so hasn't been
+ specified yet.</li>
+ <li>Fixed about <a
+ href="https://sourceforge.net/search/index.php?group_id=96405&search_summary=1&search_details=1&type_of_search=artifact&group_artifact_id%5B%5D=614693&open_date_start=2009-03-16&open_date_end=2009-08-20&form_submit=Search">45
+ bugs filed</a> through SourceForge
+ </li>
+ <li>Various reclassifications and priority tweaks</li>
+ <li>Added more bug annotations to a variety of bug reports.
+ This provides more context for understanding bug reports (e.g., if
+ the value in question was is the return value of a method, the
+ method is described as the source of the value in a bug
+ annotation). This also provide more accurate tracking of issues
+ across versions of the code being analyzed, but has the downside
+ that when comparing results from FindBugs 1.3.8 and FindBugs 1.3.9
+ on the same version of code being analyzed, FindBugs may think
+ that mistakenly believe that the issue reported by 1.3.8 was fixed
+ and a new issue was introduced that was reported by FindBugs
+ 1.3.9. While annoying, it would be unusual for more than a dozen
+ issues per million lines of codes to be mistracked.</li>
+ <li>Lots of internal changes moving towards FindBugs 2.0, but
+ these features are undocumented, not yet officially supported, and
+ subject to radical changes before FindBugs 2.0 is released.</li>
+ </ul>
+
+ <p>Changes since version 1.3.8</p>
+ <ul>
+ <li>New bug patterns; in some cases, bugs previous reported as
+ other bug patterns are reported as instances of these new bug
+ patterns in order to make it easier for developers to understand
+ the bug reports
+ <ul>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST ">BC_IMPOSSIBLE_DOWNCAST
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY ">BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EC_INCOMPATIBLE_ARRAY_COMPARE ">EC_INCOMPATIBLE_ARRAY_COMPARE
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#JLM_JSR166_UTILCONCURRENT_MONITORENTER ">JLM_JSR166_UTILCONCURRENT_MONITORENTER
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE ">LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_CLOSING_NULL ">NP_CLOSING_NULL
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE ">RC_REF_COMPARISON_BAD_PRACTICE
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN ">RC_REF_COMPARISON_BAD_PRACTICE_BOOLEAN
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED ">RV_RETURN_VALUE_OF_PUTIFABSENT_IGNORED
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#SIC_THREADLOCAL_DEADLY_EMBRACE ">SIC_THREADLOCAL_DEADLY_EMBRACE
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR ">UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR
+ </a>
+ <li><a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED ">VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED
+ </a>
+ </ul>
+ </li>
+ <li>Providing a bug rank (1-20), and the ability to filter by
+ bug rank. Eventually, it will be possible to specify your own
+ rules for ranking bugs, but the procedure for doing so hasn't been
+ specified yet.</li>
+ <li>Fixed about <a
+ href="https://sourceforge.net/search/index.php?group_id=96405&search_summary=1&search_details=1&type_of_search=artifact&group_artifact_id%5B%5D=614693&open_date_start=2009-03-16&open_date_end=2009-08-20&form_submit=Search">45
+ bugs filed</a> through SourceForge
+ </li>
+ <li>Various reclassifications and priority tweaks</li>
+ <li>Added more bug annotations to a variety of bug reports.
+ This provides more context for understanding bug reports (e.g., if
+ the value in question was is the return value of a method, the
+ method is described as the source of the value in a bug
+ annotation). This also provide more accurate tracking of issues
+ across versions of the code being analyzed, but has the downside
+ that when comparing results from FindBugs 1.3.8 and FindBugs 1.3.9
+ on the same version of code being analyzed, FindBugs may think
+ that mistakenly believe that the issue reported by 1.3.8 was fixed
+ and a new issue was introduced that was reported by FindBugs
+ 1.3.9. While annoying, it would be unusual for more than a dozen
+ issues per million lines of codes to be mistracked.</li>
+ <li>Lots of internal changes moving towards FindBugs 2.0, but
+ these features are undocumented, not yet officially supported, and
+ subject to radical changes before FindBugs 2.0 is released.</li>
+ </ul>
+
+ <p>Changes since version 1.3.7</p>
+ <ul>
+ <li>Primarily another small bugfix release.</li>
+ <li>FindBugs base:
+ <ul>
+ <li>New Reports:
+ <ul>
+ <li>SF_SWITCH_NO_DEFAULT: missing default case in switch
+ statement.</li>
+ <li>SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW:
+ value ignored when switch fallthrough leads to thrown
+ exception.</li>
+ <li>INT_VACUOUS_BIT_OPERATION: bit operations that don't
+ do any meaningful work.</li>
+ <li>FB_UNEXPECTED_WARNING: warning generated that
+ conflicts with @NoWarning FindBugs annotation.</li>
+ <li>FB_MISSING_EXPECTED_WARNING: warning not generated
+ despite presence of @ExpectedWarning FindBugs annotation.</li>
+ <li>NOISE category: intended for use in data mining
+ experiments.
+ <ul>
+ <li>NOISE_NULL_DEREFERENCE: fake null point dereference
+ warning.</li>
+ <li>NOISE_METHOD_CALL: fake method call warning.</li>
+ <li>NOISE_FIELD_REFERENCE: fake field dereference
+ warning.</li>
+ <li>NOISE_OPERATION: fake operation warning.</li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li>Other:
+ <ul>
+ <li>Garvin Leclaire has created a new Apache Maven
+ repository for FindBugs at <a
+ href="http://code.google.com/p/findbugs/">the Google Code
+ FindBugs SVN repository</a>. (Thanks Garvin!)
+ </li>
+ </ul>
+ </li>
+ <li>Fixes:
+ <ul>
+ <li>[ 2317842 ] Highlighting broken in Windows</li>
+ <li>[ 2515908 ] check for oddness should track sign of
+ argument</li>
+ <li>[ 2487936 ] "L B GC" false pos cast from
+ Map.Entry.getKey() to Map.get()</li>
+ <li>[ 2528264 ] Ant tasks not compatible with Ant 1.7.1</li>
+ <li>[ 2539590 ] SF_SWITCH_FALLTHROUGH wrong message
+ reported</li>
+ <li>[ 2020066 ] Bug history displayed in fancy-hist.xsl is
+ incorrect</li>
+ <li>[ 2545098 ] Invalid character in analysis results file</li>
+ <li>[ 2492673 ] Plugin sites should specify "requires
+ Eclipse 3.3 or newer"</li>
+ <li>[ 2588044 ] a tiny typing error</li>
+ <li>[ 2589048 ] Documentation for convertXmlToText
+ insufficient</li>
+ <li>[ 2638739 ] NullPointerException when building</li>
+ </ul>
+ </li>
+ <li>Patches:
+ <ul>
+ <li>[ 2538184 ] Make BugCollection implement
+ Iterable<BugInstance> (thanks to Tomas Pollak)</li>
+ <li>[ 2249771 ] Add Maven2 Findbugs plugin link to the
+ Links page (thanks to Garvin Leclaire)</li>
+ <li>[ 2609526 ] Japanese manual update (thanks to K.
+ Hashimoto)</li>
+ <li>[ 2119482 ] CheckBcel checks for nonexistent classes
+ (thanks to Jerry James)</li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li>FindBugs Eclipse plugin:
+ <ul>
+ <li>Major feature enhancements (thanks to Andrey Loskutov).
+ See <a href="http://andrei.gmxhome.de/findbugs/index.html">this
+ overview</a> for more information.
+ </li>
+ <li>Major test improvements (thanks to Tomas Pollak).</li>
+ <li>Fixes:
+ <ul>
+ <li>[ 2532365 ] Compiler warning</li>
+ <li>[ 2522989 ] Fix filter files selection</li>
+ <li>[ 2504068 ] NullPointerException</li>
+ <li>[ 2640849 ] NPE in Eclipse plugin 1.3.7 and Eclipse
+ 3.5 M5</li>
+ </ul>
+ </li>
+ <li>Patches:
+ <ul>
+ <li>[ 2143140 ] Unchecked conversion fixes for Eclipse
+ plugin (thanks to Jerry James)
+ </ul>
+ </li>
+ </ul>
+ </li>
+ </ul>
+
+ <p>Changes since version 1.3.6</p>
+ <ul>
+ <li>Overall, a small bugfix release.
+ <li>New detection of accidental vacuous/useless calls to
+ EasyMock methods, and of generic signatures that proclaim the use
+ of unhashable classes in ways that require that they be hashed.
+ <li>Eliminate some false positives where we were warning about
+ a useless call (e.g., comparing two incompatible types for
+ equality), but the only thing the code was doing with the result
+ was passing it to assertFalse.
+ <li>Japanese localization and manual by K.Hashimoto. (Thanks!)
+
+ <li>Added -exclude and -outputDir command line options to
+ rejarForAnalysis
+ <li>Extended -adjustPriorities option to FindBugs analysis
+ textui so that you can modify the priorities of individual bug
+ patterns as well as visitors, and also completely suppress
+ individual bug patterns or visitors.
+ <ul>
+ <li>e.g., -adjustPriority
+ MS_SHOULD_BE_FINAL=suppress,MS_PKGPROTECT=suppress,EI_EXPOSE_REP=suppress,EI_EXPOSE_REP2=suppress,PZLA_PREFER_ZERO_LENGTH_ARRAYS=raise
+
+ </ul>
+ </ul>
+
+
+ <p>Changes since version 1.3.5</p>
+ <ul>
+ <li>Added fairly exhaustive static analysis of uses of format
+ strings, checking for missing or extra arguements, invalid format
+ specifiers, or mismatched format specifiers and arguments (e.g,
+ passing a String value for a %d format specifier). The logic for
+ doing so is derived from Sun's java.util.Formatter class, and
+ available separately from FindBugs as part of the <a
+ href="https://jformatstring.dev.java.net/">jFormatString</a>
+ project.
+ <li>More tuning of the unsatisfied obligation detector. Since
+ this detector is still rather noisy and an unfinished research
+ project, I've moved the generated issues to a new category:
+ EXPERIMENTAL.
+ <li>Added check for <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BIT_ADD_OF_SIGNED_BYTE">BIT_ADD_OF_SIGNED_BYTE</a>;
+ similar to <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#BIT_IOR_OF_SIGNED_BYTE">BIT_IOR_OF_SIGNED_BYTE</a>,
+ except that addition is being used to combine shifted signed
+ bytes.
+ <li>Changed detection of EI_EXPOSE_REP2, so we only report it
+ if the value stored is guaranteed to be the same value that was
+ passed in as a parameter.
+ <li>Added <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS">EQ_CHECK_FOR_OPERAND_NOT_COMPATIBLE_WITH_THIS</a>,
+ a warning when an equals method checks to see if an operand is an
+ instance of a class not compatible with itself. For example, if
+ the Foo class checks to see if the argument is an instance of
+ String. This is either a questionable design decision or a coding
+ mistake.
+ <li>Added <a
+ href="http://findbugs.sourceforge.net/bugDescriptions.html#DMI_INVOKING_HASHCODE_ON_ARRAY">DMI_INVOKING_HASHCODE_ON_ARRAY</a>,
+ which checks for invoking <code>hashCode()</code> on an array,
+ which returns a hash code that ignores the contents of the array.
+
+ <li>Added checks for using <code>x.removeAll(x)</code> to
+ rather than <code>x.clear()</code> to clear an array.
+ <li>Add checks for calls such as <code>x.contains(x)</code>, <code>x.remove(x)</code>
+ and <code>x.containsAll(x)</code>.
+ <li>Improvements to Eclipse plugin (thanks to Andrey
+ Loskutov):
+ <ul>
+ <li>Report separate markers for each occurrence of an issue
+ that appears multiple times in a method
+ <li>fine tuning for reported markers: add only one marker
+ for fields, add marker on right position
+ <li>link bugs selected in bug explorer view to the opened
+ editor and vice versa
+ <li>select bugs selected in editor ruler in the opened bug
+ explorer view
+ <li>consistent abbreviations used in both bug explorer and
+ bug details view
+ <li>added "Expand All" button to the bug explorer view
+ <li>added "Go Into/Go Up" buttons to the bug explorer view
+ <li>added "Copy to clipboard" menu/functionality to the
+ details view list widget
+ <li>fix for CNF exception if loading the backup solution for
+ broken browser widget
+ </ul>
+ </ul>
+
+
+
+ <p>Changes since version 1.3.4</p>
+ <ul>
<li>Analysis about 15% faster
- <li><a href="http://sourceforge.net/tracker/?atid=614693&group_id=96405&func=browse&status=closed">38 bugs closed</a></li>
+ <li><a
+ href="http://sourceforge.net/tracker/?atid=614693&group_id=96405&func=browse&status=closed">38
+ bugs closed</a></li>
<li>New defect warnings:
- <ul>
- <li>calls to methods that always throw
- UnsupportedOperationException (DMI_UNSUPPORTED_METHOD)
- <li>repeated conditional tests (e.g.,
- <code>if (x < 0 || x < 0) ...</code>)
- (RpC_REPEATED_CONDITIONAL_TEST)
- <li>Complete rewrite of detector for format string problems.
- More accurate, finds more problems, generates
- more descriptive reports, several different
- bug pattern
- (VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED,
- VA_FORMAT_STRING_ILLEGAL,
- VA_FORMAT_STRING_MISSING_ARGUMENT,
- VA_FORMAT_STRING_BAD_ARGUMENT,
- VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT)
-
- <li>Fairly complete implementation of JSR-305 custom type qualifier
- analysis (no support for custom validators yet).
- (TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK
- TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK
- TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK)
- <li>New detector for unsatisfied obligations such forgetting to
- close a file (OBL_UNSATISFIED_OBLIGATION).
- <li>Warning when a parameter is marked as nullable, but is
- always dereferenced.
- (NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE)
- <lI>Separate warning for dereference the result of readLine (NP_DEREFERENCE_OF_READLINE_VALUE)
- </ul>
- <li>When XML is generated with messages, the project stats now
- include <FileStat> elements.
- For each source file, this gives the path for the file,
- the total number of warnings for that file, and a bugHash
- for the file. While the instanceHash for a bug is intended
- to be version invariant (ignoring line numbers, etc), the
- bugHash for a file is intended to reflect all the information
- about the warnings in that file. The intended use case is that
- if the bugHash for a file is the same in two analysis runs,
- then <em>nothing</em> has changed about any of the warnings
- reported for that file between the two analysis runs.
- <li>More merging of similar issues within a method. For example,
- if the result of readLine() is dereferences multiple times
- within a method, it will be reported as a single warning
+ <ul>
+ <li>calls to methods that always throw
+ UnsupportedOperationException (DMI_UNSUPPORTED_METHOD)
+ <li>repeated conditional tests (e.g., <code>if (x
+ < 0 || x < 0) ...</code>) (RpC_REPEATED_CONDITIONAL_TEST)
+ <li>Complete rewrite of detector for format string problems.
+ More accurate, finds more problems, generates more descriptive
+ reports, several different bug pattern
+ (VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED,
+ VA_FORMAT_STRING_ILLEGAL, VA_FORMAT_STRING_MISSING_ARGUMENT,
+ VA_FORMAT_STRING_BAD_ARGUMENT,
+ VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT)
+ <li>Fairly complete implementation of JSR-305 custom type
+ qualifier analysis (no support for custom validators yet).
+ (TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK
+ TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK
+ TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK)
+ <li>New detector for unsatisfied obligations such forgetting
+ to close a file (OBL_UNSATISFIED_OBLIGATION).
+ <li>Warning when a parameter is marked as nullable, but is
+ always dereferenced.
+ (NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE)
+ <lI>Separate warning for dereference the result of readLine
+ (NP_DEREFERENCE_OF_READLINE_VALUE)
+ </ul>
+ <li>When XML is generated with messages, the project stats now
+ include <FileStat> elements. For each source file, this
+ gives the path for the file, the total number of warnings for that
+ file, and a bugHash for the file. While the instanceHash for a bug
+ is intended to be version invariant (ignoring line numbers, etc),
+ the bugHash for a file is intended to reflect all the information
+ about the warnings in that file. The intended use case is that if
+ the bugHash for a file is the same in two analysis runs, then <em>nothing</em>
+ has changed about any of the warnings reported for that file
+ between the two analysis runs.
+ <li>More merging of similar issues within a method. For
+ example, if the result of readLine() is dereferences multiple
+ times within a method, it will be reported as a single warning
with occurrences at multiple source lines.
- </ul>
- <p> Changes since version 1.3.3</p>
+ </ul>
+ <p>Changes since version 1.3.3</p>
- <ul>
- <li>FindBugs base
- <ul>
- <li>New Reports:</li>
- <ul>
- <li>EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC:
- equals method overrides equals in superclass and may not be symmetric</li>
- <li>EQ_ALWAYS_TRUE:
- equals method always returns true</li>
- <li>EQ_ALWAYS_FALSE:
- equals method always returns false</li>
- <li>EQ_COMPARING_CLASS_NAMES:
- equals method compares class names rather than class objects</li>
- <li>EQ_UNUSUAL: Unusual equals method</li>
- <li>EQ_GETCLASS_AND_CLASS_CONSTANT:
- equals method fails for subtypes</li>
- <li>SE_READ_RESOLVE_IS_STATIC:
- The readResolve method must not be declared as a static method.</li>
- <li>SE_PRIVATE_READ_RESOLVE_NOT_INHERITED:
- private readResolve method not inherited by subclasses</li>
- <li>MSF_MUTABLE_SERVLET_FIELD: Mutable servlet field</li>
- <li>XSS_REQUEST_PARAMETER_TO_SEND_ERROR:
- Servlet reflected cross site scripting vulnerability</li>
- <li>SKIPPED_CLASS_TOO_BIG: Class too big for analysis</li>
- </ul>
- <li>Other:</li>
- <ul>
- <li>Value-number analysis now more space-efficient</li>
- <li>Enhancements to reduce memory overhead when
- analyzing very large classes</li>
- <li>Now skips very large classes that would otherwise
- take too much time and memory to analyze</li>
- <li>Infrastructure for tracking effectively-constant/
- effectively-final fields</li>
- <li>Added more cweids</li>
- <li>Enhanced taint tracking for taint-based detectors</li>
- <li>Ignore doomed calls to equals if result is used
- as an argument to assertFalse</li>
- <li>EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC handles compareTo</li>
- <li>Priority tweak for ICAST_INTEGER_MULTIPLY_CAST_TO_LONG
- (only low priority if multiplying by 1000)</li>
- <li>Improved tracking of fields across method calls</li>
- </ul>
- <li>Fixes:</li>
- <ul>
- <li>[ 1941450 ] DLS_DEAD_LOCAL_STORE not reported</li>
- <li>[ 1953323 ] Omitted break statement in SynchronizeAndNullCheckField</li>
- <li>[ 1942620 ] Source Directories selection dialog interface confusion (partial)</li>
- <li>[ 1948275 ] Unhelpful "Load of known null"</li>
- <li>[ 1933922 ] MWM error in findbugs</li>
- <li>[ 1934772 ] 1.3.3 appears to rely on JDK 1.6, JNLP still specifies 1.5</li>
- <li>[ 1933945 ] -loadbugs doesn't work</li>
- <li>Fixed problems for class names starting with '$'</li>
- <li>Fixed bugs and incomplete handling of annotations in
- VersionInsensitiveBugComparator</li>
- </ul>
- <li>Patches:</li>
- <ul>
- <li>[ 1955106 ] Javadoc fixes</li>
- <li>[ 1951930 ] Superfluous import statements (thanks to Jerry James)</li>
- <li>[ 1951907 ] Missing @Deprecated annotations (thanks to Jerry James)</li>
- <li>[ 1951876 ] Infonode Docking Windows compile fix (thanks to Jerry James)</li>
- <li>[ 1936055 ] bugfix for findbugs.de.comment not working (thanks to Peter Fokkinga)
- </ul>
- </ul>
- <li>FindBugs BlueJ plugin</li>
- <ul>
- <li>Updated to use FindBugs 1.3.4 (first new release since 1.1.3)</li>
- </ul>
- </ul>
+ <ul>
+ <li>FindBugs base
+ <ul>
+ <li>New Reports:
+ <ul>
+ <li>EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC: equals method
+ overrides equals in superclass and may not be symmetric</li>
+ <li>EQ_ALWAYS_TRUE: equals method always returns true</li>
+ <li>EQ_ALWAYS_FALSE: equals method always returns false</li>
+ <li>EQ_COMPARING_CLASS_NAMES: equals method compares class
+ names rather than class objects</li>
+ <li>EQ_UNUSUAL: Unusual equals method</li>
+ <li>EQ_GETCLASS_AND_CLASS_CONSTANT: equals method fails
+ for subtypes</li>
+ <li>SE_READ_RESOLVE_IS_STATIC: The readResolve method must
+ not be declared as a static method.</li>
+ <li>SE_PRIVATE_READ_RESOLVE_NOT_INHERITED: private
+ readResolve method not inherited by subclasses</li>
+ <li>MSF_MUTABLE_SERVLET_FIELD: Mutable servlet field</li>
+ <li>XSS_REQUEST_PARAMETER_TO_SEND_ERROR: Servlet reflected
+ cross site scripting vulnerability</li>
+ <li>SKIPPED_CLASS_TOO_BIG: Class too big for analysis</li>
+ </ul>
+ </li>
+ <li>Other:
+ <ul>
+ <li>Value-number analysis now more space-efficient</li>
+ <li>Enhancements to reduce memory overhead when analyzing
+ very large classes</li>
+ <li>Now skips very large classes that would otherwise take
+ too much time and memory to analyze</li>
+ <li>Infrastructure for tracking effectively-constant/
+ effectively-final fields</li>
+ <li>Added more cweids</li>
+ <li>Enhanced taint tracking for taint-based detectors</li>
+ <li>Ignore doomed calls to equals if result is used as an
+ argument to assertFalse</li>
+ <li>EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC handles compareTo</li>
+ <li>Priority tweak for ICAST_INTEGER_MULTIPLY_CAST_TO_LONG
+ (only low priority if multiplying by 1000)</li>
+ <li>Improved tracking of fields across method calls</li>
+ </ul>
+ </li>
+ <li>Fixes:
+ <ul>
+ <li>[ 1941450 ] DLS_DEAD_LOCAL_STORE not reported</li>
+ <li>[ 1953323 ] Omitted break statement in
+ SynchronizeAndNullCheckField</li>
+ <li>[ 1942620 ] Source Directories selection dialog
+ interface confusion (partial)</li>
+ <li>[ 1948275 ] Unhelpful "Load of known null"</li>
+ <li>[ 1933922 ] MWM error in findbugs</li>
+ <li>[ 1934772 ] 1.3.3 appears to rely on JDK 1.6, JNLP
+ still specifies 1.5</li>
+ <li>[ 1933945 ] -loadbugs doesn't work</li>
+ <li>Fixed problems for class names starting with '$'</li>
+ <li>Fixed bugs and incomplete handling of annotations in
+ VersionInsensitiveBugComparator</li>
+ </ul>
+ </li>
+ <li>Patches:
+ <ul>
+ <li>[ 1955106 ] Javadoc fixes</li>
+ <li>[ 1951930 ] Superfluous import statements (thanks to
+ Jerry James)</li>
+ <li>[ 1951907 ] Missing @Deprecated annotations (thanks to
+ Jerry James)</li>
+ <li>[ 1951876 ] Infonode Docking Windows compile fix
+ (thanks to Jerry James)</li>
+ <li>[ 1936055 ] bugfix for findbugs.de.comment not working
+ (thanks to Peter Fokkinga)
+ </ul>
+ </li>
+ </ul>
+ <li>FindBugs BlueJ plugin
+ <ul>
+ <li>Updated to use FindBugs 1.3.4 (first new release since
+ 1.1.3)</li>
+ </ul>
+ </li>
+ </ul>
- <p> Changes since version 1.3.2</p>
+ <p>Changes since version 1.3.2</p>
- <ul>
- <li>FindBugs base</li>
- <ul>
- <li>New Detectors:</li>
- <ul>
- <li>FieldItemSummary: Produces summary information
- for what is stored into fields </li>
- <li>SynchronizeOnClassLiteralNotGetClass: Look for
- code that synchronizes on the results of getClass
- rather than on class literals</li>
- <li>SynchronizingOnContentsOfFieldToProtectField: This
- detector looks for code that seems to be
- synchronizing on a field in order to guard updates
- of that field </li>
- </ul>
- <li>New BugCode:</li>
- <ul>
- <li> HRS: HTTP Response splitting vulnerability </li>
- <li> WL: Possible locking on wrong object </li>
- </ul>
- <li>New Reports:</li>
- <ul>
- <li>DMI_CONSTANT_DB_PASSWORD:
- This code creates a database connect using a hard coded, constant password </li>
- <li>HRS_REQUEST_PARAMETER_TO_COOKIE:
- HTTP cookie formed from untrusted input </li>
- <li>HRS_REQUEST_PARAMETER_TO_HTTP_HEADER:
- HTTP parameter directly written to HTTP header output </li>
- <li>CN_IMPLEMENTS_CLONE_BUT_NOT_CLONEABLE:
- Class defines clone() but doesn't implement Cloneable </li>
- <li>DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE:
- Synchronization on boxed primitive could lead to deadlock </li>
- <li> DL_SYNCHRONIZATION_ON_BOOLEAN:
- Synchronization on Boolean could lead to deadlock </li>
- <li> ML_SYNC_ON_FIELD_TO_GUARD_CHANGING_THAT_FIELD:
- Synchronization on field in futile attempt to guard that field </li>
- <li> DLS_DEAD_LOCAL_STORE_IN_RETURN:
- Useless assignment in return statement </li>
- <li> WL_USING_GETCLASS_RATHER_THAN_CLASS_LITERAL:
- Synchronization on getClass rather than class literal </li>
- </ul>
- <li>Other:</li>
- <ul>
- <li>Many enhancements to cross-site scripting detector and its documentation</li>
- <li> Enhanced switch fall through handling </li>
- <li> Enhanced unread field handling (look for IF_ACMPEQ and IF_ACMPNE) </li>
- <li> Clarified documentation for @Nullable in manual </li>
- <li> Fewer DeadLocalStore false positives </li>
- <li> Fewer UnreadField false positives </li>
- <li> Fewer StaticCalendarDetector false positives </li>
- <li> Performance fix for slow file system IO e.g. Clearcase repositories (thanks, Andrei!) </li>
- <li> Other, general performance enhancements (thanks, Andrei!) </li>
- <li> Enhancements for using FindBugs scripts with MKS on Windows (thanks, Kelly O'Hair!) </li>
- <li> Noted in the manual that jsr305.jar must be present for annotations to compile </li>
- <li> Added and fine-tuned default-nullness annotations </li>
- <li> More CWE IDs added </li>
- <li> Check and warning for unexpected BCEL version in classpath </li>
- </ul>
- <li>Fixes:</li>
- <ul>
- <li>Bug fix to handling of local variable tables in BCEL</li>
- <li>Refined documentation for MTIA_SUSPECT_STRUTS_INSTANCE_FIELD</li>
- <li>[ 1927295 ] NPE when called on project root</li>
- <li>[ 1926405 ] Incorrect dead store warning</li>
- <li>[ 1926409 ] Incorrect redundant nullcheck warning</li>
- <li>[ 1926389 ] Wrong line number printed/highlighted in bug</li>
- <li>[ 1927040 ] typo in bug description</li>
- <li>[ 1926263 ] Minor glitch in HTML output</li>
- <li>[ 1926240 ] Minor error in standard options in manual</li>
- <li>[ 1926236 ] Minor bug in installation section of manual</li>
- <li>[ 1925539 ] ZIP is default file system code base</li>
- <li>[ 1894701 ] Livelock / memory leak in ObjectTypeFactory (thanks, Andrei!)</li>
- <li>[ 1867491 ] Doesn't reload annotations after code changes in IDE (thanks, Andrei!)</li>
- <li>[ 1921399 ] -project option not supported</li>
- <li>[ 1913834 ] "Dead" store to variable with method call</li>
- <li>[ 1917352 ] H B se:...field in serializable class</li>
- <li>[ 1911617 ] CloneIdiom relies on getNameConstantOperand for INSTANCEOF</li>
- <li>[ 1911620 ] False +: DLS predecrement before return</li>
- <li>[ 1871376 ] False negative: non-serializable Map field</li>
- <li>[ 1871051 ] non standard clone() method</li>
- <li>[ 1908854 ] Error in TestASM</li>
- <li>[ 1907539 ] 22 minor errors in bug checker documentation</li>
- <li>[ 1897323 ] EJB implementation class false positives</li>
- <li>[ 1899648 ] Crash on startup on Vista with Java 1.6.0_04</li>
- </ul>
- </ul>
- <li>FindBugs Eclipse plugin (change log by Andrey Loskutov)</li>
- <ul>
- <li> new feature: export basic FindBugs numbers for projects via File->Export->Java->BugCounts (Andrey Loskutov) </li>
- <li> new feature: jobs for different projects will be run in parallel per default if running on a
- multi-core PC ("fb.allowParallelBuild" system property not used anymore) (Andrey Loskutov) </li>
- <li> fixed performance slowdown in the multi-threaded build, caused by workspace operation locks during
- assigning marker attributes (Andrey Loskutov)</li>
- </ul>
- </ul>
-
- <p> Changes since version 1.3.1</p>
+ <ul>
+ <li>FindBugs base
+ <ul>
+ <li>New Detectors:
+ <ul>
+ <li>FieldItemSummary: Produces summary information for
+ what is stored into fields</li>
+ <li>SynchronizeOnClassLiteralNotGetClass: Look for code
+ that synchronizes on the results of getClass rather than on
+ class literals</li>
+ <li>SynchronizingOnContentsOfFieldToProtectField: This
+ detector looks for code that seems to be synchronizing on a
+ field in order to guard updates of that field</li>
+ </ul>
+ </li>
+ <li>New BugCode:
+ <ul>
+ <li>HRS: HTTP Response splitting vulnerability</li>
+ <li>WL: Possible locking on wrong object</li>
+ </ul>
+ </li>
+ <li>New Reports:
+ <ul>
+ <li>DMI_CONSTANT_DB_PASSWORD: This code creates a database
+ connect using a hard coded, constant password</li>
+ <li>HRS_REQUEST_PARAMETER_TO_COOKIE: HTTP cookie formed
+ from untrusted input</li>
+ <li>HRS_REQUEST_PARAMETER_TO_HTTP_HEADER: HTTP parameter
+ directly written to HTTP header output</li>
+ <li>CN_IMPLEMENTS_CLONE_BUT_NOT_CLONEABLE: Class defines
+ clone() but doesn't implement Cloneable</li>
+ <li>DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE: Synchronization
+ on boxed primitive could lead to deadlock</li>
+ <li>DL_SYNCHRONIZATION_ON_BOOLEAN: Synchronization on
+ Boolean could lead to deadlock</li>
+ <li>ML_SYNC_ON_FIELD_TO_GUARD_CHANGING_THAT_FIELD:
+ Synchronization on field in futile attempt to guard that field
+ </li>
+ <li>DLS_DEAD_LOCAL_STORE_IN_RETURN: Useless assignment in
+ return statement</li>
+ <li>WL_USING_GETCLASS_RATHER_THAN_CLASS_LITERAL:
+ Synchronization on getClass rather than class literal</li>
+ </ul>
+ </li>
+ <li>Other:
+ <ul>
+ <li>Many enhancements to cross-site scripting detector and
+ its documentation</li>
+ <li>Enhanced switch fall through handling</li>
+ <li>Enhanced unread field handling (look for IF_ACMPEQ and
+ IF_ACMPNE)</li>
+ <li>Clarified documentation for @Nullable in manual</li>
+ <li>Fewer DeadLocalStore false positives</li>
+ <li>Fewer UnreadField false positives</li>
+ <li>Fewer StaticCalendarDetector false positives</li>
+ <li>Performance fix for slow file system IO e.g. Clearcase
+ repositories (thanks, Andrei!)</li>
+ <li>Other, general performance enhancements (thanks,
+ Andrei!)</li>
+ <li>Enhancements for using FindBugs scripts with MKS on
+ Windows (thanks, Kelly O'Hair!)</li>
+ <li>Noted in the manual that jsr305.jar must be present
+ for annotations to compile</li>
+ <li>Added and fine-tuned default-nullness annotations</li>
+ <li>More CWE IDs added</li>
+ <li>Check and warning for unexpected BCEL version in
+ classpath</li>
+ </ul>
+ </li>
+ <li>Fixes:
+ <ul>
+ <li>Bug fix to handling of local variable tables in BCEL</li>
+ <li>Refined documentation for
+ MTIA_SUSPECT_STRUTS_INSTANCE_FIELD</li>
+ <li>[ 1927295 ] NPE when called on project root</li>
+ <li>[ 1926405 ] Incorrect dead store warning</li>
+ <li>[ 1926409 ] Incorrect redundant nullcheck warning</li>
+ <li>[ 1926389 ] Wrong line number printed/highlighted in
+ bug</li>
+ <li>[ 1927040 ] typo in bug description</li>
+ <li>[ 1926263 ] Minor glitch in HTML output</li>
+ <li>[ 1926240 ] Minor error in standard options in manual</li>
+ <li>[ 1926236 ] Minor bug in installation section of
+ manual</li>
+ <li>[ 1925539 ] ZIP is default file system code base</li>
+ <li>[ 1894701 ] Livelock / memory leak in
+ ObjectTypeFactory (thanks, Andrei!)</li>
+ <li>[ 1867491 ] Doesn't reload annotations after code
+ changes in IDE (thanks, Andrei!)</li>
+ <li>[ 1921399 ] -project option not supported</li>
+ <li>[ 1913834 ] "Dead" store to variable with method call</li>
+ <li>[ 1917352 ] H B se:...field in serializable class</li>
+ <li>[ 1911617 ] CloneIdiom relies on
+ getNameConstantOperand for INSTANCEOF</li>
+ <li>[ 1911620 ] False +: DLS predecrement before return</li>
+ <li>[ 1871376 ] False negative: non-serializable Map field</li>
+ <li>[ 1871051 ] non standard clone() method</li>
+ <li>[ 1908854 ] Error in TestASM</li>
+ <li>[ 1907539 ] 22 minor errors in bug checker
+ documentation</li>
+ <li>[ 1897323 ] EJB implementation class false positives</li>
+ <li>[ 1899648 ] Crash on startup on Vista with Java
+ 1.6.0_04</li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li>FindBugs Eclipse plugin (change log by Andrey Loskutov)
+ <ul>
+ <li>new feature: export basic FindBugs numbers for projects
+ via File->Export->Java->BugCounts (Andrey Loskutov)</li>
+ <li>new feature: jobs for different projects will be run in
+ parallel per default if running on a multi-core PC
+ ("fb.allowParallelBuild" system property not used anymore)
+ (Andrey Loskutov)</li>
+ <li>fixed performance slowdown in the multi-threaded build,
+ caused by workspace operation locks during assigning marker
+ attributes (Andrey Loskutov)</li>
+ </ul>
+ </li>
+ </ul>
- <ul>
- <li>FindBugs base</li>
- <ul>
- <li>New Bug Category:</li>
- <ul>
- <li>SECURITY (Abbrev: S), A use of untrusted input in
- a way that could create a remotely exploitable
- security vulnerability</li>
- </ul>
- <li>New Detectors:</li>
- <ul>
- <li>CrossSiteScripting: This detector looks for
- obvious/blatant cases of cross site scripting
- vulnerabilities</li>
- </ul>
- <li>New BugCode:</li>
- <ul>
- <li>XSS: Cross site scripting</li>
- </ul>
- <li>New Reports:</li>
- <ul>
- <li>XSS_REQUEST_PARAMETER_TO_SERVLET_WRITER: HTTP
- parameter directly written to Servlet output,
- giving XSS vulnerability</li>
- <li>XSS_REQUEST_PARAMETER_TO_JSP_WRITER: HTTP
- parameter directly written to JSP output, giving
- XSS vulnerability</li>
- <li>EQ_OTHER_USE_OBJECT: equals() method defined that
- doesn't override Object.equals(Object)</li>
- <li>EQ_OTHER_NO_OBJECT: equals() method inherits
- rather than overrides equals(Object)</li>
- <li>NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE:
- Possible null pointer dereference on path that
- might be infeasible</li>
- </ul>
- <li>Other:</li>
- <ul>
- <li>Added -noClassOk command-line parameter to
- command-line and ant interfaces; when -noClassOk
- is specified and no classfiles are given, FindBugs
- will print a warning message and output a well-
- formed file with no warnings</li>
- <li>Fewer false positives for null pointer bugs</li>
- <li>Suppress dead-local-store false positives in .jsp
- code</li>
- <li>Type fixes in warning messages</li>
- <li>Better warning message for
- NP_NULL_ON_SOME_PATH</li>
- <li>"WMI" bug code description renamed from "Wrong
- Map Iterator" to "Inefficient Map Iterator"</li>
- </ul>
- <li>Fixes:</li>
- <ul>
- <li>[ 1893048 ] FindBugs confused by a findbugs.xml file</li>
- <li>[ 1878528 ] XSL xforms don't support history features</li>
- <li>[ 1876584 ] two default.xsl flaws</li>
- <li>[ 1874856 ] Format string bug detector doesn't handle special operators</li>
- <li>[ 1872645 ] computeBugHistory - java.lang.IllegalArgumentException</li>
- <li>[ 1872237 ] Ant task fails when no .class files</li>
- <li>[ 1868670 ] Filters: include AND exclude don't allowed</li>
- <li>[ 1868666 ] check-for-oddness reported, but array length can never be negative</li>
- <li>[ 1866108 ] SetBugDatabaseInfoTask strips dir from output filename</li>
- <li>[ 1866021 ] MineBugHistoryTask strips dir of output filename</li>
- <li>[ 1865265 ] code doesn't handle StringBuffer.append([CII) right</li>
- <li>[ 1864793 ] Warning when casting a null reference compared to a String</li>
- <li>[ 1863376 ] Typo in manual chap 8: Filter Files</li>
- <li>[ 1862705 ] Transient fields that default to null</li>
- <li>[ 1842545 ] DLS on catch variable (with priority tweaking)</li>
- <li>[ 1816258 ] false positive BC_IMPOSSIBLE_CAST</li>
- <li>[ 1551732 ] Get erroneous DLS with while loop</li>
- </ul>
- </ul>
- <li>FindBugs Eclipse plugin (change log by Andrey Loskutov)</li>
- <ul>
- <li>new feature: added Bug explorer view (replacing Bug tree view), based on Common Navigator framework (Andrey Loskutov)</li>
- <li>bug 1873860 fixed: empty projects are no longer shown in Bug tree view (Andrey Loskutov)</li>
- <li>new feature: bug counts decorators for projects, folders and files (has to be activated
- via Preferences -> general -> appearance -> label decorations)(Andrey Loskutov)</li>
- <li>patch 1746499: better icons (Alessandro Nistico)</li>
- <li>patch 1893685: Find bug actions on change sets bug (Alessandro Nistico)</li>
- <li>fixed bug 1855384: Bug configuration is broken in Eclipse (Andrey Loskutov)</li>
- <li>refactored FindBugs properties page (Andrey Loskutov)</li>
- <li>refactored FindBugs worker/builder/run action (Andrey Loskutov)</li>
- <li>FB detects now only bugs from classes on project's classpath (no double work on
- duplicated class files) (Andrey Loskutov)</li>
- <li>fixed bug introduced by the bad patch for 1867951: FB cannot be executed incrementally
- on a folder of file (Andrey Loskutov)</li>
- <li>fixed job rule: now jobs for different projects may run in parallel if running on a
- multi-core PC and "fb.allowParallelBuild" system property is set to true (Andrey Loskutov)</li>
- <li>fixed FB auto-build not started if .fbprefs or .classpath was changed (Andrey Loskutov)</li>
- <li>fixed not reporting bugs on secondary types (classes defined in java files with
- different name) (Andrey Loskutov) </li>
- </ul>
- </ul>
+ <p>Changes since version 1.3.1</p>
- <p> Changes since version 1.3.0</p>
- <ul>
- <li>New Reports</li>
- <ul>
- <li>VA_FORMAT_STRING_ARG_MISMATCH:
- A format-string method with a variable number of arguments is called,
- but the number of arguments passed does not match with the number of
- % placeholders in the format string. This is probably not what the
- author intended.
- <li>IO_APPENDING_TO_OBJECT_OUTPUT_STREAM:
- This code opens a file in append mode and that wraps the result in an object output stream.
- This won't allow you to append to an existing object output stream stored in a file. If you want to be
- able to append to an object output stream, you need to keep the object output stream open.
- The only situation in which opening a file in append mode and the writing an object output stream
- could work is if on reading the file you plan to open it in random access mode and seek to the byte offset
- where the append started.
- <li>NP_BOOLEAN_RETURN_NULL:
- A method that returns either Boolean.TRUE, Boolean.FALSE or null is an accident waiting to happen.
- This method can be invoked as though it returned a value of type boolean, and
- the compiler will insert automatic unboxing of the Boolean value. If a null value is returned,
- this will result in a NullPointerException.
- </ul>
- <li>Changes to Existing Reports</li>
- <ul>
- <li>RV_DONT_JUST_NULL_CHECK_READLINE: CORRECTNESS -> STYLE</li>
- <li>DMI_INVOKING_TOSTRING_ON_ARRAY: Long description mentions array name whenever possible</li>
- </ul>
- <li>Fixes:</li>
- <ul>
- <li>Updated manual to mention that Java 1.5 is now a requirement for running FindBugs
- <li>Applied patch 1840206 fixing issue "Ant task does not work when presetdef is used" - thanks to phejl
- <li>Applied patch 1778690 fixing issue "Ant task: tolerate but complain about invalid auxClasspath" - thanks to David Schmidt
- <li>Applied patch 1852125 adding a Chinese-language GUI bundle props file - thanks to fifi
- <li>Applied patch 1845903 adding ability to load XML results with the Eclipse plugin - thanks to Alex Mont
- <li>Fixed issue 1844671 - "FP for "reversed" null check in catch for stream close"
- <li>Fixed issue 1836050 - "-onlyAnalyze broken"
- <li>Fixed issue 1853011 - "Typo: Field names should start with aN lower case letter"
- <li>Fixed issue 1844181 - "JNLP file does not contain all necessary JARs"
- <li>Fixed issue 1840245 - "xxxException class does not derive from Exception"
- <li>Fixed issue 1840277 - "[M D EC] Typo in bug documentation"
- <li>Fixed issue 1782447 - "OutOfMemoryError if i activate Findbugs on my project"
- <li>Fixed issue 1830576 - "[regression] keySet/entrySet false positive"
- </ul>
- <li>Other:</li>
- <ul>
- <li>New bug code: "IO" (for IO_APPENDING_TO_OBJECT_OUTPUT_STREAM)</li>
- <li>Added "-onlyMostRecent" option for computeBugHistory script/ant task
- <li>More explicit language in RV_RETURN_VALUE_IGNORED_BAD_PRACTICE messages
- <li>Modified ResourceValueAnalysis to correctly identify null == X or null != X as a null check (for issue 1844671)
- <li>Modified DMI_HARDCODED_ABSOLUTE_FILENAME logic in DumbMethodInvocations to ignore files from /etc or /dev and increase priority of files from /home
- <li>Better bug details for infinite loop warnings
- <li>Modified unread-fields detector to reduce false positives from reflective fields
- <li>build.xml "classes" target now builds all sources in one step
- </ul>
- </ul>
+ <ul>
+ <li>FindBugs base
+ <ul>
+ <li>New Bug Category:
+ <ul>
+ <li>SECURITY (Abbrev: S), A use of untrusted input in a
+ way that could create a remotely exploitable security
+ vulnerability</li>
+ </ul>
+ </li>
+ <li>New Detectors:
+ <ul>
+ <li>CrossSiteScripting: This detector looks for
+ obvious/blatant cases of cross site scripting vulnerabilities</li>
+ </ul>
+ </li>
+ <li>New BugCode:
+ <ul>
+ <li>XSS: Cross site scripting</li>
+ </ul>
+ </li>
+ <li>New Reports:
+ <ul>
+ <li>XSS_REQUEST_PARAMETER_TO_SERVLET_WRITER: HTTP
+ parameter directly written to Servlet output, giving XSS
+ vulnerability</li>
+ <li>XSS_REQUEST_PARAMETER_TO_JSP_WRITER: HTTP parameter
+ directly written to JSP output, giving XSS vulnerability</li>
+ <li>EQ_OTHER_USE_OBJECT: equals() method defined that
+ doesn't override Object.equals(Object)</li>
+ <li>EQ_OTHER_NO_OBJECT: equals() method inherits rather
+ than overrides equals(Object)</li>
+ <li>NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE: Possible
+ null pointer dereference on path that might be infeasible</li>
+ </ul>
+ </li>
+ <li>Other:
+ <ul>
+ <li>Added -noClassOk command-line parameter to
+ command-line and ant interfaces; when -noClassOk is specified
+ and no classfiles are given, FindBugs will print a warning
+ message and output a well- formed file with no warnings</li>
+ <li>Fewer false positives for null pointer bugs</li>
+ <li>Suppress dead-local-store false positives in .jsp code</li>
+ <li>Type fixes in warning messages</li>
+ <li>Better warning message for NP_NULL_ON_SOME_PATH</li>
+ <li>"WMI" bug code description renamed from "Wrong Map
+ Iterator" to "Inefficient Map Iterator"</li>
+ </ul>
+ </li>
+ <li>Fixes:
+ <ul>
+ <li>[ 1893048 ] FindBugs confused by a findbugs.xml file</li>
+ <li>[ 1878528 ] XSL xforms don't support history features</li>
+ <li>[ 1876584 ] two default.xsl flaws</li>
+ <li>[ 1874856 ] Format string bug detector doesn't handle
+ special operators</li>
+ <li>[ 1872645 ] computeBugHistory -
+ java.lang.IllegalArgumentException</li>
+ <li>[ 1872237 ] Ant task fails when no .class files</li>
+ <li>[ 1868670 ] Filters: include AND exclude don't allowed</li>
+ <li>[ 1868666 ] check-for-oddness reported, but array
+ length can never be negative</li>
+ <li>[ 1866108 ] SetBugDatabaseInfoTask strips dir from
+ output filename</li>
+ <li>[ 1866021 ] MineBugHistoryTask strips dir of output
+ filename</li>
+ <li>[ 1865265 ] code doesn't handle
+ StringBuffer.append([CII) right</li>
+ <li>[ 1864793 ] Warning when casting a null reference
+ compared to a String</li>
+ <li>[ 1863376 ] Typo in manual chap 8: Filter Files</li>
+ <li>[ 1862705 ] Transient fields that default to null</li>
+ <li>[ 1842545 ] DLS on catch variable (with priority
+ tweaking)</li>
+ <li>[ 1816258 ] false positive BC_IMPOSSIBLE_CAST</li>
+ <li>[ 1551732 ] Get erroneous DLS with while loop</li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li>FindBugs Eclipse plugin (change log by Andrey Loskutov)
+ <ul>
+ <li>new feature: added Bug explorer view (replacing Bug tree
+ view), based on Common Navigator framework (Andrey Loskutov)</li>
+ <li>bug 1873860 fixed: empty projects are no longer shown in
+ Bug tree view (Andrey Loskutov)</li>
+ <li>new feature: bug counts decorators for projects, folders
+ and files (has to be activated via Preferences -> general
+ -> appearance -> label decorations)(Andrey Loskutov)</li>
+ <li>patch 1746499: better icons (Alessandro Nistico)</li>
+ <li>patch 1893685: Find bug actions on change sets bug
+ (Alessandro Nistico)</li>
+ <li>fixed bug 1855384: Bug configuration is broken in
+ Eclipse (Andrey Loskutov)</li>
+ <li>refactored FindBugs properties page (Andrey Loskutov)</li>
+ <li>refactored FindBugs worker/builder/run action (Andrey
+ Loskutov)</li>
+ <li>FB detects now only bugs from classes on project's
+ classpath (no double work on duplicated class files) (Andrey
+ Loskutov)</li>
+ <li>fixed bug introduced by the bad patch for 1867951: FB
+ cannot be executed incrementally on a folder of file (Andrey
+ Loskutov)</li>
+ <li>fixed job rule: now jobs for different projects may run
+ in parallel if running on a multi-core PC and
+ "fb.allowParallelBuild" system property is set to true (Andrey
+ Loskutov)</li>
+ <li>fixed FB auto-build not started if .fbprefs or
+ .classpath was changed (Andrey Loskutov)</li>
+ <li>fixed not reporting bugs on secondary types (classes
+ defined in java files with different name) (Andrey Loskutov)</li>
+ </ul>
+ </li>
+ </ul>
- <p> Changes since version 1.2.1</p>
- <ul>
- <li>New Detectors and Reports</li>
- <ul>
- <li>SynchronizationOnSharedBuiltinConstant</li>
- <ul>
- <li>DL_SYNCHRONIZATION_ON_SHARED_CONSTANT:
- The code synchronizes on a shared primitive
- constant, such as an interned String. Such
- constants are interned and shared across all other
- classes loaded by the JVM. Thus, this could be
- locking on something that other code might also be
- locking. This could result in very strange and hard
- to diagnose blocking and deadlock behavior. See
- <a href="http://www.javalobby.org/java/forums/t96352.html">http://www.javalobby.org/java/forums/t96352.html</a>
- and
- <a href="http://jira.codehaus.org/browse/JETTY-352">http://jira.codehaus.org/browse/JETTY-352</a>.
- </ul>
- <li>OverridingEqualsNotSymmetrical</li>
- <ul>
- <li>EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC:
- Looks for equals methods that override equals
- methods in a superclass where the equivalence
- relationship might not be symmetrical.
- </ul>
- <li>CheckTypeQualifiers</li>
- <ul>
- <li>TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED:
- A value specified as carrying a type qualifier
- annotation is consumed in a location or locations
- requiring that the value not carry that annotation.
- More precisely, a value annotated with a type
- qualifier specifying when=ALWAYS is guaranteed to reach
- a use or uses where the same type qualifier specifies
- when=NEVER.
- </li>
- <li>TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED:
- A value specified as not carrying a type qualifier
- annotation is guaranteed to be consumed in a location
- or locations requiring that the value does carry that
- annotation. More precisely, a value annotated with a
- type qualifier specifying when=NEVER is guaranteed to
- reach a use or uses where the same type qualifier
- specifies when=ALWAYS.
- </li>
- <li>TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK:
- A value that might not carry a type qualifier
- annotation reaches a use which requires that
- annotation.
- </li>
- <li>TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK:
- A value which might carry a type qualifier annotation
- reaches a use which forbids values carrying that
- annotation.
- </li>
- </ul>
- </ul>
- <li>New Reports (existing detectors)</li>
- <ul>
- <li>FindHEmismatch</li>
- <ul>
- <li>EQ_DOESNT_OVERRIDE_EQUALS:
- This class extends a class that defines an equals
- method and adds fields, but doesn't define an equals
- method itself. Thus, equality on instances of this
- class will ignore the identity of the subclass and the
- added fields. Be sure this is what is intended, and
- that you don't need to override the equals method. Even
- if you don't need to override the equals method,
- consider overriding it anyway to document the fact that
- the equals method for the subclass just return the
- result of invoking super.equals(o).
- </li>
- </ul>
- <li>Naming
- <ul>
- <li>NM_WRONG_PACKAGE, NM_WRONG_PACKAGE_INTENTIONAL:
- The method in the subclass doesn't override a similar
- method in a superclass because the type of a parameter
- doesn't exactly match the type of the corresponding
- parameter in the superclass.
- </li>
- <li>NM_SAME_SIMPLE_NAME_AS_SUPERCLASS:
- This class has a simple name that is identical to that
- of its superclass, except that its superclass is in a
- different package (e.g., <code>alpha.Foo</code>
- extends <code>beta.Foo</code>). This can be
- exceptionally confusing, create lots of situations in
- which you have to look at import statements to resolve
- references and creates many opportunities to
- accidently define methods that do not override methods
- in their superclasses.
- </li>
- <li>NM_SAME_SIMPLE_NAME_AS_INTERFACE:
- This class/interface has a simple name that is
- identical to that of an implemented/extended
- interface, except that the interface is in a different
- package (e.g., <code>alpha.Foo</code> extends
- <code>beta.Foo</code>). This can be exceptionally
- confusing, create lots of situations in which you have
- to look at import statements to resolve references and
- creates many opportunities to accidently define methods
- that do not override methods in their superclasses.
- </li>
- </ul>
- <li>FindRefComparison</li>
- <ul>
- <li>EC_UNRELATED_TYPES_USING_POINTER_EQUALITY:
- This method uses using pointer equality to compare two
- references that seem to be of different types. The
- result of this comparison will always be false at
- runtime.
- </li>
- </ul>
- <li>IncompatMask</li>
- <ul>
- <li>BIT_SIGNED_CHECK, BIT_SIGNED_CHECK_HIGH_BIT:
- This method compares an expression such as
- <tt>((event.detail & SWT.SELECTED) > 0)</tt>. Using
- bit arithmetic and then comparing with the greater than
- operator can lead to unexpected results (of course
- depending on the value of SWT.SELECTED). If
- SWT.SELECTED is a negative number, this is a candidate
- for a bug. Even when SWT.SELECTED is not negative, it
- seems good practice to use '!= 0' instead of '> 0'.
- </li>
- </ul>
- <li>LazyInit</li>
- <ul>
- <li>LI_LAZY_INIT_UPDATE_STATIC:
- This method contains an unsynchronized lazy
- initialization of a static field. After the field is
- set, the object stored into that location is further
- accessed. The setting of the field is visible to other
- threads as soon as it is set. If the further accesses in
- the method that set the field serve to initialize the
- object, then you have a <em>very serious</em>
- multithreading bug, unless something else prevents any
- other thread from accessing the stored object until it
- is fully initialized.
- </li>
- </ul>
- <li>FindDeadLocalStores</li>
- <ul>
- <li>DLS_DEAD_STORE_OF_CLASS_LITERAL:
- This instruction assigns a class literal to a variable
- and then never uses it.
- <a href="//java.sun.com/j2se/1.5.0/compatibility.html#literal">The behavior of this differs in Java 1.4 and in Java 5.</a>
- In Java 1.4 and earlier, a reference to
- <code>Foo.class</code> would force the static
- initializer for <code>Foo</code> to be executed, if it
- has not been executed already. In Java 5 and later, it
- does not. See Sun's
- <a href="//java.sun.com/j2se/1.5.0/compatibility.html#literal">article on Java SE compatibility</a>
- for more details and examples, and suggestions on how
- to force class initialization in Java 5.
- </li>
- </ul>
- <li>MethodReturnCheck</li>
- <ul>
- <li>RV_RETURN_VALUE_IGNORED_BAD_PRACTICE:
- This method returns a value that is not checked. The
- return value should be checked since it can indication
- an unusual or unexpected function execution. For
- example, the <code>File.delete()</code> method returns
- false if the file could not be successfully deleted
- (rather than throwing an Exception). If you don't
- check the result, you won't notice if the method
- invocation signals unexpected behavior by returning an
- atypical return value.
- </li>
- <li>RV_EXCEPTION_NOT_THROWN:
- This code creates an exception (or error) object, but
- doesn't do anything with it.
- </li>
- </ul>
- </ul>
- <li>Changes to Existing Reports</li>
- <ul>
- <li>NS_NON_SHORT_CIRCUIT: BAD_PRACTICE -> STYLE</li>
- <li>NS_DANGEROUS_NON_SHORT_CIRCUIT: CORRECTNESS -> STYLE</li>
- <li>RC_REF_COMPARISON: CORRECTNESS -> BAD_PRACTICE</li>
- </ul>
- <li>GUI Changes</li>
- <ul>
- <li>Added importing and exporting of bug filters</li>
- <li>Better handling of failed analysis runs</li>
- <li>Added "-look" parameter for selecting look-and-feel</li>
- <li>Fixed incorrect package filtering</li>
- <li>Fixed issue where "synchronized" was not syntax-highlighted</li>
- </ul>
- <li>Ant-task Changes</li>
- <ul>
- <li>Refactored common ant-task code to AbstractFindBugsTask</li>
- <li>Added tasks for computeBugHistory, convertXmlToText, filterBugs, mineBugHistory, setBugDatabaseInfo</li>
- </ul>
- <li>Manual</li>
- <ul>
- <li>Updates to GUI section, including new screenshots</li>
- <li>Added description of rejarForAnalysis</li>
- <li>Revamp of data-mining section</li>
- </ul>
- <li>Other Major</li>
- <ul>
- <li>Internal restructuring for lower memory overhead</li>
- </ul>
- <li>Other Minor</li>
- <ul>
- <li>Fixed typo: was STCAL_STATIC_SIMPLE_DATA_FORMAT_INSTANCE now STCAL_STATIC_SIMPLE_DATE_FORMAT_INSTANCE</li>
- <li>-outputFile parameter became -output</li>
- <li>More sensitivity and specificity inLazyInit detector</li>
- <li>More sensitivity and specificity in Naming detector</li>
- <li>More sensitivity and specificity in UnreadFields detector</li>
- <li>More sensitivity in FindNullDeref detector</li>
- <li>More sensitivity in FindBadCast2 detector</li>
- <li>More specificity in FindReturnRef detector</li>
- <li>Many other tweaks and bug fixes</li>
- </ul>
- </ul>
+ <p>Changes since version 1.3.0</p>
+ <ul>
+ <li>New Reports
+ <ul>
+ <li>VA_FORMAT_STRING_ARG_MISMATCH: A format-string method
+ with a variable number of arguments is called, but the number of
+ arguments passed does not match with the number of %
+ placeholders in the format string. This is probably not what the
+ author intended.
+ <li>IO_APPENDING_TO_OBJECT_OUTPUT_STREAM: This code opens a
+ file in append mode and that wraps the result in an object
+ output stream. This won't allow you to append to an existing
+ object output stream stored in a file. If you want to be able to
+ append to an object output stream, you need to keep the object
+ output stream open. The only situation in which opening a file
+ in append mode and the writing an object output stream could
+ work is if on reading the file you plan to open it in random
+ access mode and seek to the byte offset where the append
+ started.
+ <li>NP_BOOLEAN_RETURN_NULL: A method that returns either
+ Boolean.TRUE, Boolean.FALSE or null is an accident waiting to
+ happen. This method can be invoked as though it returned a value
+ of type boolean, and the compiler will insert automatic unboxing
+ of the Boolean value. If a null value is returned, this will
+ result in a NullPointerException.
+ </ul>
+ </li>
+ <li>Changes to Existing Reports
+ <ul>
+ <li>RV_DONT_JUST_NULL_CHECK_READLINE: CORRECTNESS ->
+ STYLE</li>
+ <li>DMI_INVOKING_TOSTRING_ON_ARRAY: Long description
+ mentions array name whenever possible</li>
+ </ul>
+ </li>
+ <li>Fixes:
+ <ul>
+ <li>Updated manual to mention that Java 1.5 is now a
+ requirement for running FindBugs
+ <li>Applied patch 1840206 fixing issue "Ant task does not
+ work when presetdef is used" - thanks to phejl
+ <li>Applied patch 1778690 fixing issue "Ant task: tolerate
+ but complain about invalid auxClasspath" - thanks to David
+ Schmidt
+ <li>Applied patch 1852125 adding a Chinese-language GUI
+ bundle props file - thanks to fifi
+ <li>Applied patch 1845903 adding ability to load XML results
+ with the Eclipse plugin - thanks to Alex Mont
+ <li>Fixed issue 1844671 - "FP for "reversed" null check in
+ catch for stream close"
+ <li>Fixed issue 1836050 - "-onlyAnalyze broken"
+ <li>Fixed issue 1853011 - "Typo: Field names should start
+ with aN lower case letter"
+ <li>Fixed issue 1844181 - "JNLP file does not contain all
+ necessary JARs"
+ <li>Fixed issue 1840245 - "xxxException class does not
+ derive from Exception"
+ <li>Fixed issue 1840277 - "[M D EC] Typo in bug
+ documentation"
+ <li>Fixed issue 1782447 - "OutOfMemoryError if i activate
+ Findbugs on my project"
+ <li>Fixed issue 1830576 - "[regression] keySet/entrySet
+ false positive"
+ </ul>
+ </li>
+ <li>Other:
+ <ul>
+ <li>New bug code: "IO" (for
+ IO_APPENDING_TO_OBJECT_OUTPUT_STREAM)</li>
+ <li>Added "-onlyMostRecent" option for computeBugHistory
+ script/ant task
+ <li>More explicit language in
+ RV_RETURN_VALUE_IGNORED_BAD_PRACTICE messages
+ <li>Modified ResourceValueAnalysis to correctly identify
+ null == X or null != X as a null check (for issue 1844671)
+ <li>Modified DMI_HARDCODED_ABSOLUTE_FILENAME logic in
+ DumbMethodInvocations to ignore files from /etc or /dev and
+ increase priority of files from /home
+ <li>Better bug details for infinite loop warnings
+ <li>Modified unread-fields detector to reduce false
+ positives from reflective fields
+ <li>build.xml "classes" target now builds all sources in one
+ step
+ </ul>
+ </li>
+ </ul>
- <p> Changes since version 1.2.0</p>
- <ul>
+ <p>Changes since version 1.2.1</p>
+ <ul>
+ <li>New Detectors and Reports
+ <ul>
+ <li>SynchronizationOnSharedBuiltinConstant
+ <ul>
+ <li>DL_SYNCHRONIZATION_ON_SHARED_CONSTANT: The code
+ synchronizes on a shared primitive constant, such as an
+ interned String. Such constants are interned and shared across
+ all other classes loaded by the JVM. Thus, this could be
+ locking on something that other code might also be locking.
+ This could result in very strange and hard to diagnose
+ blocking and deadlock behavior. See <a
+ href="http://www.javalobby.org/java/forums/t96352.html">http://www.javalobby.org/java/forums/t96352.html</a>
+ and <a href="http://jira.codehaus.org/browse/JETTY-352">http://jira.codehaus.org/browse/JETTY-352</a>.
+
+ </ul>
+ </li>
+ <li>OverridingEqualsNotSymmetrical
+ <ul>
+ <li>EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC: Looks for equals
+ methods that override equals methods in a superclass where the
+ equivalence relationship might not be symmetrical.
+ </ul>
+ </li>
+ <li>CheckTypeQualifiers
+ <ul>
+ <li>TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED: A value
+ specified as carrying a type qualifier annotation is consumed
+ in a location or locations requiring that the value not carry
+ that annotation. More precisely, a value annotated with a type
+ qualifier specifying when=ALWAYS is guaranteed to reach a use
+ or uses where the same type qualifier specifies when=NEVER.</li>
+ <li>TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED: A value
+ specified as not carrying a type qualifier annotation is
+ guaranteed to be consumed in a location or locations requiring
+ that the value does carry that annotation. More precisely, a
+ value annotated with a type qualifier specifying when=NEVER is
+ guaranteed to reach a use or uses where the same type
+ qualifier specifies when=ALWAYS.</li>
+ <li>TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK: A value
+ that might not carry a type qualifier annotation reaches a use
+ which requires that annotation.</li>
+ <li>TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK: A value
+ which might carry a type qualifier annotation reaches a use
+ which forbids values carrying that annotation.</li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li>New Reports (existing detectors)
+ <ul>
+ <li>FindHEmismatch
+ <ul>
+ <li>EQ_DOESNT_OVERRIDE_EQUALS: This class extends a class
+ that defines an equals method and adds fields, but doesn't
+ define an equals method itself. Thus, equality on instances of
+ this class will ignore the identity of the subclass and the
+ added fields. Be sure this is what is intended, and that you
+ don't need to override the equals method. Even if you don't
+ need to override the equals method, consider overriding it
+ anyway to document the fact that the equals method for the
+ subclass just return the result of invoking super.equals(o).</li>
+ </ul>
+ </li>
+ <li>Naming
+ <ul>
+ <li>NM_WRONG_PACKAGE, NM_WRONG_PACKAGE_INTENTIONAL: The
+ method in the subclass doesn't override a similar method in a
+ superclass because the type of a parameter doesn't exactly
+ match the type of the corresponding parameter in the
+ superclass.</li>
+ <li>NM_SAME_SIMPLE_NAME_AS_SUPERCLASS: This class has a
+ simple name that is identical to that of its superclass,
+ except that its superclass is in a different package (e.g., <code>alpha.Foo</code>
+ extends <code>beta.Foo</code>). This can be exceptionally
+ confusing, create lots of situations in which you have to look
+ at import statements to resolve references and creates many
+ opportunities to accidently define methods that do not
+ override methods in their superclasses.
+ </li>
+ <li>NM_SAME_SIMPLE_NAME_AS_INTERFACE: This class/interface
+ has a simple name that is identical to that of an
+ implemented/extended interface, except that the interface is
+ in a different package (e.g., <code>alpha.Foo</code> extends <code>beta.Foo</code>).
+ This can be exceptionally confusing, create lots of situations
+ in which you have to look at import statements to resolve
+ references and creates many opportunities to accidently define
+ methods that do not override methods in their superclasses.
+ </li>
+ </ul>
+ <li>FindRefComparison
+ <ul>
+ <li>EC_UNRELATED_TYPES_USING_POINTER_EQUALITY: This method
+ uses using pointer equality to compare two references that
+ seem to be of different types. The result of this comparison
+ will always be false at runtime.</li>
+ </ul>
+ </li>
+ <li>IncompatMask
+ <ul>
+ <li>BIT_SIGNED_CHECK, BIT_SIGNED_CHECK_HIGH_BIT: This
+ method compares an expression such as <tt>((event.detail
+ & SWT.SELECTED) > 0)</tt>. Using bit arithmetic and then
+ comparing with the greater than operator can lead to
+ unexpected results (of course depending on the value of
+ SWT.SELECTED). If SWT.SELECTED is a negative number, this is a
+ candidate for a bug. Even when SWT.SELECTED is not negative,
+ it seems good practice to use '!= 0' instead of '> 0'.
+ </li>
+ </ul>
+ </li>
+ <li>LazyInit
+ <ul>
+ <li>LI_LAZY_INIT_UPDATE_STATIC: This method contains an
+ unsynchronized lazy initialization of a static field. After
+ the field is set, the object stored into that location is
+ further accessed. The setting of the field is visible to other
+ threads as soon as it is set. If the further accesses in the
+ method that set the field serve to initialize the object, then
+ you have a <em>very serious</em> multithreading bug, unless
+ something else prevents any other thread from accessing the
+ stored object until it is fully initialized.
+ </li>
+ </ul>
+ </li>
+ <li>FindDeadLocalStores
+ <ul>
+ <li>DLS_DEAD_STORE_OF_CLASS_LITERAL: This instruction
+ assigns a class literal to a variable and then never uses it.
+ <a href="//java.sun.com/j2se/1.5.0/compatibility.html#literal">The
+ behavior of this differs in Java 1.4 and in Java 5.</a> In Java
+ 1.4 and earlier, a reference to <code>Foo.class</code> would
+ force the static initializer for <code>Foo</code> to be
+ executed, if it has not been executed already. In Java 5 and
+ later, it does not. See Sun's <a
+ href="//java.sun.com/j2se/1.5.0/compatibility.html#literal">article
+ on Java SE compatibility</a> for more details and examples, and
+ suggestions on how to force class initialization in Java 5.
+ </li>
+ </ul>
+ </li>
+ <li>MethodReturnCheck
+ <ul>
+ <li>RV_RETURN_VALUE_IGNORED_BAD_PRACTICE: This method
+ returns a value that is not checked. The return value should
+ be checked since it can indication an unusual or unexpected
+ function execution. For example, the <code>File.delete()</code>
+ method returns false if the file could not be successfully
+ deleted (rather than throwing an Exception). If you don't
+ check the result, you won't notice if the method invocation
+ signals unexpected behavior by returning an atypical return
+ value.
+ </li>
+ <li>RV_EXCEPTION_NOT_THROWN: This code creates an
+ exception (or error) object, but doesn't do anything with it.
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li>Changes to Existing Reports
+ <ul>
+ <li>NS_NON_SHORT_CIRCUIT: BAD_PRACTICE -> STYLE</li>
+ <li>NS_DANGEROUS_NON_SHORT_CIRCUIT: CORRECTNESS -> STYLE</li>
+ <li>RC_REF_COMPARISON: CORRECTNESS -> BAD_PRACTICE</li>
+ </ul>
+ </li>
+ <li>GUI Changes
+ <ul>
+ <li>Added importing and exporting of bug filters</li>
+ <li>Better handling of failed analysis runs</li>
+ <li>Added "-look" parameter for selecting look-and-feel</li>
+ <li>Fixed incorrect package filtering</li>
+ <li>Fixed issue where "synchronized" was not
+ syntax-highlighted</li>
+ </ul>
+ </li>
+ <li>Ant-task Changes
+ <ul>
+ <li>Refactored common ant-task code to AbstractFindBugsTask</li>
+ <li>Added tasks for computeBugHistory, convertXmlToText,
+ filterBugs, mineBugHistory, setBugDatabaseInfo</li>
+ </ul>
+ </li>
+ <li>Manual
+ <ul>
+ <li>Updates to GUI section, including new screenshots</li>
+ <li>Added description of rejarForAnalysis</li>
+ <li>Revamp of data-mining section</li>
+ </ul>
+ </li>
+ <li>Other Major
+ <ul>
+ <li>Internal restructuring for lower memory overhead</li>
+ </ul>
+ </li>
+ <li>Other Minor
+ <ul>
+ <li>Fixed typo: was STCAL_STATIC_SIMPLE_DATA_FORMAT_INSTANCE
+ now STCAL_STATIC_SIMPLE_DATE_FORMAT_INSTANCE</li>
+ <li>-outputFile parameter became -output</li>
+ <li>More sensitivity and specificity inLazyInit detector</li>
+ <li>More sensitivity and specificity in Naming detector</li>
+ <li>More sensitivity and specificity in UnreadFields
+ detector</li>
+ <li>More sensitivity in FindNullDeref detector</li>
+ <li>More sensitivity in FindBadCast2 detector</li>
+ <li>More specificity in FindReturnRef detector</li>
+ <li>Many other tweaks and bug fixes</li>
+ </ul>
+ </li>
+ </ul>
+
+ <p>Changes since version 1.2.0</p>
+ <ul>
<li>Bug fixes:
- <ul>
- <li><a href="http://fisheye2.cenqua.com/changelog/findbugs/?cs=8219">Fix</a> <a href="http://sourceforge.net/tracker/index.php?func=detail&aid=1726946&group_id=96405&atid=614693">bug</a> with detectors that were requested to be disabled but were enabled due to requirements of other detectors.</li>
- <li>Fix bugs in incremental analysis within Eclipse plugin</li>
- <li>Fix some analysis errors</li>
- <li>Fix some threading bugs in GUI2</li>
- <li>Report version as version when it was compiled, not when it was run</li>
- <li>Copy analysis time stamp when filtering or transforming analysis files.</li>
- </ul>
- <li>Enabled StaticCalendarDetector
- </li>
+ <ul>
+ <li><a
+ href="http://fisheye2.cenqua.com/changelog/findbugs/?cs=8219">Fix</a>
+ <a
+ href="http://sourceforge.net/tracker/index.php?func=detail&aid=1726946&group_id=96405&atid=614693">bug</a>
+ with detectors that were requested to be disabled but were
+ enabled due to requirements of other detectors.</li>
+ <li>Fix bugs in incremental analysis within Eclipse plugin</li>
+ <li>Fix some analysis errors</li>
+ <li>Fix some threading bugs in GUI2</li>
+ <li>Report version as version when it was compiled, not when
+ it was run</li>
+ <li>Copy analysis time stamp when filtering or transforming
+ analysis files.</li>
+ </ul>
+ <li>Enabled StaticCalendarDetector</li>
<li>Reworked GUI2 to use standard FindBugs filters
+ <ul>
+ <li>Allow a suppression filter to be stored in a project and
+ persisted to the XML representation of a project.</li>
+ </ul>
</li>
- <ul>
- <li>Allow a suppression filter to be stored in a project and persisted to the XML representation of a project.
- </li>
- </ul>
-
- <li>Move away from old GUI2 save format (a directory containing an xml file and another file containing serialized filters).
- </li>
+
+ <li>Move away from old GUI2 save format (a directory
+ containing an xml file and another file containing serialized
+ filters).</li>
<li>Support/recommend use of two new file extensions/formats:
- <dl><dt>.fba - FindBugs Analysis File</dt>
- <dd>Exactly the same as an existing bug collection file stored in XML format, but using a distinct file extension
- to make it easier to figure out which xml files contain FindBugs results.</dd>
- <dt>.fbp - FindBugs Project File</dt><dd>Contains just the information needed to run FindBugs and display the results (e.g., the files to be analyzed, the auxiliary class path and the location of source files)</dl></li>
- </ul>
- <p> Changes since version 1.1.3</p>
- <ul>
- <li>Added -xml:withAbridgedMessages option to generate xml containing shorter messages.
- The messages will be shorted by doing things like eliding package names, and leaving off
- the source line from the LongMessage.
- These messages are appropriate if being used in a context where
- the non-message components of the bug annotations will be used to provide more information
- (e.g., clicking on the message for a MethodAnnotation will display the source for the method).
- <ul><li>FindBugsDisplayFeatures.setAbridgedMessages(true) can be used to generate abridged messages
- when FindBugs is being accessed directly (not via generated XML) from a GUI or IDE.
- </li>
- </ul>
- <li>In null pointer analysis, try to be better about always showing two locations: where it is known null and
- where it is dereferenced.
- <li>Interprocedural analysis of which methods return nonnull values
- <li>Use method calls to select order in which classes are analyzed, and order in which methods
- are analyzed, to improve interprocedural analysis results.
- <li>Significant improvements in memory footprint, memory allocation and CPU utilization
- (20-30% reduction in all three)
- <li>Added a project name, to provide better descriptions in the HTML output.
- <li>Added new bug pattern: Casting to char, or bit masking with nonnegative value, and then checking to see
- if the result is negative.
- <li>Stopped reporting transient fields
- of classes not marked as serializable. Transient is used by other persistence frameworks.
- <li>Improvements to detector for SQL injection (Thanks to <a href="http://www.clock.org/~matt">Matt Hargett</a> for
- his contributions
- <li>Changed open/save options in GUI2 to not distinguish between FindBugs projects
- and saved FindBugs analysis results.
- <li>Improvements to detection of serious non-short-circuit evaluation.
+ <dl>
+ <dt>.fba - FindBugs Analysis File</dt>
+ <dd>Exactly the same as an existing bug collection file
+ stored in XML format, but using a distinct file extension to
+ make it easier to figure out which xml files contain FindBugs
+ results.</dd>
+ <dt>.fbp - FindBugs Project File</dt>
+ <dd>Contains just the information needed to run FindBugs and
+ display the results (e.g., the files to be analyzed, the
+ auxiliary class path and the location of source files)
+ </dl>
+ </li>
+ </ul>
+ <p>Changes since version 1.1.3</p>
+ <ul>
+ <li>Added -xml:withAbridgedMessages option to generate xml
+ containing shorter messages. The messages will be shorted by doing
+ things like eliding package names, and leaving off the source line
+ from the LongMessage. These messages are appropriate if being used
+ in a context where the non-message components of the bug
+ annotations will be used to provide more information (e.g.,
+ clicking on the message for a MethodAnnotation will display the
+ source for the method).
+ <ul>
+ <li>FindBugsDisplayFeatures.setAbridgedMessages(true) can be
+ used to generate abridged messages when FindBugs is being
+ accessed directly (not via generated XML) from a GUI or IDE.</li>
+ </ul>
+ <li>In null pointer analysis, try to be better about always
+ showing two locations: where it is known null and where it is
+ dereferenced.
+ <li>Interprocedural analysis of which methods return nonnull
+ values
+ <li>Use method calls to select order in which classes are
+ analyzed, and order in which methods are analyzed, to improve
+ interprocedural analysis results.
+ <li>Significant improvements in memory footprint, memory
+ allocation and CPU utilization (20-30% reduction in all three)
+ <li>Added a project name, to provide better descriptions in
+ the HTML output.
+ <li>Added new bug pattern: Casting to char, or bit masking
+ with nonnegative value, and then checking to see if the result is
+ negative.
+ <li>Stopped reporting transient fields of classes not marked
+ as serializable. Transient is used by other persistence
+ frameworks.
+ <li>Improvements to detector for SQL injection (Thanks to <a
+ href="http://www.clock.org/~matt">Matt Hargett</a> for his
+ contributions
+ <li>Changed open/save options in GUI2 to not distinguish
+ between FindBugs projects and saved FindBugs analysis results.
+ <li>Improvements to detection of serious non-short-circuit
+ evaluation.
<li>Updated Japanese localization (thanks to Ruimo Uno)
-
<li>Eclipse plugin changes:
- <ul>
- <li>Created Bug User Annotations and Bug Tree Views
- <li>Use different icons for different bug priorities
- <li>Provide more information in Bug Details view
- </ul>
- </ul>
-
- <p>
- Changes since version 1.1.2:
- </p>
- <ul>
+ <ul>
+ <li>Created Bug User Annotations and Bug Tree Views
+ <li>Use different icons for different bug priorities
+ <li>Provide more information in Bug Details view
+ </ul>
+ </ul>
+
+ <p>Changes since version 1.1.2:</p>
+ <ul>
<li>Fixed broken Ant task
<li>Added running ant task to smoke test
<li>Added validating xml and html output to smoke test
- <li>Fixed some (but not all) issues with html output validation
+ <li>Fixed some (but not all) issues with html output
+ validation
<li>Added check for x.equals(x) and x.compareTo(x)
<li>Various bug fixes
- </ul>
- <p>
- Changes since version 1.1.1:
- </p>
- <ul>
- <li>
- Added check for infinite iterative loops
- </li>
- <li>
- Added check for use of incompatible types in a collection (e.g.,
- checking to see if a Set<String> contains a StringBuffer).
- </li>
- <li>
- Added check for invocations of equals or hashCode on a URL,
- which,
- <a
- href="http://michaelscharf.blogspot.com/2006/11/javaneturlequals-and-hashcode-make.html">surprising
- many people</a>, requires DNS resolution.
- </li>
- <li>
- Added check for classes that define compareTo but not equals;
- such classes can exhibit some anomalous behavior (e.g., they are
- treated differently by PriorityQueues in Java 5 and Java 6).
- </li>
- <li>
- Added a check for useless self operations (e.g., x < x or x ^ x).
- </li>
- <li>
- Fixed a data race that could cause the GUI to fail on startup
- </li>
- <li>
- Partial internationalization of the new GUI
- </li>
- <li>
- Fix bug in "Redo analysis" option of new GUI
- </li>
- <li>
- Tuning to reduce false positives
- </li>
- <li>
- Fixed a bug in null pointer analysis that was generating false
- positive null pointer warnings on exception paths. Fixing this
- bug eliminates about 1/4 of the warnings on null pointer
- exceptions on exception paths.
- </li>
- <li>
- Fixed a bug in the processing of phi nodes for fields in the null
- pointer analysis
- </li>
- <li>
- Applied contributed patch that provides more quick fixes in
- Eclipse plugin.
- </li>
- <li>
- Fixed a number of bugs in the Eclipse auto update sites, and in the way
- date qualifiers were being used in the Eclipse plugin. You may need to manually
- disable your existing version of the plugin and download the 1.1.2 from the update
- site to get the automatic update function working correctly.
- The Eclipse update sites are described at <a href="http://findbugs.cs.umd.edu/eclipse/">http://findbugs.cs.umd.edu/eclipse/</a>.
-
- </li>
- <li>
- Fixed progress bar in Eclipse plugin
- </li>
- <li>
- A number of other bug fixes.
- </li>
- </ul>
+ </ul>
+ <p>Changes since version 1.1.1:</p>
+ <ul>
+ <li>Added check for infinite iterative loops</li>
+ <li>Added check for use of incompatible types in a collection
+ (e.g., checking to see if a Set<String> contains a
+ StringBuffer).</li>
+ <li>Added check for invocations of equals or hashCode on a
+ URL, which, <a
+ href="http://michaelscharf.blogspot.com/2006/11/javaneturlequals-and-hashcode-make.html">surprising
+ many people</a>, requires DNS resolution.
+ </li>
+ <li>Added check for classes that define compareTo but not
+ equals; such classes can exhibit some anomalous behavior (e.g.,
+ they are treated differently by PriorityQueues in Java 5 and Java
+ 6).</li>
+ <li>Added a check for useless self operations (e.g., x < x
+ or x ^ x).</li>
+ <li>Fixed a data race that could cause the GUI to fail on
+ startup</li>
+ <li>Partial internationalization of the new GUI</li>
+ <li>Fix bug in "Redo analysis" option of new GUI</li>
+ <li>Tuning to reduce false positives</li>
+ <li>Fixed a bug in null pointer analysis that was generating
+ false positive null pointer warnings on exception paths. Fixing
+ this bug eliminates about 1/4 of the warnings on null pointer
+ exceptions on exception paths.</li>
+ <li>Fixed a bug in the processing of phi nodes for fields in
+ the null pointer analysis</li>
+ <li>Applied contributed patch that provides more quick fixes
+ in Eclipse plugin.</li>
+ <li>Fixed a number of bugs in the Eclipse auto update sites,
+ and in the way date qualifiers were being used in the Eclipse
+ plugin. You may need to manually disable your existing version of
+ the plugin and download the 1.1.2 from the update site to get the
+ automatic update function working correctly. The Eclipse update
+ sites are described at <a
+ href="http://findbugs.cs.umd.edu/eclipse/">http://findbugs.cs.umd.edu/eclipse/</a>.
- <p>
- Changes since version 1.1.0:
- </p>
- <ul>
- <li>
- less scanning of classes not on the analysis path (This was
- causing some performance problems.)
- </li>
- <li>
- no unread field warnings for fields annotated with
- javax.persistent or javax.ejb3
- </li>
- <li>
- Eclipse plugin
- <ul>
- <li>
- bug annotation info displayed in Bug Details tab
- </li>
- <li>
- .fbwarnings data file now stored in .metadata (not in the
- project itself)
- </li>
- </ul>
- </li>
- <li>
- new SE_BAD_FIELD_INNER_CLASS pattern
- </li>
- <li>
- updates to Japanese translation (ruimo)
- </li>
- <li>
- fix some internal slashed/dotted path confusion
- </li>
- <li>
- other minor improvements
- </li>
- </ul>
+ </li>
+ <li>Fixed progress bar in Eclipse plugin</li>
+ <li>A number of other bug fixes.</li>
+ </ul>
- <p>
- Changes since version 1.0.0:
- </p>
+ <p>Changes since version 1.1.0:</p>
+ <ul>
+ <li>less scanning of classes not on the analysis path (This
+ was causing some performance problems.)</li>
+ <li>no unread field warnings for fields annotated with
+ javax.persistent or javax.ejb3</li>
+ <li>Eclipse plugin
+ <ul>
+ <li>bug annotation info displayed in Bug Details tab</li>
+ <li>.fbwarnings data file now stored in .metadata (not in
+ the project itself)</li>
+ </ul>
+ </li>
+ <li>new SE_BAD_FIELD_INNER_CLASS pattern</li>
+ <li>updates to Japanese translation (ruimo)</li>
+ <li>fix some internal slashed/dotted path confusion</li>
+ <li>other minor improvements</li>
+ </ul>
- <ul>
- <li>
- Overall, the change from FindBugs 1.0.0 to FindBugs 1.1.0 has
- been a big change. We've done a lot of work in a lot of areas,
- and aren't even going to try to enumerate all the changes.
- </li>
- <li>
- We spent a lot of time reviewing the results generated by
- FindBugs for open source and commercial code bases, and made a
- number of changes, small and large, to minimize the number of
- false positives. Our primary focus for this was warnings reported
- as high and medium priority correctness warnings. Our internal
- evaluation is that we produce very few high/medium priority
- correctness warnings where the analysis is actually wrong, and
- that more than 75% of the high/medium priority correctness
- warnings correspond to real coding defects that need addressing
- in the source code. The remaining 25% are largely cases such as a
- branch or statement that if taken would lead to an error, but in
- fact is a dead branch or statement that can never be taken. Such
- coding is confusing and hard to maintain, so it should arguably
- be fixed, but it is unlikely to actually result in an error
- during execution. Thus, some might classify those warnings as
- false positives.
+ <p>Changes since version 1.0.0:</p>
- </li>
- <li>
- We've substantially improved the analysis for errors that could
- result in null pointer dereferences. Overall, our experience has
- been that these changes have roughly doubled the number of null
- pointer errors we detect, without increasing the number of false
- positives (in fact, our false positive rate has gone down). The
- improvements are due to four factors:
- <ul>
- <li>
- By default, we now do some interprocedural analysis to
- determine methods that unconditionally dereference their
- parameters.
- </li>
- <li>
- FindBugs also comes with a model of which JDK methods
- unconditionally dereference their parameters.
- </li>
- <li>
- We do limited tracking of fields, so that we can detect null
- values stored in fields that lead to exceptions.
- </li>
- <li>
- We implemented a new analysis technique to find guaranteed
- dereferences. Consider the following example:
-
- <code>
- <pre>public int f(Object x, boolean b) {
+ <ul>
+ <li>Overall, the change from FindBugs 1.0.0 to FindBugs 1.1.0
+ has been a big change. We've done a lot of work in a lot of areas,
+ and aren't even going to try to enumerate all the changes.</li>
+ <li>We spent a lot of time reviewing the results generated by
+ FindBugs for open source and commercial code bases, and made a
+ number of changes, small and large, to minimize the number of
+ false positives. Our primary focus for this was warnings reported
+ as high and medium priority correctness warnings. Our internal
+ evaluation is that we produce very few high/medium priority
+ correctness warnings where the analysis is actually wrong, and
+ that more than 75% of the high/medium priority correctness
+ warnings correspond to real coding defects that need addressing in
+ the source code. The remaining 25% are largely cases such as a
+ branch or statement that if taken would lead to an error, but in
+ fact is a dead branch or statement that can never be taken. Such
+ coding is confusing and hard to maintain, so it should arguably be
+ fixed, but it is unlikely to actually result in an error during
+ execution. Thus, some might classify those warnings as false
+ positives.</li>
+ <li>We've substantially improved the analysis for errors that
+ could result in null pointer dereferences. Overall, our experience
+ has been that these changes have roughly doubled the number of
+ null pointer errors we detect, without increasing the number of
+ false positives (in fact, our false positive rate has gone down).
+ The improvements are due to four factors:
+ <ul>
+ <li>By default, we now do some interprocedural analysis to
+ determine methods that unconditionally dereference their
+ parameters.</li>
+ <li>FindBugs also comes with a model of which JDK methods
+ unconditionally dereference their parameters.</li>
+ <li>We do limited tracking of fields, so that we can detect
+ null values stored in fields that lead to exceptions.</li>
+ <li>We implemented a new analysis technique to find
+ guaranteed dereferences. Consider the following example: <pre>public int f(Object x, boolean b) {
int result = 0;
if (x == null) result++;
else result--;
@@ -1168,2368 +1496,1300 @@
return result - x.hashCode();
}
</pre>
- </code>
- <p>
- FindBugs 1.0 used forward dataflow analysis to determine
- whether each value is definitely null, null on a simple path,
- possible null on a complex path, or definitely nonnull. Thus,
- at the statement where
- <code>
- result
- </code>
- is decremented, we know that
- <code>
- x
- </code>
- is definitely null, and at the point before
- <code>
- if (b)
- </code>
- , we know that
- <code>
- x
- </code>
- is null on a simple path. If
- <code>
- x
- </code>
- were to be dereferenced here, we would generate a warning,
- because if the else branch of the
- <code>
- if (x == null)
- </code>
- were ever taken, a null pointer exception would result.
- </p>
+ <p>
+ FindBugs 1.0 used forward dataflow analysis to determine
+ whether each value is definitely null, null on a simple path,
+ possible null on a complex path, or definitely nonnull. Thus,
+ at the statement where
+ <code> result </code>
+ is decremented, we know that
+ <code> x </code>
+ is definitely null, and at the point before
+ <code> if (b) </code>
+ , we know that
+ <code> x </code>
+ is null on a simple path. If
+ <code> x </code>
+ were to be dereferenced here, we would generate a warning,
+ because if the else branch of the
+ <code> if (x == null) </code>
+ were ever taken, a null pointer exception would result.
+ </p>
- <p>
- However, in both the then and else branches of the
- <code>
- if (b)
- </code>
- statement,
- <code>
- x
- </code>
- is only null on a complex path that may be infeasible. It
- might be that the program logic is such that if
- <code>
- x
- </code>
- is null, then
- <code>
- b
- </code>
- is never true, so generating a warning about the dereference
- in the then clause might be a false positive. We could try to
- analyze the program to determine whether it is possible for
- <code>
- x
- </code>
- to be null and
- <code>
- b
- </code>
- to be true, but that can be a hard analysis problem.
- </p>
+ <p>
+ However, in both the then and else branches of the
+ <code> if (b) </code>
+ statement,
+ <code> x </code>
+ is only null on a complex path that may be infeasible. It might
+ be that the program logic is such that if
+ <code> x </code>
+ is null, then
+ <code> b </code>
+ is never true, so generating a warning about the dereference in
+ the then clause might be a false positive. We could try to
+ analyze the program to determine whether it is possible for
+ <code> x </code>
+ to be null and
+ <code> b </code>
+ to be true, but that can be a hard analysis problem.
+ </p>
- <p>
- However,
- <code>
- x
- </code>
- is dereferenced in both the then
- <em>and</em> else branches of the
- <code>
- if (b)
- </code>
- statement. So at the point immediately before
- <code>
- if (b)
- </code>
- , we know that
- <code>
- x
- </code>
- is null on a simple path
- <em>and</em> that
- <code>
- x
- </code>
- is guaranteed to be dereferenced on all paths from this point
- forward. FindBugs 1.1 performs a backwards data flow analysis
- to determine the values that are guaranteed to be
- dereferenced, and will generate a warning in this case.
- </p>
- </li>
- </ul>
- <p>
- The following screen shot of our new GUI shows an example of
- this analysis, as well as showing off our new GUI and points out
- a limitation of our current plugins for Eclipse and NetBeans.
- The screen shot shows a null pointer bug in HelpDisplay.java.
- The test for
- <code>
- href!=null
- </code>
- on line 78 suggests that
- <code>
- href
- </code>
- could be null. If it is, then
- <code>
- href
- </code>
- will be dereferenced on either line 87 or on line 90, generating
- a NPE. Note that our analysis here also understands that passing
- <code>
- href
- </code>
- to
- <code>
- URLEncoder.encode
- </code>
- will deference it, and thus treats line 87 as a dereference,
- even though
- <code>
- href
- </code>
- is not actually dereferenced at that line. Within our new GUI,
- all of these locations are highlighted and listed in the summary
- panel. In the original GUI (and in HTML output) we list all of
- the locations, but only the primary location is highlighted by
- the original GUI. In the Eclipse and NetBeans plugins, only the
- primary location is displayed; fixing this is on our todo list
- (contributions welcome).
- </p>
- <p>
- <img src="guaranteedDereference.png" alt="">
+ <p>
+ However,
+ <code> x </code>
+ is dereferenced in both the then <em>and</em> else branches of
+ the
+ <code> if (b) </code>
+ statement. So at the point immediately before
+ <code> if (b) </code>
+ , we know that
+ <code> x </code>
+ is null on a simple path <em>and</em> that
+ <code> x </code>
+ is guaranteed to be dereferenced on all paths from this point
+ forward. FindBugs 1.1 performs a backwards data flow analysis
+ to determine the values that are guaranteed to be dereferenced,
+ and will generate a warning in this case.
+ </p>
+ </li>
+ </ul>
+ <p>
+ The following screen shot of our new GUI shows an example of this
+ analysis, as well as showing off our new GUI and points out a
+ limitation of our current plugins for Eclipse and NetBeans. The
+ screen shot shows a null pointer bug in HelpDisplay.java. The
+ test for
+ <code> href!=null </code>
+ on line 78 suggests that
+ <code> href </code>
+ could be null. If it is, then
+ <code> href </code>
+ will be dereferenced on either line 87 or on line 90, generating
+ a NPE. Note that our analysis here also understands that passing
+ <code> href </code>
+ to
+ <code> URLEncoder.encode </code>
+ will deference it, and thus treats line 87 as a dereference, even
+ though
+ <code> href </code>
+ is not actually dereferenced at that line. Within our new GUI,
+ all of these locations are highlighted and listed in the summary
+ panel. In the original GUI (and in HTML output) we list all of
+ the locations, but only the primary location is highlighted by
+ the original GUI. In the Eclipse and NetBeans plugins, only the
+ primary location is displayed; fixing this is on our todo list
+ (contributions welcome).
+ </p>
+ <p>
+ <img src="guaranteedDereference.png" alt="">
- </p>
+ </p>
- </li>
- <li>
- Preliminary support for detectors using the frameworks other than
- BCEL, such as the
- <a href="http://asm.objectweb.org/">ASM</a> bytecode framework.
- You may experiment with writing ASM-based detectors, but beware
- the API may still change (which could possibly also affect
- BCEL-based detectors). In general, we've started trying to move
- away from a deep dependence on BCEL, but that change is only
- partially complete. Probably best to just avoid this until we
- complete more work on this. This change is only visible to
- FindBugs plugin developers, and shouldn't be visible to FindBugs
- users.
- </li>
- <li>
- <p>
- Bug categories (CORRECTNESS, MT_CORRECTNESS, etc.) are no longer
- hard-coded, but rather defined in xml files associated with
- plugins, including the core plugin which defines the standard
- categories. Third-party plugins can define their own categories.
- </p>
- </li>
- <li>
- <p>
- Several bug patterns have been moved from CORRECTNESS and STYLE
- into a new category, BAD_PRACTICE. The English localization of
- STYLE has changed from "Style" to "Dodgy."
- </p>
- <p>
- In general, we've worked very hard to limit CORRECTNESS bugs to
- be real programming errors and sins of commission. We have
- reclassified as BAD_PRACTICE a number of bad design practices
- that result in overly fragile code, such as defining an equals
- method that doesn't accept null or defining class with a equals
- method that inherits hashCode from class Object.
- </p>
- <p>
- In general, our guidelines for deciding whether a bug should be
- classified as CORRECTNESS, BAD_PRACTICE or STYLE are:
- </p>
- <dl>
- <dt>
- CORRECTNESS
- </dt>
- <dd>
- A problem that we can recognize with high confidence and is an
- issue that we believe almost all developers would want to
- examine and address. We recommend that software teams review
- all high and medium priority warnings in their entire code
- base.
- </dd>
- <dt>
- BAD_PRACTICE
- </dt>
- <dd>
- A problem that we can recognize with high confidence and
- represents a clear violation of recommended and standard coding
- practice. We believe each software team should decide which bad
- practices identified by FindBugs it wants to prohibit in the
- team's coding standard, and take action to remedy violations of
- those coding standards.
- </dd>
- <dt>
- STYLE
- </dt>
- <dd>
- These are places where something strange or dodgy is going on,
- such as a dead store to a local variable. Typically, less than
- half of these represent actionable programming defects.
- Reviewing these warnings in any code under active development
- is probably a good idea, but reviewing all such warnings in
- your entire code base might be appropriate only in some
- situations. Individual or team programming styles can
- substantially influence the effectiveness of each of these
- warnings (e.g., you might have a coding practice or style in
- your group that confuses one of the detectors into generating a
- lot of STYLE warnings); you will likely want to selectively
- suppress or report the STYLE warnings that are effective for
- your group.
- </dd>
- </dl>
- </li>
- <li>
- Released a preliminary version of a new GUI (known internally as
- GUI2 -- not very creative, huh?)
- </li>
- <li>
- Provided standard ways to mark user designations of bug warnings
- (e.g., as NOT_A_BUG or SHOULD_FIX). The internal logic now
- records this, it is represented in the XML file, and GUI2 allows
- the designations to be applied (along with free-form user
- annotations about each warning). The user designations and
- annotations are not yet supported by the Eclipse plugin, but we
- clearly want to support it in Eclipse shortly.
- </li>
- <li>
- Added a check for a bad comparison with a signed byte with a
- value not in the range -128..127. For example:
- <code>
- <pre>boolean find200(byte b[]) {
+ </li>
+ <li>Preliminary support for detectors using the frameworks
+ other than BCEL, such as the <a href="http://asm.objectweb.org/">ASM</a>
+ bytecode framework. You may experiment with writing ASM-based
+ detectors, but beware the API may still change (which could
+ possibly also affect BCEL-based detectors). In general, we've
+ started trying to move away from a deep dependence on BCEL, but
+ that change is only partially complete. Probably best to just
+ avoid this until we complete more work on this. This change is
+ only visible to FindBugs plugin developers, and shouldn't be
+ visible to FindBugs users.
+ </li>
+ <li>
+ <p>Bug categories (CORRECTNESS, MT_CORRECTNESS, etc.) are no
+ longer hard-coded, but rather defined in xml files associated
+ with plugins, including the core plugin which defines the
+ standard categories. Third-party plugins can define their own
+ categories.</p>
+ </li>
+ <li>
+ <p>Several bug patterns have been moved from CORRECTNESS and
+ STYLE into a new category, BAD_PRACTICE. The English localization
+ of STYLE has changed from "Style" to "Dodgy."</p>
+ <p>In general, we've worked very hard to limit CORRECTNESS
+ bugs to be real programming errors and sins of commission. We
+ have reclassified as BAD_PRACTICE a number of bad design
+ practices that result in overly fragile code, such as defining an
+ equals method that doesn't accept null or defining class with a
+ equals method that inherits hashCode from class Object.</p>
+ <p>In general, our guidelines for deciding whether a bug
+ should be classified as CORRECTNESS, BAD_PRACTICE or STYLE are:</p>
+ <dl>
+ <dt>CORRECTNESS</dt>
+ <dd>A problem that we can recognize with high confidence and
+ is an issue that we believe almost all developers would want to
+ examine and address. We recommend that software teams review all
+ high and medium priority warnings in their entire code base.</dd>
+ <dt>BAD_PRACTICE</dt>
+ <dd>A problem that we can recognize with high confidence and
+ represents a clear violation of recommended and standard coding
+ practice. We believe each software team should decide which bad
+ practices identified by FindBugs it wants to prohibit in the
+ team's coding standard, and take action to remedy violations of
+ those coding standards.</dd>
+ <dt>STYLE</dt>
+ <dd>These are places where something strange or dodgy is
+ going on, such as a dead store to a local variable. Typically,
+ less than half of these represent actionable programming
+ defects. Reviewing these warnings in any code under active
+ development is probably a good idea, but reviewing all such
+ warnings in your entire code base might be appropriate only in
+ some situations. Individual or team programming styles can
+ substantially influence the effectiveness of each of these
+ warnings (e.g., you might have a coding practice or style in
+ your group that confuses one of the detectors into generating a
+ lot of STYLE warnings); you will likely want to selectively
+ suppress or report the STYLE warnings that are effective for
+ your group.</dd>
+ </dl>
+ </li>
+ <li>Released a preliminary version of a new GUI (known
+ internally as GUI2 -- not very creative, huh?)</li>
+ <li>Provided standard ways to mark user designations of bug
+ warnings (e.g., as NOT_A_BUG or SHOULD_FIX). The internal logic
+ now records this, it is represented in the XML file, and GUI2
+ allows the designations to be applied (along with free-form user
+ annotations about each warning). The user designations and
+ annotations are not yet supported by the Eclipse plugin, but we
+ clearly want to support it in Eclipse shortly.</li>
+ <li>Added a check for a bad comparison with a signed byte with
+ a value not in the range -128..127. For example: <pre>boolean find200(byte b[]) {
for(int i = 0; i < b.length; i++) if (b[i] == 200) return i;
return -1;
}
</pre>
- </code>
- </li>
- <li>
- Added a checking for testing if a value is equal to Double.NaN
- (no value is equal to NaN, not even NaN).
- </li>
- <li>
- Added a check for using a class with an equals method but no
- hashCode method in a hashed data structure.
- </li>
- <li>
- Added check for uncallable method of an anonymous inner class.
- For example, in the following code, it is impossible to invoke
- the initalValue method (because the name is misspelled and as a
- result is doesn't override a method in ThreadLocal).
- <code>
- <pre>private static ThreadLocal serialNum = new ThreadLocal() {
+ </li>
+ <li>Added a checking for testing if a value is equal to
+ Double.NaN (no value is equal to NaN, not even NaN).</li>
+ <li>Added a check for using a class with an equals method but
+ no hashCode method in a hashed data structure.</li>
+ <li>Added check for uncallable method of an anonymous inner
+ class. For example, in the following code, it is impossible to
+ invoke the initalValue method (because the name is misspelled and
+ as a result is doesn't override a method in ThreadLocal). <pre>private static ThreadLocal serialNum = new ThreadLocal() {
protected synchronized Object initalValue() {
return new Integer(nextSerialNum++);
}
};
</pre>
- </code>
- </li>
- <li>
- Added check for a dead local store caused by a switch statement
- fall through
- </li>
- <li>
- Added check for computing the absolute value of a random 32 bit
- integer or of a hashcode. This is broken because
- <code>
- Math.abs(Integer.MIN_VALUE) == Integer.MIN_VALUE
- </code>
- , and thus result of calling Math.abs, which is expected to be
- nonnegative, will in fact be negative one time out of 2
- <sup>
- 32
- </sup>
- , which will invariably be the time your boss is demoing the
- software to your customers.
+ </li>
+ <li>Added check for a dead local store caused by a switch
+ statement fall through</li>
+ <li>Added check for computing the absolute value of a random
+ 32 bit integer or of a hashcode. This is broken because <code>
+ Math.abs(Integer.MIN_VALUE) == Integer.MIN_VALUE </code> , and thus
+ result of calling Math.abs, which is expected to be nonnegative,
+ will in fact be negative one time out of 2 <sup> 32 </sup> , which
+ will invariably be the time your boss is demoing the software to
+ your customers.
- </li>
- <li>
- More careful resolution of inherited methods and fields. Some of
- the shortcuts we were taking in FindBugs 1.0.0 were leading to
- inaccurate results, and it was fairly easy to address this by
- making the analysis more accurate.
- </li>
- <li>
- Overall, analysis times are about 1.6 times longer in FindBugs
- 1.1.0 than in FindBugs 1.0.0. This is because we have enabled
- substantial additional analysis at the default effort level (the
- actual analysis engine is significantly faster than in FindBugs
- 1.0). On a recent AMD Athlon processor, analyzing JDK1.6.0 (about
- 1 million lines of code) requires about 15 minutes of wall clock
- time.
- </li>
- <li>
- Provided class and script (printClass) to print classfile in the
- human readable format produced by BCEL
- </li>
- <li>
- Provided -findSource option to setBugDatabaseInfo
- </li>
- </ul>
+ </li>
+ <li>More careful resolution of inherited methods and fields.
+ Some of the shortcuts we were taking in FindBugs 1.0.0 were
+ leading to inaccurate results, and it was fairly easy to address
+ this by making the analysis more accurate.</li>
+ <li>Overall, analysis times are about 1.6 times longer in
+ FindBugs 1.1.0 than in FindBugs 1.0.0. This is because we have
+ enabled substantial additional analysis at the default effort
+ level (the actual analysis engine is significantly faster than in
+ FindBugs 1.0). On a recent AMD Athlon processor, analyzing
+ JDK1.6.0 (about 1 million lines of code) requires about 15 minutes
+ of wall clock time.</li>
+ <li>Provided class and script (printClass) to print classfile
+ in the human readable format produced by BCEL</li>
+ <li>Provided -findSource option to setBugDatabaseInfo</li>
+ </ul>
- <p>
- Changes since version 0.9.7:
- </p>
+ <p>Changes since version 0.9.7:</p>
- <ul>
- <li>
- fix ObjectTypeFactory bug that was suppressing some bugs
- </li>
- <li>
- opcode stack may determine definite zeros on some paths
- </li>
- <li>
- opcode stack can track some constant string concatenations
- (dbrosius)
- </li>
- <li>
- default effort performs iterative opcode analysis (but min effort
- does not)
- </li>
- <li>
- default heap size upped to 384m
- </li>
- <li>
- schema for XML output available: bugcollection.xsd
- </li>
- <li>
- fixed some internal confusion between dotted and slashed class
- names
- </li>
- <li>
- New detectors
- <ul>
- <li>
- CheckImmutableAnnotation.java: checks JCIP annotations
- </li>
- </ul>
- </li>
- <li>
- Updated detectors
- <ul>
- <li>
- BadRegEx.java: understands Pattern.LITERAL, warns about "."
- </li>
- <li>
- FindUnreleasedLock.java: fewer false positives
- </li>
- <li>
- DumbMethods.java: check for vacuous comparisons to MAX_INTEGER
- or MIN_INTEGER, fix bugs detecting DM_NEXTINT_VIA_NEXTDOUBLE
- </li>
- <li>
- FindPuzzlers.java: detect
- <tt>n%2==1</tt>, detect toString() on array types
- </li>
- <li>
- FindInconsistentSync2.java: detects IS_FIELD_NOT_GUARDED
- </li>
- <li>
- MethodReturnCheck.java: add check for discarded newly
- constructed values, increase priority of some ignored
- constructed exceptions, better handling of bytecode compiled by
- Eclipse
- </li>
- <li>
- FindEmptySynchronizedBlock.java: better handling of bytecode
- compiled by Eclipse
- </li>
- <li>
- DoInsideDoPrivileged.java: warn if call to setAccessible isn't
- in doPriviledged, don't report private methods
- </li>
- <li>
- LoadOfKnownNullValue.java: fix bug that was reporting false
- positives on
- <code>
- finally
- </code>
- blocks
- </li>
- <li>
- CheckReturnAnnotationDatabase.java: better checks for unstarted
- threads
- </li>
- <li>
- ConfusionBetweenInheritedAndOuterMethod.java: fewer false
- positives, fixed a package-handling bug
- </li>
- <li>
- BadResultSetAccess.java: separate bug pattern for
- PreparedStatements,
- <code>
- BRZA
- </code>
- category folded into
- <code>
- SQL
- </code>
- category
- </li>
- <li>
- FindDeadLocalStores.java, FindBadCast2.java, DumbMethods.java,
- RuntimeExceptionCapture.java: coalesce similar bugs within a
- method into a single bug instance with multiple source lines
- </li>
- </ul>
- </li>
- <li>
- Eclipse plugin
- <ul>
- <li>
- plugin ID changed from
- <tt>de.tobject.findbugs</tt> to
- <tt>edu.umd.cs.findbugs.plugin.eclipse</tt>
- </li>
- <li>
- support for findbugs eclipse auto-update site
- </li>
- </ul>
- </li>
- <li>
- Updated test case files
- <ul>
- <li>
- BadRegEx.java
- </li>
- <li>
- JSR166.java
- </li>
- <li>
- ConcurrentModificationBug.java
- </li>
- <li>
- DeadStore.java
- </li>
- <li>
- InstanceOf.java
- </li>
- <li>
- LoadKnownNull.java
- </li>
- <li>
- NeedsToCheckReturnValue.java
- </li>
- <li>
- BadResultSetAccessTest.java
- </li>
- <li>
- DeadStore.java
- </li>
- <li>
- TestNonNull2.java
- </li>
- <li>
- TestImmutable.java
- </li>
- <li>
- TestGuardedBy.java
- </li>
- <li>
- BadRandomInt.java
- </li>
- <li>
- six test cases added to new
- <code>
- TigerTraps
- </code>
- directory
- </li>
- </ul>
- </li>
- <li>
- fix bug that was generating duplicate uids
- </li>
- <li>
- fix bug with
- <code>
- -onlyAnalyze some.package.*
- </code>
- on jdk1.4
- </li>
- <li>
- fix regression bug in DismantleByteCode.getRefConstantOperand()
- </li>
- <li>
- fix some minor bugs with the Swing GUI
- </li>
- <li>
- reordered some bugInstances so that source line annotations come
- last
- </li>
- <li>
- removed references to unused java system properties
- </li>
- <li>
- French translation updates (David Cotton)
- </li>
- <li>
- Japanese translation updates (Hanai Shisei)
- </li>
- <li>
- content cleanup for findbugs.xml and messages.xml
- </li>
- <li>
- references to cvs hostname updated to
- findbugs.cvs.sourceforge.net
- </li>
- <li>
- documented xdoc output options, new
- mineBugHistory/computeBugHistory options
- </li>
- </ul>
+ <ul>
+ <li>fix ObjectTypeFactory bug that was suppressing some bugs</li>
+ <li>opcode stack may determine definite zeros on some paths</li>
+ <li>opcode stack can track some constant string concatenations
+ (dbrosius)</li>
+ <li>default effort performs iterative opcode analysis (but min
+ effort does not)</li>
+ <li>default heap size upped to 384m</li>
+ <li>schema for XML output available: bugcollection.xsd</li>
+ <li>fixed some internal confusion between dotted and slashed
+ class names</li>
+ <li>New detectors
+ <ul>
+ <li>CheckImmutableAnnotation.java: checks JCIP annotations</li>
+ </ul>
+ </li>
+ <li>Updated detectors
+ <ul>
+ <li>BadRegEx.java: understands Pattern.LITERAL, warns about
+ "."</li>
+ <li>FindUnreleasedLock.java: fewer false positives</li>
+ <li>DumbMethods.java: check for vacuous comparisons to
+ MAX_INTEGER or MIN_INTEGER, fix bugs detecting
+ DM_NEXTINT_VIA_NEXTDOUBLE</li>
+ <li>FindPuzzlers.java: detect <tt>n%2==1</tt>, detect
+ toString() on array types
+ </li>
+ <li>FindInconsistentSync2.java: detects IS_FIELD_NOT_GUARDED
+ </li>
+ <li>MethodReturnCheck.java: add check for discarded newly
+ constructed values, increase priority of some ignored
+ constructed exceptions, better handling of bytecode compiled by
+ Eclipse</li>
+ <li>FindEmptySynchronizedBlock.java: better handling of
+ bytecode compiled by Eclipse</li>
+ <li>DoInsideDoPrivileged.java: warn if call to setAccessible
+ isn't in doPriviledged, don't report private methods</li>
+ <li>LoadOfKnownNullValue.java: fix bug that was reporting
+ false positives on <code> finally </code> blocks
+ </li>
+ <li>CheckReturnAnnotationDatabase.java: better checks for
+ unstarted threads</li>
+ <li>ConfusionBetweenInheritedAndOuterMethod.java: fewer
+ false positives, fixed a package-handling bug</li>
+ <li>BadResultSetAccess.java: separate bug pattern for
+ PreparedStatements, <code> BRZA </code> category folded into <code>
+ SQL </code> category
+ </li>
+ <li>FindDeadLocalStores.java, FindBadCast2.java,
+ DumbMethods.java, RuntimeExceptionCapture.java: coalesce similar
+ bugs within a method into a single bug instance with multiple
+ source lines</li>
+ </ul>
+ </li>
+ <li>Eclipse plugin
+ <ul>
+ <li>plugin ID changed from <tt>de.tobject.findbugs</tt> to <tt>edu.umd.cs.findbugs.plugin.eclipse</tt>
+ </li>
+ <li>support for findbugs eclipse auto-update site</li>
+ </ul>
+ </li>
+ <li>Updated test case files
+ <ul>
+ <li>BadRegEx.java</li>
+ <li>JSR166.java</li>
+ <li>ConcurrentModificationBug.java</li>
+ <li>DeadStore.java</li>
+ <li>InstanceOf.java</li>
+ <li>LoadKnownNull.java</li>
+ <li>NeedsToCheckReturnValue.java</li>
+ <li>BadResultSetAccessTest.java</li>
+ <li>DeadStore.java</li>
+ <li>TestNonNull2.java</li>
+ <li>TestImmutable.java</li>
+ <li>TestGuardedBy.java</li>
+ <li>BadRandomInt.java</li>
+ <li>six test cases added to new <code> TigerTraps </code>
+ directory
+ </li>
+ </ul>
+ </li>
+ <li>fix bug that was generating duplicate uids</li>
+ <li>fix bug with <code> -onlyAnalyze some.package.* </code> on
+ jdk1.4
+ </li>
+ <li>fix regression bug in
+ DismantleByteCode.getRefConstantOperand()</li>
+ <li>fix some minor bugs with the Swing GUI</li>
+ <li>reordered some bugInstances so that source line
+ annotations come last</li>
+ <li>removed references to unused java system properties</li>
+ <li>French translation updates (David Cotton)</li>
+ <li>Japanese translation updates (Hanai Shisei)</li>
+ <li>content cleanup for findbugs.xml and messages.xml</li>
+ <li>references to cvs hostname updated to
+ findbugs.cvs.sourceforge.net</li>
+ <li>documented xdoc output options, new
+ mineBugHistory/computeBugHistory options</li>
+ </ul>
- <p>
- Changes since version 0.9.6:
- </p>
+ <p>Changes since version 0.9.6:</p>
- <ul>
- <li>
- performance improvements
- </li>
- <li>
- ObjectType instances are cached to reduce memory footprint
- </li>
- <li>
- for performance and memory reasons stateless detectors are no
- longer cloned, must clear their own state between .class files
- </li>
- <li>
- fixed bug in bytecode-set lookup for methods (was causing bad
- results for IS2, perhaps others)
- </li>
- <li>
- fix some OpcodeStack bugs with integer and long operations,
- perform iterative analysis when effort is
- <tt>max</tt>
- </li>
- <li>
- HTML output includes LongMessage text again (regression in 0.95 -
- 0.96)
- </li>
- <li>
- New detectors
- <ul>
- <li>
- CalledMethods.java: builds a list of invoked methods for other
- detectors to consult (non-reporting)
- </li>
- <li>
- UncallableMethodOfAnonymousClass.java: detect anonymous inner
- classes that define methods that are probably intended to but
- do not override methods in a superclass.
- </li>
- </ul>
- </li>
- <li>
- Updated detectors
- <ul>
- <li>
- FindFieldSelfAssignment.java: recognize separate fields with
- the same name (one from superclass)
- </li>
- <li>
- FindLocalSelfAssignment2.java: handles backward branches better
- (Dave Brosius)
- </li>
- <li>
- FindBadCast2.java: BC_NULL_INSTANCEOF changed to
- NP_NULL_INSTANCEOF
- </li>
- <li>
- FindPuzzlers.java: eliminate false positive on setDate() (Dave
- Brosius)
- </li>
- </ul>
- </li>
- <li>
- Eclipse plugin
- <ul>
- <li>
- fix serious threading bug
- </li>
- <li>
- preferences for Filters and effort (Peter Hendriks)
- </li>
- <li>
- French localization (David Cotton)
- </li>
- <li>
- fix bug when reporting inner classes (Peter Friese)
- </li>
- </ul>
- </li>
- <li>
- Updated test case files
- <ul>
- <li>
- Mwn.java (Carl Burke/Dave Brosius)
- </li>
- <li>
- DumbMethodInvocations.java (Anto paul/Dave Brosius)
- </li>
- <!--sic-->
- </ul>
- </li>
- <li>
- XML output includes garbage collection duration
- </li>
- <li>
- French messages updated (David Cotton)
- </li>
- <li>
- Swing GUI shows file name after Load Bugs command
- </li>
- <li>
- Ant task to launch the findbugs frame (Mark McKay)
- </li>
- <li>
- miscellaneous code cleanup
- </li>
- </ul>
+ <ul>
+ <li>performance improvements</li>
+ <li>ObjectType instances are cached to reduce memory footprint
+ </li>
+ <li>for performance and memory reasons stateless detectors are
+ no longer cloned, must clear their own state between .class files
+ </li>
+ <li>fixed bug in bytecode-set lookup for methods (was causing
+ bad results for IS2, perhaps others)</li>
+ <li>fix some OpcodeStack bugs with integer and long
+ operations, perform iterative analysis when effort is <tt>max</tt>
+ </li>
+ <li>HTML output includes LongMessage text again (regression in
+ 0.95 - 0.96)</li>
+ <li>New detectors
+ <ul>
+ <li>CalledMethods.java: builds a list of invoked methods for
+ other detectors to consult (non-reporting)</li>
+ <li>UncallableMethodOfAnonymousClass.java: detect anonymous
+ inner classes that define methods that are probably intended to
+ but do not override methods in a superclass.</li>
+ </ul>
+ </li>
+ <li>Updated detectors
+ <ul>
+ <li>FindFieldSelfAssignment.java: recognize separate fields
+ with the same name (one from superclass)</li>
+ <li>FindLocalSelfAssignment2.java: handles backward branches
+ better (Dave Brosius)</li>
+ <li>FindBadCast2.java: BC_NULL_INSTANCEOF changed to
+ NP_NULL_INSTANCEOF</li>
+ <li>FindPuzzlers.java: eliminate false positive on setDate()
+ (Dave Brosius)</li>
+ </ul>
+ </li>
+ <li>Eclipse plugin
+ <ul>
+ <li>fix serious threading bug</li>
+ <li>preferences for Filters and effort (Peter Hendriks)</li>
+ <li>French localization (David Cotton)</li>
+ <li>fix bug when reporting inner classes (Peter Friese)</li>
+ </ul>
+ </li>
+ <li>Updated test case files
+ <ul>
+ <li>Mwn.java (Carl Burke/Dave Brosius)</li>
+ <li>DumbMethodInvocations.java (Anto paul/Dave Brosius)</li>
+ <!--sic-->
+ </ul>
+ </li>
+ <li>XML output includes garbage collection duration</li>
+ <li>French messages updated (David Cotton)</li>
+ <li>Swing GUI shows file name after Load Bugs command</li>
+ <li>Ant task to launch the findbugs frame (Mark McKay)</li>
+ <li>miscellaneous code cleanup</li>
+ </ul>
- <p>
- Changes since version 0.9.5:
- </p>
+ <p>Changes since version 0.9.5:</p>
- <ul>
- <li>
- Updated detectors
- <ul>
- <li>
- FindNullDeref.java: respect NonNull and CheckForNull field
- annotations
- </li>
- <li>
- SerializableIdiom.java: detect non-private readObject and
- writeObject methods
- </li>
- <li>
- FindRefComparison.java: smarter array comparison detection
- </li>
- <li>
- IsNullValueAnalysis.java: detect
- <tt>null instanceof</tt>
- </li>
- <li>
- FindLocalSelfAssignment2.java: suppress some false positives
- (Dave Brosius)
- </li>
- <li>
- FindUnreleasedLock.java: don't waste time processing classes
- that don't refer to java.util.concurrent.locks
- </li>
- <li>
- MutableStaticFields.java: report the source line (Dave Brosius)
- </li>
- <li>
- SwitchFallthrough.java: better handling of System.exit() (Dave
- Brosius)
- </li>
- <li>
- MultithreadedInstanceAccess.java: better handling of
- Servlet.init() (Dave Brosius)
- </li>
- <li>
- ConfusionBetweenInheritedAndOuterMethod.java: now enabled
- </li>
- </ul>
- </li>
- <li>
- Eclipse plugin
- <ul>
- <li>
- background processing (Peter Friese)
- </li>
- <li>
- internationalization, Japanese localization (Takashi Okamoto)
- </li>
- </ul>
- </li>
- <li>
- findbugs
- <tt>-onlyAnalyze</tt> option now works on windows platforms
- </li>
- <li>
- mineBugHistory
- <tt>-noTabs</tt> option for better alignment of output columns
- </li>
- <li>
- filterBugs
- <tt>-fixed</tt> option (also: will now recognize the most recent
- version string)
- </li>
- <li>
- XML output includes running time and memory usage data
- </li>
- <li>
- miscellaneous minor corrections to the manual
- </li>
- <li>
- better bytecode analysis of the
- <tt>iinc</tt> instruction
- </li>
- <li>
- fix bug in null pointer analysis
- </li>
- <li>
- improved catch block heuristics
- </li>
- <li>
- some type analysis tweaks
- </li>
- <li>
- Bug priority changes
- <ul>
- <li>
- DumbMethodInvocations.java: decrease priority of hard-coded
- <tt>/tmp</tt> filenames
- </li>
- <li>
- ComparatorIdiom.java: decrease priority of non-serializable
- anonymous comparators
- </li>
- <li>
- FindSqlInjection.java: decrease priority of appending a
- constant or a static
- </li>
- </ul>
- </li>
- <li>
- Updated bug explanations
- <ul>
- <li>
- NM_VERY_CONFUSING (Dave Brosius)
- </li>
- </ul>
- </li>
- <li>
- Updated test case files
- <ul>
- <li>
- BadStoreOfNonSerializableObject.java
- </li>
- <li>
- BadRandomInt.java
- </li>
- <li>
- TestFieldAnnotations.java
- </li>
- <li>
- UseInitCause.java
- </li>
- <li>
- SqlInjection.java
- </li>
- <li>
- ArrayEquality.java
- </li>
- <li>
- BadIntegerOperations.java
- </li>
- <li>
- Pilhuhn.java
- </li>
- <li>
- InstanceOf.java
- </li>
- <li>
- SwitchFallthrough.java (Dave Brosius)
- </li>
- </ul>
- </li>
- <li>
- fix URL decoding bug when running under Java Web Start (Dave
- Brosius)
- </li>
- <li>
- distribution includes
- <tt>project.xml</tt> file for NetBeans
- </li>
- </ul>
+ <ul>
+ <li>Updated detectors
+ <ul>
+ <li>FindNullDeref.java: respect NonNull and CheckForNull
+ field annotations</li>
+ <li>SerializableIdiom.java: detect non-private readObject
+ and writeObject methods</li>
+ <li>FindRefComparison.java: smarter array comparison
+ detection</li>
+ <li>IsNullValueAnalysis.java: detect <tt>null
+ instanceof</tt>
+ </li>
+ <li>FindLocalSelfAssignment2.java: suppress some false
+ positives (Dave Brosius)</li>
+ <li>FindUnreleasedLock.java: don't waste time processing
+ classes that don't refer to java.util.concurrent.locks</li>
+ <li>MutableStaticFields.java: report the source line (Dave
+ Brosius)</li>
+ <li>SwitchFallthrough.java: better handling of System.exit()
+ (Dave Brosius)</li>
+ <li>MultithreadedInstanceAccess.java: better handling of
+ Servlet.init() (Dave Brosius)</li>
+ <li>ConfusionBetweenInheritedAndOuterMethod.java: now
+ enabled</li>
+ </ul>
+ </li>
+ <li>Eclipse plugin
+ <ul>
+ <li>background processing (Peter Friese)</li>
+ <li>internationalization, Japanese localization (Takashi
+ Okamoto)</li>
+ </ul>
+ </li>
+ <li>findbugs <tt>-onlyAnalyze</tt> option now works on windows
+ platforms
+ </li>
+ <li>mineBugHistory <tt>-noTabs</tt> option for better
+ alignment of output columns
+ </li>
+ <li>filterBugs <tt>-fixed</tt> option (also: will now
+ recognize the most recent version string)
+ </li>
+ <li>XML output includes running time and memory usage data</li>
+ <li>miscellaneous minor corrections to the manual</li>
+ <li>better bytecode analysis of the <tt>iinc</tt> instruction
+ </li>
+ <li>fix bug in null pointer analysis</li>
+ <li>improved catch block heuristics</li>
+ <li>some type analysis tweaks</li>
+ <li>Bug priority changes
+ <ul>
+ <li>DumbMethodInvocations.java: decrease priority of
+ hard-coded <tt>/tmp</tt> filenames
+ </li>
+ <li>ComparatorIdiom.java: decrease priority of
+ non-serializable anonymous comparators</li>
+ <li>FindSqlInjection.java: decrease priority of appending a
+ constant or a static</li>
+ </ul>
+ </li>
+ <li>Updated bug explanations
+ <ul>
+ <li>NM_VERY_CONFUSING (Dave Brosius)</li>
+ </ul>
+ </li>
+ <li>Updated test case files
+ <ul>
+ <li>BadStoreOfNonSerializableObject.java</li>
+ <li>BadRandomInt.java</li>
+ <li>TestFieldAnnotations.java</li>
+ <li>UseInitCause.java</li>
+ <li>SqlInjection.java</li>
+ <li>ArrayEquality.java</li>
+ <li>BadIntegerOperations.java</li>
+ <li>Pilhuhn.java</li>
+ <li>InstanceOf.java</li>
+ <li>SwitchFallthrough.java (Dave Brosius)</li>
+ </ul>
+ </li>
+ <li>fix URL decoding bug when running under Java Web Start
+ (Dave Brosius)</li>
+ <li>distribution includes <tt>project.xml</tt> file for
+ NetBeans
+ </li>
+ </ul>
- <p>
- Changes since version 0.9.4:
- </p>
- <ul>
- <li>
- New detectors
- <ul>
- <li>
- VarArgsProblems.java
- </li>
- <li>
- FindSqlInjection.java: now enabled
- </li>
- <li>
- ComparatorIdiom.java: comparators usually implement
- serializable
- </li>
- <li>
- Naming.java: detect methods not overridden due to eponymously
- typed args from different packages
- </li>
- </ul>
- </li>
- <li>
- Updated detectors
- <ul>
- <li>
- SwitchFallthrough.java: surpress some false positives
- </li>
- <li>
- DuplicateBranches.java: surpress some false positives
- </li>
- <li>
- IteratorIdioms.java: surpress some false positives
- </li>
- <li>
- FindHEmismatch.java: surpress some false positives
- </li>
- <li>
- QuestionableBooleanAssignment.java: finds more cases of
- <tt>if (b=true)</tt> ilk
- </li>
- <li>
- DumbMethods.java: detect int remainder by 1, delayed gc errors
- </li>
- <li>
- SerializableIdiom.java: detect store of nonserializable object
- into field of serializable class
- </li>
- <li>
- FindNullDeref.java: fix potential exception
- </li>
- <li>
- IsNullValue.java: fix potential exception
- </li>
- <li>
- MultithreadedInstanceAccess.java: fix potential exception
- </li>
- <li>
- PreferZeroLengthArrays.java: flag the method, not the line
- </li>
- </ul>
- </li>
- <li>
- Remove some inadvertent dependencies on JDK 1.5
- </li>
- <li>
- Sort order should be more consistent
- </li>
- <li>
- XML output changes
- <ul>
- <li>
- Option to sort XML bug output
- </li>
- <li>
- Now contains instance IDs
- </li>
- <li>
- uid no longer missing (was causing problems with fancy HTML
- output)
- </li>
- <li>
- Typo fixed
- </li>
- </ul>
- </li>
- <li>
- Internal changes to track source files,
- <tt>-sourceInfo</tt> option
- </li>
- <li>
- Bug matching: first try exact bug pattern matching, option to
- compare priorities, option to disable package moves
- </li>
- <li>
- Architecture documentation in
- <tt>design/architecture</tt>
- </li>
- <li>
- Test cases move into their own CVS project
- </li>
- <li>
- Don't report warnings that occur outside the analyzed classes
- </li>
- <li>
- Fixes to the build.xml files
- </li>
- <li>
- Better handling of @CheckReturnValue and @CheckForNull
- annotations (also, some additional methods searched for check
- return value and check for null)
- </li>
- <li>
- Fixed some stream-closing bugs (one by
- <tt>z-fb-user</tt>/Dave Brosius)
- </li>
- <li>
- Bug priority changes
- <ul>
- <li>
- increase priority of ignoring return value of
- java.sql.Connection methods
- </li>
- <li>
- increase priority of comparing classes like Integer using
- <tt>==</tt>
- </li>
- <li>
- decrease priority of IT_NO_SUCH_ELEMENT if we see any call to
- <tt>next()</tt>
- </li>
- <li>
- tweak priority of NM_METHOD_CONSTRUCTOR_CONFUSION
- </li>
- <li>
- decrease priority of RV_RETURN_VALUE_IGNORED for an inherited
- annotation that doesn't return same type as class
- </li>
- </ul>
- </li>
- <li>
- Updated bug explanations
- <ul>
- <li>
- RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE
- </li>
- <li>
- DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED
- </li>
- <li>
- IMA_INEFFICIENT_MEMBER_ACCESS (Dave Brosius)
- </li>
- <li>
- some Japanese improvements to messages_ja.xml (
- <tt>ruimo</tt>)
- </li>
- <li>
- some German improvements to findbugs_de.properties (Dave
- Brosius,
- <tt>dvholten</tt>)
- </li>
- </ul>
- </li>
- <li>
- Updated test case files
- <ul>
- <li>
- BadIntegerOperations.java
- </li>
- <li>
- SecondKaboom.java
- </li>
- <li>
- OpenDatabase.java (Dave Brosius)
- </li>
- <li>
- FindOpenStream.java (Dave Brosius)
- </li>
- <li>
- BadRandomInt.java
- </li>
- </ul>
- </li>
- <li>
- Source-lines info maintained for methods (handy for abstract and
- native methods)
- </li>
- <li>
- Remove surrounding opcodes from source line annotations
- </li>
- <li>
- Better error when can't read file
- </li>
- <li>
- Swing GUI: removed console pane from FindBugsFrame, fix missing
- classes bug
- </li>
- <li>
- Fixes to OpcodeStack.java
- </li>
- <li>
- Detectors may attach a custom value to an OpcodeStack.Item (Dave
- Brosius)
- </li>
- <li>
- Filter.java: ability to add text messages to XML output, fix bug
- with
- <tt>-withMessages</tt>
- </li>
- <li>
- SourceInfoMap supports ranges of source lines
- </li>
- <li>
- Ant task supports the
- <tt>timestampNow</tt> attribute
- </li>
- </ul>
+ <p>Changes since version 0.9.4:</p>
+ <ul>
+ <li>New detectors
+ <ul>
+ <li>VarArgsProblems.java</li>
+ <li>FindSqlInjection.java: now enabled</li>
+ <li>ComparatorIdiom.java: comparators usually implement
+ serializable</li>
+ <li>Naming.java: detect methods not overridden due to
+ eponymously typed args from different packages</li>
+ </ul>
+ </li>
+ <li>Updated detectors
+ <ul>
+ <li>SwitchFallthrough.java: surpress some false positives</li>
+ <li>DuplicateBranches.java: surpress some false positives</li>
+ <li>IteratorIdioms.java: surpress some false positives</li>
+ <li>FindHEmismatch.java: surpress some false positives</li>
+ <li>QuestionableBooleanAssignment.java: finds more cases of
+ <tt>if (b=true)</tt> ilk
+ </li>
+ <li>DumbMethods.java: detect int remainder by 1, delayed gc
+ errors</li>
+ <li>SerializableIdiom.java: detect store of nonserializable
+ object into field of serializable class</li>
+ <li>FindNullDeref.java: fix potential exception</li>
+ <li>IsNullValue.java: fix potential exception</li>
+ <li>MultithreadedInstanceAccess.java: fix potential
+ exception</li>
+ <li>PreferZeroLengthArrays.java: flag the method, not the
+ line</li>
+ </ul>
+ </li>
+ <li>Remove some inadvertent dependencies on JDK 1.5</li>
+ <li>Sort order should be more consistent</li>
+ <li>XML output changes
+ <ul>
+ <li>Option to sort XML bug output</li>
+ <li>Now contains instance IDs</li>
+ <li>uid no longer missing (was causing problems with fancy
+ HTML output)</li>
+ <li>Typo fixed</li>
+ </ul>
+ </li>
+ <li>Internal changes to track source files, <tt>-sourceInfo</tt>
+ option
+ </li>
+ <li>Bug matching: first try exact bug pattern matching, option
+ to compare priorities, option to disable package moves</li>
+ <li>Architecture documentation in <tt>design/architecture</tt>
+ </li>
+ <li>Test cases move into their own CVS project</li>
+ <li>Don't report warnings that occur outside the analyzed
+ classes</li>
+ <li>Fixes to the build.xml files</li>
+ <li>Better handling of @CheckReturnValue and @CheckForNull
+ annotations (also, some additional methods searched for check
+ return value and check for null)</li>
+ <li>Fixed some stream-closing bugs (one by <tt>z-fb-user</tt>/Dave
+ Brosius)
+ </li>
+ <li>Bug priority changes
+ <ul>
+ <li>increase priority of ignoring return value of
+ java.sql.Connection methods</li>
+ <li>increase priority of comparing classes like Integer
+ using <tt>==</tt>
+ </li>
+ <li>decrease priority of IT_NO_SUCH_ELEMENT if we see any
+ call to <tt>next()</tt>
+ </li>
+ <li>tweak priority of NM_METHOD_CONSTRUCTOR_CONFUSION</li>
+ <li>decrease priority of RV_RETURN_VALUE_IGNORED for an
+ inherited annotation that doesn't return same type as class</li>
+ </ul>
+ </li>
+ <li>Updated bug explanations
+ <ul>
+ <li>RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE</li>
+ <li>DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED</li>
+ <li>IMA_INEFFICIENT_MEMBER_ACCESS (Dave Brosius)</li>
+ <li>some Japanese improvements to messages_ja.xml ( <tt>ruimo</tt>)
+ </li>
+ <li>some German improvements to findbugs_de.properties (Dave
+ Brosius, <tt>dvholten</tt>)
+ </li>
+ </ul>
+ </li>
+ <li>Updated test case files
+ <ul>
+ <li>BadIntegerOperations.java</li>
+ <li>SecondKaboom.java</li>
+ <li>OpenDatabase.java (Dave Brosius)</li>
+ <li>FindOpenStream.java (Dave Brosius)</li>
+ <li>BadRandomInt.java</li>
+ </ul>
+ </li>
+ <li>Source-lines info maintained for methods (handy for
+ abstract and native methods)</li>
+ <li>Remove surrounding opcodes from source line annotations</li>
+ <li>Better error when can't read file</li>
+ <li>Swing GUI: removed console pane from FindBugsFrame, fix
+ missing classes bug</li>
+ <li>Fixes to OpcodeStack.java</li>
+ <li>Detectors may attach a custom value to an OpcodeStack.Item
+ (Dave Brosius)</li>
+ <li>Filter.java: ability to add text messages to XML output,
+ fix bug with <tt>-withMessages</tt>
+ </li>
+ <li>SourceInfoMap supports ranges of source lines</li>
+ <li>Ant task supports the <tt>timestampNow</tt> attribute
+ </li>
+ </ul>
- <p>
- Changes since version 0.9.3:
- </p>
- <ul>
- <li>
- Substantial rework of datamining code
- </li>
- <li>
- Removed bogus warnings about await on things other than Condition
- not being in a loop
- </li>
- <li>
- Fixed bug in OpcodeStack handling of dup2 of long/double values
- </li>
- <li>
- Don't report array types as missing classes
- </li>
- <li>
- Adjustment of some warnings on ignored return values
- </li>
- <li>
- Added thread safety annotations from Java Concurrency in Practice
- (no detectors written for these yet)
- </li>
- <li>
- Added annotation for methods that, if overridden, should be
- invoked by overriding methods via a call to super
- </li>
- <li>
- Updated -html:fancy.xsl (Etienne Giraudy)
- </li>
- </ul>
+ <p>Changes since version 0.9.3:</p>
+ <ul>
+ <li>Substantial rework of datamining code</li>
+ <li>Removed bogus warnings about await on things other than
+ Condition not being in a loop</li>
+ <li>Fixed bug in OpcodeStack handling of dup2 of long/double
+ values</li>
+ <li>Don't report array types as missing classes</li>
+ <li>Adjustment of some warnings on ignored return values</li>
+ <li>Added thread safety annotations from Java Concurrency in
+ Practice (no detectors written for these yet)</li>
+ <li>Added annotation for methods that, if overridden, should
+ be invoked by overriding methods via a call to super</li>
+ <li>Updated -html:fancy.xsl (Etienne Giraudy)</li>
+ </ul>
- <p>
- Note: there was no version 0.9.2
- </p>
+ <p>Note: there was no version 0.9.2</p>
- <p>
- Changes since version 0.9.1:
- </p>
- <ul>
- <!-- New detectors -->
- <li>
- Embellish USM to find abstract methods that implement an
- interface method (Dave Brosius)
- </li>
- <li>
- New detector to find stores of literal booleans inside if or
- while expressions (Dave Brosius)
- </li>
- <li>
- New style detector to find final classes that declare protected
- fields (Dave Brosius)
- </li>
- <li>
- New detector to find subclass methods that simply forward,
- verbatim, to the super class (Dave Brosius)
- </li>
- <li>
- Detector to find instances where code is attempting to write an
- object out via an implementation of DataOutput, but the object is
- not guaranteed to be Serializable (Jon Christiansen, Bill Pugh)
- </li>
+ <p>Changes since version 0.9.1:</p>
+ <ul>
+ <!-- New detectors -->
+ <li>Embellish USM to find abstract methods that implement an
+ interface method (Dave Brosius)</li>
+ <li>New detector to find stores of literal booleans inside if
+ or while expressions (Dave Brosius)</li>
+ <li>New style detector to find final classes that declare
+ protected fields (Dave Brosius)</li>
+ <li>New detector to find subclass methods that simply forward,
+ verbatim, to the super class (Dave Brosius)</li>
+ <li>Detector to find instances where code is attempting to
+ write an object out via an implementation of DataOutput, but the
+ object is not guaranteed to be Serializable (Jon Christiansen,
+ Bill Pugh)</li>
- <!-- Feature enhancements -->
- <li>
- Large (35%) analysis speedup (Bill Pugh)
- </li>
- <li>
- Add line numbers to Swing GUI code panel (Dave Brosius)
- </li>
- <li>
- Added effort options to Swing GUI (Dave Brosius)
- </li>
- <li>
- Add ability to specify bugs file to open from command line for
- GUI version, through -loadbugs (Phillip Martin)
- </li>
- <li>
- New stylesheet for generating HTML: use option
- <tt>-html:plain.xsl</tt> (Chris Nappin)
- </li>
- <li>
- New stylesheet for generating HTML: use option
- <tt>-html:fancy.xsl</tt> (Etienne Giraudy)
- </li>
- <li>
- Updated Japanese bug message translations (Shisei Hanai)
- </li>
+ <!-- Feature enhancements -->
+ <li>Large (35%) analysis speedup (Bill Pugh)</li>
+ <li>Add line numbers to Swing GUI code panel (Dave Brosius)</li>
+ <li>Added effort options to Swing GUI (Dave Brosius)</li>
+ <li>Add ability to specify bugs file to open from command line
+ for GUI version, through -loadbugs (Phillip Martin)</li>
+ <li>New stylesheet for generating HTML: use option <tt>-html:plain.xsl</tt>
+ (Chris Nappin)
+ </li>
+ <li>New stylesheet for generating HTML: use option <tt>-html:fancy.xsl</tt>
+ (Etienne Giraudy)
+ </li>
+ <li>Updated Japanese bug message translations (Shisei Hanai)</li>
- <!-- Bug fixes -->
- <li>
- XHTML compliance fixes for bug details (Etienne Giraudy)
- </li>
- <li>
- Various detector fixes (Shisei Hanai)
- </li>
- <li>
- Fixed bugs in the project preferences dialog int the Eclipse
- plugin (Takashi Okamoto, Thomas Einwaller)
- </li>
- <li>
- Lowered priority of analysis thread in Swing GUI (David
- Hovemeyer, suggested by Shisei Hanai and Jeffrey W. Badorek)
- </li>
- <li>
- Fixed EclipsePlugin to correctly pick up auxclasspath entries
- (Jon Christiansen)
- </li>
- </ul>
+ <!-- Bug fixes -->
+ <li>XHTML compliance fixes for bug details (Etienne Giraudy)</li>
+ <li>Various detector fixes (Shisei Hanai)</li>
+ <li>Fixed bugs in the project preferences dialog int the
+ Eclipse plugin (Takashi Okamoto, Thomas Einwaller)</li>
+ <li>Lowered priority of analysis thread in Swing GUI (David
+ Hovemeyer, suggested by Shisei Hanai and Jeffrey W. Badorek)</li>
+ <li>Fixed EclipsePlugin to correctly pick up auxclasspath
+ entries (Jon Christiansen)</li>
+ </ul>
- <p>
- Changes since version 0.9.0:
- </p>
- <ul>
- <li>
- Fixed dependence on JRE 1.5: all features should work on JRE 1.4
- again
- </li>
- <li>
- Fixed -effort command line option handling for Swing GUI
- </li>
- <li>
- Fixed conserveSpace and workHard attributes int Ant task
- </li>
- <li>
- Added support for effort attribute in Ant task
- </li>
- </ul>
+ <p>Changes since version 0.9.0:</p>
+ <ul>
+ <li>Fixed dependence on JRE 1.5: all features should work on
+ JRE 1.4 again</li>
+ <li>Fixed -effort command line option handling for Swing GUI</li>
+ <li>Fixed conserveSpace and workHard attributes int Ant task</li>
+ <li>Added support for effort attribute in Ant task</li>
+ </ul>
- <p>
- Changes since version 0.8.8:
- </p>
- <ul>
- <!-- New detectors and bug patterns -->
- <li>
- XMLFactoryBypass detector to find direct allocation of xml class
- implementations (Dave Brosius)
- </li>
- <li>
- InefficientMemberAccess detector to find accesses to owning class
- private members (Dave Brosius)
- </li>
- <li>
- DuplicateBranches detector checks switch statements too (Dave
- Brosius)
- </li>
+ <p>Changes since version 0.8.8:</p>
+ <ul>
+ <!-- New detectors and bug patterns -->
+ <li>XMLFactoryBypass detector to find direct allocation of xml
+ class implementations (Dave Brosius)</li>
+ <li>InefficientMemberAccess detector to find accesses to
+ owning class private members (Dave Brosius)</li>
+ <li>DuplicateBranches detector checks switch statements too
+ (Dave Brosius)</li>
- <!-- Feature enhancements -->
- <li>
- FindBugs available from findbugs.sourceforge.net as Java Web
- Start application (Dave Brosius)
- </li>
- <li>
- Updated Japanese bug message translations (Shisei Hanai)
- </li>
- <li>
- Improved bug detail message for covariant equals() (Shisei Hanai)
- </li>
- <li>
- Modeling of instanceof checks is now enabled by default, making
- the bad cast detector much more useful (Bill Pugh, David
- Hovemeyer)
- </li>
- <li>
- Support for detector ordering constraints in plugin descriptor
- (David Hovemeyer)
- </li>
- <li>
- Simpler option to control analysis effort: -effort:
- <i>value</i>, where
- <i>value</i> is one of
- <code>
- min
- </code>
- ,
- <code>
- default
- </code>
- , or
- <code>
- max
- </code>
- (David Hovemeyer)
- </li>
- <li>
- Using -effort:max, FindNullDeref checks for null arguments passed
- to methods which dereference them unconditionally (David
- Hovemeyer)
- </li>
- <li>
- FindNullDeref checks @Null and @NonNull annotations for
- parameters and return values (David Hovemeyer)
- </li>
+ <!-- Feature enhancements -->
+ <li>FindBugs available from findbugs.sourceforge.net as Java
+ Web Start application (Dave Brosius)</li>
+ <li>Updated Japanese bug message translations (Shisei Hanai)</li>
+ <li>Improved bug detail message for covariant equals() (Shisei
+ Hanai)</li>
+ <li>Modeling of instanceof checks is now enabled by default,
+ making the bad cast detector much more useful (Bill Pugh, David
+ Hovemeyer)</li>
+ <li>Support for detector ordering constraints in plugin
+ descriptor (David Hovemeyer)</li>
+ <li>Simpler option to control analysis effort: -effort: <i>value</i>,
+ where <i>value</i> is one of <code> min </code> , <code>
+ default </code> , or <code> max </code> (David Hovemeyer)
+ </li>
+ <li>Using -effort:max, FindNullDeref checks for null arguments
+ passed to methods which dereference them unconditionally (David
+ Hovemeyer)</li>
+ <li>FindNullDeref checks @Null and @NonNull annotations for
+ parameters and return values (David Hovemeyer)</li>
- <!-- Bug fixes -->
- </ul>
+ <!-- Bug fixes -->
+ </ul>
- <p>
- Changes since version 0.8.7:
- </p>
+ <p>Changes since version 0.8.7:</p>
- <ul>
- <!-- New detectors and bug patterns -->
- <li>
- New detector to find duplicate code in if/else statements (Dave
- Brosius)
- </li>
- <li>
- Look for calls to wait() on Condition objects (David Hovemeyer)
- </li>
- <li>
- Look for java.util.concurrent.Lock objects not released on every
- path out of method (David Hovemeyer)
- </li>
- <li>
- Look for calls to Thread.sleep() with a lock held (David
- Hovemeyer)
- </li>
- <li>
- More accurate detection of impossible casts (Bill Pugh, David
- Hovemeyer)
- </li>
+ <ul>
+ <!-- New detectors and bug patterns -->
+ <li>New detector to find duplicate code in if/else statements
+ (Dave Brosius)</li>
+ <li>Look for calls to wait() on Condition objects (David
+ Hovemeyer)</li>
+ <li>Look for java.util.concurrent.Lock objects not released on
+ every path out of method (David Hovemeyer)</li>
+ <li>Look for calls to Thread.sleep() with a lock held (David
+ Hovemeyer)</li>
+ <li>More accurate detection of impossible casts (Bill Pugh,
+ David Hovemeyer)</li>
- <!-- Feature enhancements -->
- <li>
- Saved XML now contains project statistics (Jay Dunning)
- </li>
- <li>
- Filter files can select by bug pattern type and warning priority
- (David Hovemeyer)
- </li>
+ <!-- Feature enhancements -->
+ <li>Saved XML now contains project statistics (Jay Dunning)</li>
+ <li>Filter files can select by bug pattern type and warning
+ priority (David Hovemeyer)</li>
- <!-- Bug fixes -->
- <li>
- Restored some files inadvertently omitted from previous release
- (Rohan Lloyd, David Hovemeyer)
- </li>
- <li>
- Make sure detectors requiring JDK 1.5 runtime classes are only
- executed if those classes are available (David Hovemeyer)
- </li>
- <li>
- Don't display analysis error dialog unless there is really an
- error (David Hovemeyer)
- </li>
- <li>
- Updated and expanded French translations of bug patterns and
- Swing GUI (Olivier Parent)
- </li>
- <li>
- Fixed invalid character encoding in German Swing GUI translation
- (Olivier Parent)
- </li>
- <li>
- Fix locale used for date format in project stats (K. Hashimoto)
- </li>
- <li>
- Fixed LongDescription elements in xml:withMessages output format
- (K. Hashimoto)
- </li>
- </ul>
+ <!-- Bug fixes -->
+ <li>Restored some files inadvertently omitted from previous
+ release (Rohan Lloyd, David Hovemeyer)</li>
+ <li>Make sure detectors requiring JDK 1.5 runtime classes are
+ only executed if those classes are available (David Hovemeyer)</li>
+ <li>Don't display analysis error dialog unless there is really
+ an error (David Hovemeyer)</li>
+ <li>Updated and expanded French translations of bug patterns
+ and Swing GUI (Olivier Parent)</li>
+ <li>Fixed invalid character encoding in German Swing GUI
+ translation (Olivier Parent)</li>
+ <li>Fix locale used for date format in project stats (K.
+ Hashimoto)</li>
+ <li>Fixed LongDescription elements in xml:withMessages output
+ format (K. Hashimoto)</li>
+ </ul>
- <p>
- Changes since version 0.8.6:
- </p>
+ <p>Changes since version 0.8.6:</p>
- <ul>
- <!-- new detectors -->
- <li>
- Extend Naming detector to look for classes that are named
- XXXException but that are not Exceptions (Dave Brosius)
- </li>
- <li>
- New detector to find classes that expose semaphores in the public
- implementation through the 'this' reference. (Dave Brosius)
- </li>
- <li>
- New Style detector to find Struts Action/Servlet derived classes
- that reference instance member variable not in synchronized
- blocks. (Dave Brosius)
- </li>
- <li>
- New Style detector to find classes that declare implementation of
- interfaces that are already implemented by super classes (Dave
- Brosius)
- </li>
- <li>
- New Style detector to find circular dependencies between classes
- (Dave Brosius)
- </li>
- <li>
- New Style detector to find unnecessary math on constants (Dave
- Brosius)
- </li>
- <li>
- New detector to find equality comparisons using floating point
- math (Jay Dunning)
- </li>
- <li>
- New faster detector to find local self assignments (Bill Pugh)
- </li>
- <li>
- New detector to find infinite recursive loops (Bill Pugh)
- </li>
- <li>
- New detector to find for loops with an incorrect increment (Bill
- Pugh)
- </li>
- <li>
- New detector to find suspicious uses of BufferedReader.readLine()
- and String.indexOf() (Bill Pugh)
- </li>
- <li>
- New detector to find suspicious integer to double casts (David
- Hovemeyer, Bill Pugh)
- </li>
- <li>
- New detector to find invalid regular expression patterns (Bill
- Pugh)
- </li>
- <li>
- New detector to find Bloch/Gafter Java puzzlers (Bill Pugh)
- </li>
+ <ul>
+ <!-- new detectors -->
+ <li>Extend Naming detector to look for classes that are named
+ XXXException but that are not Exceptions (Dave Brosius)</li>
+ <li>New detector to find classes that expose semaphores in the
+ public implementation through the 'this' reference. (Dave Brosius)
+ </li>
+ <li>New Style detector to find Struts Action/Servlet derived
+ classes that reference instance member variable not in
+ synchronized blocks. (Dave Brosius)</li>
+ <li>New Style detector to find classes that declare
+ implementation of interfaces that are already implemented by super
+ classes (Dave Brosius)</li>
+ <li>New Style detector to find circular dependencies between
+ classes (Dave Brosius)</li>
+ <li>New Style detector to find unnecessary math on constants
+ (Dave Brosius)</li>
+ <li>New detector to find equality comparisons using floating
+ point math (Jay Dunning)</li>
+ <li>New faster detector to find local self assignments (Bill
+ Pugh)</li>
+ <li>New detector to find infinite recursive loops (Bill Pugh)
+ </li>
+ <li>New detector to find for loops with an incorrect increment
+ (Bill Pugh)</li>
+ <li>New detector to find suspicious uses of
+ BufferedReader.readLine() and String.indexOf() (Bill Pugh)</li>
+ <li>New detector to find suspicious integer to double casts
+ (David Hovemeyer, Bill Pugh)</li>
+ <li>New detector to find invalid regular expression patterns
+ (Bill Pugh)</li>
+ <li>New detector to find Bloch/Gafter Java puzzlers (Bill
+ Pugh)</li>
+
+ <!-- feature enhancements -->
+ <li>New system property to suppress reporting of DLS based on
+ local variable name (Glenn Boysko)</li>
+ <li>Enhancements to configuration dialog in Eclipse plugin,
+ allow for saving enabled detectors in Eclipse projects (Phil
+ Crosby)</li>
+ <li>Sortable columns in detector dialog (Dave Brosius)</li>
+ <li>New tab in gui for showing bugs grouped by category (Dave
+ Brosius)</li>
+ <li>Improved German translation of Swing GUI (Thomas Kuehne)</li>
+ <li>Improved source file reporting in Emacs output format (Len
+ Trigg)</li>
+ <li>Improvements to redundant null comparison detector (Bill
+ Pugh)</li>
+ <li>Localization of run analysis and analysis error dialogs in
+ Swing GUI (K. Hashimoto)</li>
+
+ <!-- Bug fixes -->
+ <li>Don't scan equals methods in FindHEMismatch if code is
+ native (Greg Bentz)</li>
+ <li>French translation fixes (David Cotton)</li>
+ <li>Internationalization report fixes (K. Hashimoto)</li>
+ <li>Japanese translations updates (SHISEI Hanai)</li>
+ </ul>
+
+ <p>Changes since version 0.8.5:</p>
+ <ul>
+ <!-- new detectors -->
+ <li>New detector to find catch blocks that may inadvertently
+ catch runtime exceptions (Brian Goetz)</li>
+ <li>New detector to find objects that are instantiated based
+ on classes that only have static methods and fields, using the
+ synthesized constructor (Dave Brosius)</li>
+ <li>New detector to find calls to Thread.interrupted() in a
+ non static context, and especially with non currentThread()
+ threads (Dave Brosius)</li>
+ <li>New detector to find calls to equals() methods that use
+ Object's version. (Dave Brosius)</li>
+ <li>New detector to find Applets that call methods in the
+ constructor refering to the AppletStub (Dave Brosius)</li>
+ <li>New detector to find some cases of infinite recursion
+ (Bill Pugh)</li>
+ <li>New detector to find dead stores to local variables (David
+ Hovemeyer, Bill Pugh)</li>
+ <li>Extend Dumb Method detector for toUpperCase(),
+ toLowerCase() without a locale, new Integer(1).toString(), new
+ XXX().getClass(), and new Thread() without a run implementation
+ (Dave Brosius) <!-- feature enhancements -->
+ </li>
+ <li>Ant task supports "errorProperty" attribute, which sets an
+ Ant property to "true" if an error occurs running FindBugs
+ (Michael Tamm)</li>
+ <li>Eclipse plugin allows filtering of warnings by bug
+ category, priority (David Hovemeyer)</li>
+ <li>Swing GUI allows filtering of warnings by bug category
+ (David Hovemeyer)</li>
+ <li>Ability to annotate methods using Java 1.5 annotations
+ that suppress FindBugs warnings (Bill Pugh)</li>
+ <li>New -adjustExperimental for lowering priority of
+ BugPatterns that are experimental (Dave Brosius)</li>
+ <li>Allow for command line options 'files' using the @ symbol
+ (David Hovemeyer)</li>
+ <li>New -adjustPriority command line option to for adjusting
+ bug priorites (David Hovemeyer)</li>
+ <li>Added an Edit menu (cut/copy/paste) to Swing GUI (Dave
+ Brosius)</li>
+ <li>French translation supplied (David Cotton) <!-- Bug fixes -->
+ </li>
+ </ul>
+
+ <p>Changes since version 0.8.4:</p>
+ <ul>
+ <!-- new detectors -->
+ <li>New detector for volatile references to arrays (Bill Pugh)
+ </li>
+ <li>New detector to find instanceof usage where inheritance
+ can be determined statically (Dave Brosius)</li>
+ <li>New detector to find ResultSet.getXXX updateXXX calls
+ using index 0 (Dave Brosius)</li>
+ <li>New detector to find empty zip or jar entries (Bill Pugh)
<!-- feature enhancements -->
- <li>
- New system property to suppress reporting of DLS based on local
- variable name (Glenn Boysko)
- </li>
- <li>
- Enhancements to configuration dialog in Eclipse plugin, allow for
- saving enabled detectors in Eclipse projects (Phil Crosby)
- </li>
- <li>
- Sortable columns in detector dialog (Dave Brosius)
- </li>
- <li>
- New tab in gui for showing bugs grouped by category (Dave
- Brosius)
- </li>
- <li>
- Improved German translation of Swing GUI (Thomas Kuehne)
- </li>
- <li>
- Improved source file reporting in Emacs output format (Len Trigg)
- </li>
- <li>
- Improvements to redundant null comparison detector (Bill Pugh)
- </li>
- <li>
- Localization of run analysis and analysis error dialogs in Swing
- GUI (K. Hashimoto)
- </li>
+ </li>
+ <li>HTML output generation using built-in XSLT stylesheet or
+ user-defined stylesheet (David Hovemeyer)</li>
+ <li>Allow URLs to be specified to analyze zip/jar files, local
+ directories, and single classfiles (David Hovemeyer)</li>
+ <li>New command line option -onlyAnalyze restricts analysis to
+ selected classes and packages without reducing accuracy (David
+ Hovemeyer)</li>
+ <li>Allow Swing GUI to show source code in jar files on
+ Windows systems (Dave Brosius) <!-- Bug fixes -->
+ </li>
+ <li>Fix the Switch Fall Thru detector (Dave Brosius, David
+ Hovemeyer, Bill Pugh)</li>
+ <li>MacOS GUI fixes (Rohan Lloyd)</li>
+ <li>Fix false positive in BOA in case where method is
+ correctly and 'incorrectly' overridden (Dave Brosius)</li>
+ <li>Fixed memory blowup when analyzing methods which access a
+ large number of fields (David Hovemeyer)</li>
+ </ul>
- <!-- Bug fixes -->
- <li>
- Don't scan equals methods in FindHEMismatch if code is native
- (Greg Bentz)
- </li>
- <li>
- French translation fixes (David Cotton)
- </li>
- <li>
- Internationalization report fixes (K. Hashimoto)
- </li>
- <li>
- Japanese translations updates (SHISEI Hanai)
- </li>
- </ul>
+ <p>Changes since version 0.8.3:</p>
+ <ul>
+ <li>Initial and preliminary localization of the Swing
+ GUI. Translations by:
+ <ul>
+ <li>German - Peter D. Stout, Holger Stenzhorn</li>
+ <li>Finnish - Juha Knuutila</li>
+ <li>Estonian - Tanel Lebedev</li>
+ <li>Japanese - Hanai Shisei</li>
+ </ul>
+ </li>
+ <li>Eliminated debug print statements inadvertently left
+ enabled</li>
+ <li>Reverted some changes in the open stream detector: this
+ should fix some false positives that were introduced in the
+ previous release</li>
+ <li>Fixed a couple missing class reports</li>
+ </ul>
- <p>
- Changes since version 0.8.5:
+ <p>Changes since version 0.8.2:</p>
+ <ul>
- </p>
- <ul>
- <!-- new detectors -->
- <li>
- New detector to find catch blocks that may inadvertently catch
- runtime exceptions (Brian Goetz)
- </li>
- <li>
- New detector to find objects that are instantiated based on
- classes that only have static methods and fields, using the
- synthesized constructor (Dave Brosius)
- </li>
- <li>
- New detector to find calls to Thread.interrupted() in a non
- static context, and especially with non currentThread() threads
- (Dave Brosius)
- </li>
- <li>
- New detector to find calls to equals() methods that use Object's
- version. (Dave Brosius)
- </li>
- <li>
- New detector to find Applets that call methods in the constructor
- refering to the AppletStub (Dave Brosius)
- </li>
- <li>
- New detector to find some cases of infinite recursion (Bill Pugh)
- </li>
- <li>
- New detector to find dead stores to local variables (David
- Hovemeyer, Bill Pugh)
- </li>
- <li>
- Extend Dumb Method detector for toUpperCase(), toLowerCase()
- without a locale, new Integer(1).toString(), new
- XXX().getClass(), and new Thread() without a run implementation
- (Dave Brosius)
- <!-- feature enhancements -->
- </li>
- <li>
- Ant task supports "errorProperty" attribute, which sets an Ant
- property to "true" if an error occurs running FindBugs (Michael
- Tamm)
- </li>
- <li>
- Eclipse plugin allows filtering of warnings by bug category,
- priority (David Hovemeyer)
- </li>
- <li>
- Swing GUI allows filtering of warnings by bug category (David
- Hovemeyer)
- </li>
- <li>
- Ability to annotate methods using Java 1.5 annotations that
- suppress FindBugs warnings (Bill Pugh)
- </li>
- <li>
- New -adjustExperimental for lowering priority of BugPatterns that
- are experimental (Dave Brosius)
- </li>
- <li>
- Allow for command line options 'files' using the @ symbol (David
- Hovemeyer)
- </li>
- <li>
- New -adjustPriority command line option to for adjusting bug
- priorites (David Hovemeyer)
- </li>
- <li>
- Added an Edit menu (cut/copy/paste) to Swing GUI (Dave Brosius)
- </li>
- <li>
- French translation supplied (David Cotton)
- <!-- Bug fixes -->
- </li>
- </ul>
+ <!-- New detectors -->
+ <li>New detector to find improperly overridden GUI Adapter
+ classes (Dave Brosius)</li>
+ <li>New detector to find improperly setup JUnit TestCases
+ (Dave Brosius)</li>
+ <li>New detector to find variables that mask class level
+ fields (Dave Brosius)</li>
+ <li>New detector to find comparisons of values computed with
+ bitwise operators that always yield the same result (Tom Truscott)
+ </li>
+ <li>New detector to find unsafe getClass().getResource() calls
+ (Bill Pugh)</li>
+ <li>New detector to find GUI changes not in GUI thread but in
+ static main (Bill Pugh)</li>
+ <li>New detector to find calls to Collection.toArray() with
+ zero-length array argument; it is more efficient to pass an array
+ the size of the collection, which can be populated and returned as
+ the result (Dave Brosius) <!-- Analysis improvements -->
+ </li>
+ <li>Better suppression of false warnings in various detectors
+ (Bill Pugh, David Hovemeyer)</li>
+ <li>Enhancement to ReadReturnShouldBeChecked detector for
+ skip() (Dave Brosius)</li>
+ <li>Enhancement to DumbMethods detector (Dave Brosius)</li>
+ <li>Open stream detector does not report wrappers of streams
+ passed as method parameters (David Hovemeyer) <!-- Feature enhancements -->
+ </li>
+ <li>Cancel confirmation dialog in Swing GUI (Pete Angstadt)</li>
+ <li>Better relative path saving in Project file (Dave Brosius)
+ </li>
+ <li>Detector Priority in GUI is now saved in prefs file (Dave
+ Brosius)</li>
+ <li>Controls in GUI to reorder source and classpath entries,
+ and ability to flip between Project details and bugs pages (Dave
+ Brosius)</li>
+ <li>In Swing GUI, analysis error dialog supports "Select All"
+ and "Copy" operations for easy generation of error reports (Dave
+ Brosius)</li>
+ <li>Complete translation of bug descriptions and messages into
+ Japanese (Hanai Shisei) <!-- Bug fixes -->
+ </li>
+ <li>Fixed bug in DroppedException detector (Dave Brosius) <!-- Development stuff -->
+ </li>
+ <li>The source distribution defaults to using JDK 1.5 javac to
+ compile, but support for compiling with JSR-14 prototype is still
+ supported</li>
+ </ul>
- <p>
- Changes since version 0.8.4:
+ <p>Changes since version 0.8.1:</p>
+ <ul>
+ <li>Fixed a critical ClassCastException bug (triggered if the
+ -workHard option was used, and an exception type was merged with
+ an array type during type inference)</li>
+ </ul>
- </p>
- <ul>
- <!-- new detectors -->
- <li>
- New detector for volatile references to arrays (Bill Pugh)
- </li>
- <li>
- New detector to find instanceof usage where inheritance can be
- determined statically (Dave Brosius)
- </li>
- <li>
- New detector to find ResultSet.getXXX updateXXX calls using index
- 0 (Dave Brosius)
- </li>
- <li>
- New detector to find empty zip or jar entries (Bill Pugh)
+ <p>Changes since version 0.8.0:</p>
+ <ul>
+ <li>Disabled SwitchFallthrough detector to work around
+ NullPointerExceptions</li>
+ <li>Added some additional false positive suppression
+ heuristics</li>
+ </ul>
- <!-- feature enhancements -->
- </li>
- <li>
- HTML output generation using built-in XSLT stylesheet or
- user-defined stylesheet (David Hovemeyer)
- </li>
- <li>
- Allow URLs to be specified to analyze zip/jar files, local
- directories, and single classfiles (David Hovemeyer)
- </li>
- <li>
- New command line option -onlyAnalyze restricts analysis to
- selected classes and packages without reducing accuracy (David
- Hovemeyer)
- </li>
- <li>
- Allow Swing GUI to show source code in jar files on Windows
- systems (Dave Brosius)
+ <p>Also, two contributors to the 0.8.0 release were
+ inadvertently left out of the credits:</p>
+ <ul>
+ <li>Pete Angstadt fixed several problems in the Swing GUI</li>
+ <li>Francis Lalonde provided a task resource file for the
+ FindBugs Ant task</li>
+ </ul>
- <!-- Bug fixes -->
- </li>
- <li>
- Fix the Switch Fall Thru detector (Dave Brosius, David Hovemeyer,
- Bill Pugh)
- </li>
- <li>
- MacOS GUI fixes (Rohan Lloyd)
- </li>
- <li>
- Fix false positive in BOA in case where method is correctly and
- 'incorrectly' overridden (Dave Brosius)
- </li>
- <li>
- Fixed memory blowup when analyzing methods which access a large
- number of fields (David Hovemeyer)
- </li>
- </ul>
+ <p>Changes since version 0.7.4:</p>
+ <ul>
+ <li>New detector to look for uses of "+" operator to
+ concatenate String objects in a loop (Dave Brosius)</li>
+ <li>Reference comparison detector looks for places where the
+ argument passed to the equals(Object) method isn't the same type
+ as the receiver object</li>
+ <li>Better suppression of false warnings in many detectors</li>
+ <li>Many improvements to Eclipse plugin (Andrey Loskutov,
+ Peter Friese)</li>
+ <li>Fixed problem with building Eclipse plugin on Windows
+ (Thomas Klaeger)</li>
+ <li>Open stream detector looks for unclosed PreparedStatement
+ objects (Thomas Klaeger, Rohan Lloyd)</li>
+ <li>Fix for open stream detector: it wasn't detecting close()
+ methods called through an invokeinterface instruction (Thomas
+ Klaeger)</li>
+ <li>Refactoring of visitor classes to enforce use of accessors
+ for visited class features (Brian Goetz)</li>
+ </ul>
- <p>
- Changes since version 0.8.3:
- </p>
- <ul>
- <li>
- Initial and preliminary localization of the Swing GUI.
- Translations by:
- <ul>
- <li>
- German - Peter D. Stout, Holger Stenzhorn
- </li>
- <li>
- Finnish - Juha Knuutila
- </li>
- <li>
- Estonian - Tanel Lebedev
- </li>
- <li>
- Japanese - Hanai Shisei
- </li>
- </ul>
- </li>
- <li>
- Eliminated debug print statements inadvertently left enabled
- </li>
- <li>
- Reverted some changes in the open stream detector: this should
- fix some false positives that were introduced in the previous
- release
- </li>
- <li>
- Fixed a couple missing class reports
- </li>
- </ul>
+ <p>Changes since version 0.7.3:</p>
+ <ul>
+ <li>Experimental modification of open stream detector to look
+ for non-escaping JDBC resources (connections and statements) that
+ aren't closed on all paths out of method</li>
+ <li>Eclipse plugin fixed so it compiles and runs on Eclipse
+ 2.1.x (Peter Friese)</li>
+ <li>Option to Swing GUI and command line to generate project
+ file using relative paths for archives, source directories, and
+ aux classpath entries (Dave Brosius)</li>
+ <li>Improvements to findbugs.bat script for launching FindBugs
+ on Windows (Dave Brosius)</li>
+ <li>Updated Japanese message translations (Hiroshi Okugawa)</li>
+ <li>Uncalled private methods are now reported as low priority,
+ unless they have the same name as another method in the class
+ (which is more likely to indicate an actual bug)</li>
+ <li>Added some missing data in the bug messages XML files</li>
+ <li>Fixed some problems building from source on Windows
+ systems</li>
+ <li>Various minor bug fixes</li>
+ </ul>
- <p>
- Changes since version 0.8.2:
- </p>
- <ul>
+ <p>Changes since version 0.7.2:</p>
+ <ul>
+ <li>Enhanced Eclipse plugin, which displays the detailed bug
+ description in a view (Phil Crosby)</li>
+ <li>Various tweaks to existing detectors to reduce false
+ warnings</li>
+ <li>New command line option <code> -workHard </code> enables
+ pruning of infeasible or unlikely exception edges, which results
+ in better accuracy in the open stream detector, at the expense of
+ a 30%-100% slowdown
+ </li>
+ <li>New website and HTML documentation design</li>
+ <li>Documentation includes an HTML document with descriptions
+ of all bug patterns reported by FindBugs</li>
+ <li>Web page has a link to a <a
+ href="http://www.simeji.com/findbugs/doc/manual_ja/index.html">Japanese
+ translation</a> of the FindBugs manual, contributed by Hiroshi
+ Okugawa
+ </li>
+ <li>Changed the Inconsistent Synchronization detector so that
+ fields synchronized 50% of the time (or more) are reported as
+ medium priority bugs (previously they were reported as low)</li>
+ <li>New detector to find code that catches
+ IllegalMonitorStateException</li>
+ <li>New detector to find private methods that are never called
+ </li>
+ <li>New detector to find suspicious uses of
+ non-short-circuiting boolean operators ( <code> & </code> and
+ <code> | </code> , rather than <code> && </code> and <code>
+ || </code> )
+ </li>
+ </ul>
- <!-- New detectors -->
- <li>
- New detector to find improperly overridden GUI Adapter classes
- (Dave Brosius)
- </li>
- <li>
- New detector to find improperly setup JUnit TestCases (Dave
- Brosius)
- </li>
- <li>
- New detector to find variables that mask class level fields (Dave
- Brosius)
- </li>
- <li>
- New detector to find comparisons of values computed with bitwise
- operators that always yield the same result (Tom Truscott)
- </li>
- <li>
- New detector to find unsafe getClass().getResource() calls (Bill
- Pugh)
- </li>
- <li>
- New detector to find GUI changes not in GUI thread but in static
- main (Bill Pugh)
- </li>
- <li>
- New detector to find calls to Collection.toArray() with
- zero-length array argument; it is more efficient to pass an array
- the size of the collection, which can be populated and returned
- as the result (Dave Brosius)
+ <p>Changes since version 0.7.1:</p>
+ <ul>
+ <li>Incorporated patched version of BCEL, which allows classes
+ compiled with JDK 1.5.0 beta to be analyzed</li>
+ <li>Fixed some bugs related to lookups of array classes</li>
+ <li>Fixed bug that prevented GUI from loading XML result files
+ when running under JDK 1.5.0 beta</li>
+ <li>Added new experimental bug detector, LazyInit, which looks
+ for potentially buggy lazy initializations of static fields</li>
+ <li>Because of long filenames, switched to distributing the
+ source archive as a zip file rather than a tar file</li>
+ <li>The 0.7.1 source tarfile was botched - 0.7.2 has a valid
+ source archive</li>
+ <li>Fixed some problems in the Ant build script</li>
+ <li>Fixed NullPointerException when checking Class-Path
+ attribute for Jar files without manifests</li>
+ <li>Generate version numbers for the core and UI Eclipse
+ plugins using the Version class; all version numbers are now in a
+ common location</li>
+ </ul>
- <!-- Analysis improvements -->
- </li>
- <li>
- Better suppression of false warnings in various detectors (Bill
- Pugh, David Hovemeyer)
- </li>
- <li>
- Enhancement to ReadReturnShouldBeChecked detector for skip()
- (Dave Brosius)
- </li>
- <li>
- Enhancement to DumbMethods detector (Dave Brosius)
- </li>
- <li>
- Open stream detector does not report wrappers of streams passed
- as method parameters (David Hovemeyer)
+ <p>Changes since version 0.7.0:</p>
+ <ul>
+ <li>Eclipse plugin (contributed by Peter Friese)</li>
+ <li>Source package structure rearranged: all source (other
+ than Eclipse plugin UI) is in the edu.umd.cs.findbugs package, or
+ a subpackage</li>
+ <li>Class-Path attributes of manifests of analyzed jar files
+ are used to set the aux classpath automatically (Peter D. Stout)</li>
+ <li>GUI starts in directory specified by user.home property
+ (Peter D. Stout)</li>
+ <li>Added -project option to GUI (Mikko T.)</li>
+ <li>Added -look:{plastic,gtk,native} option to GUI, for
+ setting look and feel (Mikko T.)</li>
+ <li>Fixed DataflowAnalysisException in inconsistent
+ synchronization detector</li>
+ <li>Ant task supports failOnError parameter (Rohan Lloyd)</li>
+ <li>Serializable class warnings are downgraded to low priority
+ for GUI classes</li>
+ <li>MWN detector will only report calls to wait(), notify(),
+ and notifyAll() methods that have the correct signature</li>
+ <li>FindBugs works with latest CVS version of BCEL</li>
+ <li>Zip and Jar files may be added to the source path</li>
+ <li>The GUI will automatically find source files residing in
+ analyzed Zip or Jar files</li>
+ </ul>
- <!-- Feature enhancements -->
- </li>
- <li>
- Cancel confirmation dialog in Swing GUI (Pete Angstadt)
- </li>
- <li>
- Better relative path saving in Project file (Dave Brosius)
- </li>
- <li>
- Detector Priority in GUI is now saved in prefs file (Dave
- Brosius)
- </li>
- <li>
- Controls in GUI to reorder source and classpath entries, and
- ability to flip between Project details and bugs pages (Dave
- Brosius)
- </li>
- <li>
- In Swing GUI, analysis error dialog supports "Select All" and
- "Copy" operations for easy generation of error reports (Dave
- Brosius)
- </li>
- <li>
- Complete translation of bug descriptions and messages into
- Japanese (Hanai Shisei)
+ <p>Note that the version number jumped from 0.6.6 to 0.6.9;
+ there were no 0.6.7 or 0.6.8 releases.</p>
+ <p>Changes since version 0.6.9:</p>
+ <ul>
+ <li>Added -conserveSpace option to reduce memory use at the
+ expense of analysis precision</li>
+ <li>Bug fixes in findbugs.bat script: JAVA_HOME handling,
+ autodetection of FINDBUGS_HOME, missing output with -textui</li>
+ <li>Fixed NullPointerException when a missing class is
+ encountered</li>
+ </ul>
- <!-- Bug fixes -->
- </li>
- <li>
- Fixed bug in DroppedException detector (Dave Brosius)
+ <p>Changes since version 0.6.6:</p>
+ <ul>
+ <li>The null pointer dereference detector is more powerful</li>
+ <li>Significantly improved heuristics and bug fixes in
+ inconsistent synchronization detector</li>
+ <li>Improved heuristics in open stream and dropped exception
+ detectors; fewer false positives should be reported</li>
+ <li>Save HTML summary in XML results files, rather than
+ recomputing; this makes loading results in GUI much faster</li>
+ <li>Report at most one String comparison using == or != per
+ method</li>
+ <li>The findbugs.bat script on Windows autodetects
+ FINDBUGS_HOME, and doesn't open a DOS window when launching the
+ GUI (contributed by TJSB)</li>
+ <li>Emacs reporting format (contributed by David Li)</li>
+ <li>Various bug fixes</li>
+ </ul>
- <!-- Development stuff -->
- </li>
- <li>
- The source distribution defaults to using JDK 1.5 javac to
- compile, but support for compiling with JSR-14 prototype is still
- supported
- </li>
- </ul>
+ <p>Changes since 0.6.5:</p>
+ <ul>
+ <li>Rewritten inconsistent synchronization detector; accuracy
+ is significantly improved, and bug reports are prioritized</li>
+ <li>New detector to find self assignment (x=x) of local
+ variables (suggested by Jeff Martin)</li>
+ <li>New detector to find calls to wait(), notify(), and
+ notifyAll() on an object which is not obviously locked</li>
+ <li>Open stream detector now reports Readers and Writers</li>
+ <li>Fixed bug in finalizer idioms detector which caused
+ spurious warnings about failure to call super.finalize() (reported
+ by Jim Menard)</li>
+ <li>Fixed bug where output stream was not closed using non-XML
+ output (reported by Sigiswald Madou)</li>
+ <li>Fixed corrupted HTML bug detail message (reported by
+ Trevor Harmon)</li>
+ </ul>
- <p>
- Changes since version 0.8.1:
- </p>
- <ul>
- <li>
- Fixed a critical ClassCastException bug (triggered if the
- -workHard option was used, and an exception type was merged with
- an array type during type inference)
- </li>
- </ul>
+ <p>Changes since version 0.6.4:</p>
+ <ul>
+ <li>For redundant comparison of reference values, fixed false
+ positives resulting from duplication of code in finally blocks</li>
+ <li>Fixed false positives resulting from wrapped byte array
+ streams left open</li>
+ <li>Fixed bug in Ant task preventing output file from working
+ properly if a relative path was used</li>
+ </ul>
- <p>
- Changes since version 0.8.0:
+ <p>Changes since version 0.6.3:</p>
+ <ul>
+ <li>Fixed bug in Ant task where output would be corrupted, and
+ added a <code> timeout </code> attribute
+ </li>
+ <li>Added -outputFile option to text UI, for explicitly
+ specifying an output file</li>
+ <li>GUI has a summary window, for statistics about overall bug
+ densities (contributed by Mike Fagan)</li>
+ <li>Find redundant comparisons of reference values</li>
+ <li>More accurate detection of Strings compared with == and !=
+ operators</li>
+ <li>Detection of other reference types which should generally
+ not be compared with == and != operators; Boolean, Integer, etc.</li>
+ <li>Find non-transient non-serializable instance fields in
+ Serializable classes</li>
+ <li>Source code may be compiled with latest early access
+ generics-enabled javac (version 2.2)</li>
+ </ul>
- </p>
- <ul>
- <li>
- Disabled SwitchFallthrough detector to work around
- NullPointerExceptions
- </li>
- <li>
- Added some additional false positive suppression heuristics
- </li>
- </ul>
+ <p>Changes since version 0.6.2:</p>
+ <ul>
+ <li>GUI supports filtering bugs by priority</li>
+ <li>Ant task rewritten; supports all functionality offered by
+ Text UI (contributed by Mike Fagan)</li>
+ <li>Ant task is fully documented in the manual</li>
+ <li>Classes in nested archives are analyzed; this allows full
+ support for analyzing .ear and .war files (contributed by Mike
+ Fagan)</li>
+ <li>DepthFirstSearch changed to use non-recursive
+ implementation; this should fix the StackOverflowErrors that
+ several users reported</li>
+ <li>Various minor bugfixes and improvements</li>
+ </ul>
- <p>
- Also, two contributors to the 0.8.0 release were inadvertently
- left out of the credits:
+ <p>Changes since version 0.6.1:</p>
+ <ul>
+ <li>New detector to look for useless control flow (suggested
+ by Richard P. King and Mike Fagan)</li>
+ <li>Look for places where return value of
+ java.io.File.createNewFile() is ignored (suggested by Richard P.
+ King)</li>
+ <li>Fixed bug in resolution of source files (only the first
+ source directory was searched)</li>
+ <li>Fixed a NullPointerException in the bytecode pattern
+ matching code</li>
+ <li>Ant task supports project files (contributed by Mike
+ Fagan)</li>
+ <li>Unix findbugs script honors the <code> JAVA_HOME </code>
+ environment variable (contributed by Pedro Morais)
+ </li>
+ <li>Allow .war and .ear files to be analyzed</li>
+ </ul>
- </p>
- <ul>
- <li>
- Pete Angstadt fixed several problems in the Swing GUI
- </li>
- <li>
- Francis Lalonde provided a task resource file for the FindBugs
- Ant task
- </li>
- </ul>
+ <p>Changes since version 0.6.0:</p>
+ <ul>
+ <li>New bug pattern detector which looks for places where a
+ null pointer might be dereferenced</li>
+ <li>New bug pattern detector which looks for IO streams that
+ are opened, do not escape the method, and are not closed on all
+ paths out of the method</li>
+ <li>New bug pattern detector to find methods that can return
+ null instead of a zero-length array</li>
+ <li>New bug pattern detector to find places where the == or !=
+ operators are used to compare String objects</li>
+ <li>Command line interface can save bugs as XML</li>
+ <li>GUI can save bugs to and load bugs from XML</li>
+ <li>An "Annotations" window in the GUI allows the user to add
+ textual annotations to bug reports; these annotations are
+ preserved when bugs are saved as XML</li>
+ <li>In this release, the Japanese bug summary translations by
+ Germano Leichsenring are really included (they were inadvertently
+ omitted in the previous release)</li>
+ <li>Completely rewrote the control flow graph builder,
+ hopefully for the last time</li>
+ <li>Simplified implementation of control flow graphs, which
+ should reduce memory use and possibly improve performance</li>
+ <li>Improvements to command line interface (list bug
+ priorities, filter by priority, specify aux classpath, specify
+ project to analyze)</li>
+ <li>Various bug fixes and enhancements</li>
+ </ul>
- <p>
- Changes since version 0.7.4:
+ <p>Changes since version 0.5.4</p>
+ <ul>
+ <li>Added an <a href="http://ant.apache.org/">Ant</a> task for
+ FindBugs, contributed by Mike Fagan.
+ </li>
+ <li>Added a GUI dialog which allows individual bug pattern
+ detectors to be enabled or disabled. Disabling certain slow
+ detectors can greatly speed up analysis of large programs, at the
+ expense of reducing the number of potential bugs found.</li>
+ <li>Added a new detector for finding improperly ignored return
+ values for methods such as <code> String.trim() </code> .
+ Suggested by Andreas Mandel.
+ </li>
+ <li>Japanese translations of the bug summaries, contributed by
+ Germano Leichsenring.</li>
+ <li>Filtering of results is supported in command line
+ interface. See the <a href="manual/index.html">FindBugs manual</a>
+ for details.
+ </li>
+ <li>Added "byte code patterns", a general pattern matching
+ infrastructure for bytecode instructions. This feature
+ significantly reduces the complexity of implementing new bug
+ pattern detectors.</li>
+ <li>Enabled a new general dataflow analysis to track values in
+ methods.</li>
+ <li>Switched to new control-flow graph builder implementation.
+ </li>
+ </ul>
- </p>
- <ul>
- <li>
- New detector to look for uses of "+" operator to concatenate
- String objects in a loop (Dave Brosius)
- </li>
- <li>
- Reference comparison detector looks for places where the argument
- passed to the equals(Object) method isn't the same type as the
- receiver object
- </li>
- <li>
- Better suppression of false warnings in many detectors
- </li>
- <li>
- Many improvements to Eclipse plugin (Andrey Loskutov, Peter
- Friese)
- </li>
- <li>
- Fixed problem with building Eclipse plugin on Windows (Thomas
- Klaeger)
- </li>
- <li>
- Open stream detector looks for unclosed PreparedStatement objects
- (Thomas Klaeger, Rohan Lloyd)
- </li>
- <li>
- Fix for open stream detector: it wasn't detecting close() methods
- called through an invokeinterface instruction (Thomas Klaeger)
- </li>
- <li>
- Refactoring of visitor classes to enforce use of accessors for
- visited class features (Brian Goetz)
- </li>
- </ul>
+ <p>Changes since version 0.5.3</p>
+ <ul>
+ <li>Fixed a bug in the script used to launch FindBugs on
+ Windows platforms.</li>
+ <li>Fixed crashes when analyzing class files without source
+ line information.</li>
+ <li>All major errors are reported using an error dialog; file
+ not found errors are more informative.</li>
+ <li>Minor GUI improvements.</li>
+ </ul>
- <p>
- Changes since version 0.7.3:
+ <p>Changes since version 0.5.2</p>
+ <ul>
+ <li>All of the source code and related files are in a single
+ directory tree.</li>
+ <li>Updated some of the detectors to produce source line
+ information.</li>
+ <li><a href="http://ant.apache.org/">Ant</a> build script and
+ several GUI enhancements and fixes contributed by Mike Fagan.</li>
+ <li>Converted to use a <a href="AddingDetectors.txt">plugin
+ architecture</a> for loading bug detectors.
+ </li>
+ <li>Eliminated generics-related compiler warnings.</li>
+ <li>More complete documentation has been added.</li>
+ </ul>
- </p>
- <ul>
- <li>
- Experimental modification of open stream detector to look for
- non-escaping JDBC resources (connections and statements) that
- aren't closed on all paths out of method
- </li>
- <li>
- Eclipse plugin fixed so it compiles and runs on Eclipse 2.1.x
- (Peter Friese)
- </li>
- <li>
- Option to Swing GUI and command line to generate project file
- using relative paths for archives, source directories, and aux
- classpath entries (Dave Brosius)
- </li>
- <li>
- Improvements to findbugs.bat script for launching FindBugs on
- Windows (Dave Brosius)
- </li>
- <li>
- Updated Japanese message translations (Hiroshi Okugawa)
- </li>
- <li>
- Uncalled private methods are now reported as low priority, unless
- they have the same name as another method in the class (which is
- more likely to indicate an actual bug)
- </li>
- <li>
- Added some missing data in the bug messages XML files
- </li>
- <li>
- Fixed some problems building from source on Windows systems
- </li>
- <li>
- Various minor bug fixes
- </li>
- </ul>
+ <p>Changes since version 0.5.1:</p>
+ <ul>
+ <li>Fixed a large number of bugs in the BCEL Repository and
+ FindBugs's use of the Repository. With these changes,
+ FindBugs should <em>never</em> crash or otherwise misbehave
+ because of Repository lookup failures. Because of these
+ changes, you must use a modified version of <code> bcel.jar
+ </code> with FindBugs. This jar file is included in the FindBugs
+ 0.5.2 binary release. A complete patch containing the <a
+ href="http://faculty.ycp.edu/~dhovemey/bcel-30-April-2003.patch">modifications
+ against the BCEL CVS main branch as of April 30, 2003</a> is also
+ available.
+ </li>
+ <li>Implemented the "auxiliary classpath entry list".
+ Aux classpath entries can be added to a project to provide classes
+ that are referenced by the analyzed application, but should not
+ themselves be analyzed. Having all referenced classes
+ available allows FindBugs to produce more accurate results.</li>
+ </ul>
- <p>
- Changes since version 0.7.2:
-
- </p>
- <ul>
- <li>
- Enhanced Eclipse plugin, which displays the detailed bug
- description in a view (Phil Crosby)
- </li>
- <li>
- Various tweaks to existing detectors to reduce false warnings
- </li>
- <li>
- New command line option
- <code>
- -workHard
- </code>
- enables pruning of infeasible or unlikely exception edges, which
- results in better accuracy in the open stream detector, at the
- expense of a 30%-100% slowdown
- </li>
- <li>
- New website and HTML documentation design
- </li>
- <li>
- Documentation includes an HTML document with descriptions of all
- bug patterns reported by FindBugs
- </li>
- <li>
- Web page has a link to a
- <a href="http://www.simeji.com/findbugs/doc/manual_ja/index.html">Japanese
- translation</a> of the FindBugs manual, contributed by Hiroshi
- Okugawa
- </li>
- <li>
- Changed the Inconsistent Synchronization detector so that fields
- synchronized 50% of the time (or more) are reported as medium
- priority bugs (previously they were reported as low)
- </li>
- <li>
- New detector to find code that catches
- IllegalMonitorStateException
- </li>
- <li>
- New detector to find private methods that are never called
- </li>
- <li>
- New detector to find suspicious uses of non-short-circuiting
- boolean operators (
- <code>
- &
- </code>
- and
- <code>
- |
- </code>
- , rather than
- <code>
- &&
- </code>
- and
- <code>
- ||
- </code>
- )
- </li>
- </ul>
-
- <p>
- Changes since version 0.7.1:
-
- </p>
- <ul>
- <li>
- Incorporated patched version of BCEL, which allows classes
- compiled with JDK 1.5.0 beta to be analyzed
- </li>
- <li>
- Fixed some bugs related to lookups of array classes
- </li>
- <li>
- Fixed bug that prevented GUI from loading XML result files when
- running under JDK 1.5.0 beta
- </li>
- <li>
- Added new experimental bug detector, LazyInit, which looks for
- potentially buggy lazy initializations of static fields
- </li>
- <li>
- Because of long filenames, switched to distributing the source
- archive as a zip file rather than a tar file
- </li>
- <li>
- The 0.7.1 source tarfile was botched - 0.7.2 has a valid source
- archive
- </li>
- <li>
- Fixed some problems in the Ant build script
- </li>
- <li>
- Fixed NullPointerException when checking Class-Path attribute for
- Jar files without manifests
- </li>
- <li>
- Generate version numbers for the core and UI Eclipse plugins
- using the Version class; all version numbers are now in a common
- location
- </li>
- </ul>
-
- <p>
- Changes since version 0.7.0:
-
- </p>
- <ul>
- <li>
- Eclipse plugin (contributed by Peter Friese)
- </li>
- <li>
- Source package structure rearranged: all source (other than
- Eclipse plugin UI) is in the edu.umd.cs.findbugs package, or a
- subpackage
- </li>
- <li>
- Class-Path attributes of manifests of analyzed jar files are used
- to set the aux classpath automatically (Peter D. Stout)
- </li>
- <li>
- GUI starts in directory specified by user.home property (Peter D.
- Stout)
- </li>
- <li>
- Added -project option to GUI (Mikko T.)
- </li>
- <li>
- Added -look:{plastic,gtk,native} option to GUI, for setting look
- and feel (Mikko T.)
- </li>
- <li>
- Fixed DataflowAnalysisException in inconsistent synchronization
- detector
- </li>
- <li>
- Ant task supports failOnError parameter (Rohan Lloyd)
- </li>
- <li>
- Serializable class warnings are downgraded to low priority for
- GUI classes
- </li>
- <li>
- MWN detector will only report calls to wait(), notify(), and
- notifyAll() methods that have the correct signature
- </li>
- <li>
- FindBugs works with latest CVS version of BCEL
- </li>
- <li>
- Zip and Jar files may be added to the source path
- </li>
- <li>
- The GUI will automatically find source files residing in analyzed
- Zip or Jar files
- </li>
- </ul>
-
- <p>
- Note that the version number jumped from 0.6.6 to 0.6.9; there
- were no 0.6.7 or 0.6.8 releases.
-
- </p>
- <p>
- Changes since version 0.6.9:
- </p>
- <ul>
- <li>
- Added -conserveSpace option to reduce memory use at the expense
- of analysis precision
- </li>
- <li>
- Bug fixes in findbugs.bat script: JAVA_HOME handling,
- autodetection of FINDBUGS_HOME, missing output with -textui
- </li>
- <li>
- Fixed NullPointerException when a missing class is encountered
- </li>
- </ul>
-
- <p>
- Changes since version 0.6.6:
-
- </p>
- <ul>
- <li>
- The null pointer dereference detector is more powerful
- </li>
- <li>
- Significantly improved heuristics and bug fixes in inconsistent
- synchronization detector
- </li>
- <li>
- Improved heuristics in open stream and dropped exception
- detectors; fewer false positives should be reported
- </li>
- <li>
- Save HTML summary in XML results files, rather than recomputing;
- this makes loading results in GUI much faster
- </li>
- <li>
- Report at most one String comparison using == or != per method
- </li>
- <li>
- The findbugs.bat script on Windows autodetects FINDBUGS_HOME, and
- doesn't open a DOS window when launching the GUI (contributed by
- TJSB)
- </li>
- <li>
- Emacs reporting format (contributed by David Li)
- </li>
- <li>
- Various bug fixes
- </li>
- </ul>
-
- <p>
- Changes since 0.6.5:
-
- </p>
- <ul>
- <li>
- Rewritten inconsistent synchronization detector; accuracy is
- significantly improved, and bug reports are prioritized
- </li>
- <li>
- New detector to find self assignment (x=x) of local variables
- (suggested by Jeff Martin)
- </li>
- <li>
- New detector to find calls to wait(), notify(), and notifyAll()
- on an object which is not obviously locked
- </li>
- <li>
- Open stream detector now reports Readers and Writers
- </li>
- <li>
- Fixed bug in finalizer idioms detector which caused spurious
- warnings about failure to call super.finalize() (reported by Jim
- Menard)
- </li>
- <li>
- Fixed bug where output stream was not closed using non-XML output
- (reported by Sigiswald Madou)
- </li>
- <li>
- Fixed corrupted HTML bug detail message (reported by Trevor
- Harmon)
- </li>
- </ul>
-
- <p>
- Changes since version 0.6.4:
-
- </p>
- <ul>
- <li>
- For redundant comparison of reference values, fixed false
- positives resulting from duplication of code in finally blocks
- </li>
- <li>
- Fixed false positives resulting from wrapped byte array streams
- left open
- </li>
- <li>
- Fixed bug in Ant task preventing output file from working
- properly if a relative path was used
- </li>
- </ul>
-
- <p>
- Changes since version 0.6.3:
-
- </p>
- <ul>
- <li>
- Fixed bug in Ant task where output would be corrupted, and added
- a
- <code>
- timeout
- </code>
- attribute
- </li>
- <li>
- Added -outputFile option to text UI, for explicitly specifying an
- output file
- </li>
- <li>
- GUI has a summary window, for statistics about overall bug
- densities (contributed by Mike Fagan)
- </li>
- <li>
- Find redundant comparisons of reference values
- </li>
- <li>
- More accurate detection of Strings compared with == and !=
- operators
- </li>
- <li>
- Detection of other reference types which should generally not be
- compared with == and != operators; Boolean, Integer, etc.
- </li>
- <li>
- Find non-transient non-serializable instance fields in
- Serializable classes
- </li>
- <li>
- Source code may be compiled with latest early access
- generics-enabled javac (version 2.2)
- </li>
- </ul>
-
- <p>
- Changes since version 0.6.2:
-
- </p>
- <ul>
- <li>
- GUI supports filtering bugs by priority
- </li>
- <li>
- Ant task rewritten; supports all functionality offered by Text UI
- (contributed by Mike Fagan)
- </li>
- <li>
- Ant task is fully documented in the manual
- </li>
- <li>
- Classes in nested archives are analyzed; this allows full support
- for analyzing .ear and .war files (contributed by Mike Fagan)
- </li>
- <li>
- DepthFirstSearch changed to use non-recursive implementation;
- this should fix the StackOverflowErrors that several users
- reported
- </li>
- <li>
- Various minor bugfixes and improvements
- </li>
- </ul>
-
- <p>
- Changes since version 0.6.1:
-
- </p>
- <ul>
- <li>
- New detector to look for useless control flow (suggested by
- Richard P. King and Mike Fagan)
- </li>
- <li>
- Look for places where return value of
- java.io.File.createNewFile() is ignored (suggested by Richard P.
- King)
- </li>
- <li>
- Fixed bug in resolution of source files (only the first source
- directory was searched)
- </li>
- <li>
- Fixed a NullPointerException in the bytecode pattern matching
- code
- </li>
- <li>
- Ant task supports project files (contributed by Mike Fagan)
- </li>
- <li>
- Unix findbugs script honors the
- <code>
- JAVA_HOME
- </code>
- environment variable (contributed by Pedro Morais)
- </li>
- <li>
- Allow .war and .ear files to be analyzed
- </li>
- </ul>
-
- <p>
- Changes since version 0.6.0:
-
- </p>
- <ul>
- <li>
- New bug pattern detector which looks for places where a null
- pointer might be dereferenced
- </li>
- <li>
- New bug pattern detector which looks for IO streams that are
- opened, do not escape the method, and are not closed on all paths
- out of the method
- </li>
- <li>
- New bug pattern detector to find methods that can return null
- instead of a zero-length array
- </li>
- <li>
- New bug pattern detector to find places where the == or !=
- operators are used to compare String objects
- </li>
- <li>
- Command line interface can save bugs as XML
- </li>
- <li>
- GUI can save bugs to and load bugs from XML
- </li>
- <li>
- An "Annotations" window in the GUI allows the user to add textual
- annotations to bug reports; these annotations are preserved when
- bugs are saved as XML
- </li>
- <li>
- In this release, the Japanese bug summary translations by Germano
- Leichsenring are really included (they were inadvertently omitted
- in the previous release)
- </li>
- <li>
- Completely rewrote the control flow graph builder, hopefully for
- the last time
- </li>
- <li>
- Simplified implementation of control flow graphs, which should
- reduce memory use and possibly improve performance
- </li>
- <li>
- Improvements to command line interface (list bug priorities,
- filter by priority, specify aux classpath, specify project to
- analyze)
- </li>
- <li>
- Various bug fixes and enhancements
- </li>
- </ul>
-
- <p>
- Changes since version 0.5.4
-
- </p>
- <ul>
- <li>
- Added an
- <a href="http://ant.apache.org/">Ant</a> task for FindBugs,
- contributed by Mike Fagan.
- </li>
- <li>
- Added a GUI dialog which allows individual bug pattern detectors
- to be enabled or disabled. Disabling certain slow detectors
- can greatly speed up analysis of large programs, at the expense
- of reducing the number of potential bugs found.
- </li>
- <li>
- Added a new detector for finding improperly ignored return values
- for methods such as
- <code>
- String.trim()
- </code>
- . Suggested by Andreas Mandel.
- </li>
- <li>
- Japanese translations of the bug summaries, contributed by
- Germano Leichsenring.
- </li>
- <li>
- Filtering of results is supported in command line interface. See
- the
- <a href="manual/index.html">FindBugs manual</a> for details.
- </li>
- <li>
- Added "byte code patterns", a general pattern matching
- infrastructure for bytecode instructions. This feature
- significantly reduces the complexity of implementing new bug
- pattern detectors.
- </li>
- <li>
- Enabled a new general dataflow analysis to track values in
- methods.
- </li>
- <li>
- Switched to new control-flow graph builder implementation.
- </li>
- </ul>
-
- <p>
- Changes since version 0.5.3
-
- </p>
- <ul>
- <li>
- Fixed a bug in the script used to launch FindBugs on Windows
- platforms.
- </li>
- <li>
- Fixed crashes when analyzing class files without source line
- information.
- </li>
- <li>
- All major errors are reported using an error dialog; file not
- found errors are more informative.
- </li>
- <li>
- Minor GUI improvements.
- </li>
- </ul>
-
- <p>
- Changes since version 0.5.2
-
- </p>
- <ul>
- <li>
- All of the source code and related files are in a single
- directory tree.
- </li>
- <li>
- Updated some of the detectors to produce source line information.
- </li>
- <li>
- <a href="http://ant.apache.org/">Ant</a> build script and several
- GUI enhancements and fixes contributed by Mike Fagan.
- </li>
- <li>
- Converted to use a
- <a href="AddingDetectors.txt">plugin architecture</a> for loading
- bug detectors.
- </li>
- <li>
- Eliminated generics-related compiler warnings.
- </li>
- <li>
- More complete documentation has been added.
- </li>
- </ul>
-
- <p>
- Changes since version 0.5.1:
- </p>
- <ul>
- <li>
- Fixed a large number of bugs in the BCEL Repository and
- FindBugs's use of the Repository. With these changes,
- FindBugs should
- <em>never</em> crash or otherwise misbehave because of Repository
- lookup failures. Because of these changes, you must use a
- modified version of
- <code>
- bcel.jar
- </code>
- with FindBugs. This jar file is included in the FindBugs
- 0.5.2 binary release. A complete patch containing the
- <a
- href="http://faculty.ycp.edu/~dhovemey/bcel-30-April-2003.patch">modifications
- against the BCEL CVS main branch as of April 30, 2003</a> is also
- available.
- </li>
- <li>
- Implemented the "auxiliary classpath entry list". Aux
- classpath entries can be added to a project to provide classes
- that are referenced by the analyzed application, but should not
- themselves be analyzed. Having all referenced classes
- available allows FindBugs to produce more accurate results.
- </li>
- </ul>
-
- <p>
- Changes since version 0.5.0:
- </p>
- <ul>
- <li>
- Many user interface bugs have been fixed.
- </li>
- <li>
- Upgraded to a recent CVS version of BCEL, with some bug
- fixes. This should prevent FindBugs from crashing when
- there is a failure to find a class on the classpath.
- </li>
- <li>
- Added support for Plastic look and feel from
- <a href="http://www.jgoodies.com/">jgoodies.com</a>.
- </li>
- <li>
- Major overhaul of infrastructure for doing dataflow analysis.
- </li>
- </ul>
-
-
+ <p>Changes since version 0.5.0:</p>
+ <ul>
+ <li>Many user interface bugs have been fixed.</li>
+ <li>Upgraded to a recent CVS version of BCEL, with some bug
+ fixes. This should prevent FindBugs from crashing when there
+ is a failure to find a class on the classpath.</li>
+ <li>Added support for Plastic look and feel from <a
+ href="http://www.jgoodies.com/">jgoodies.com</a>.
+ </li>
+ <li>Major overhaul of infrastructure for doing dataflow
+ analysis.</li>
+ </ul>
<hr> <p>
<script language="JavaScript" type="text/javascript">
<!---//hide script from old browsers
@@ -3540,11 +2800,11 @@
<p>
<A href="http://sourceforge.net"><IMG src="http://sourceforge.net/sflogo.php?group_id=96405&type=5" width="210" height="62" border="0" alt="SourceForge.net Logo" /></A>
- </td>
+ </td>
- </tr>
- </table>
+ </tr>
+ </table>
- </body>
+</body>
</html>
diff --git a/doc/FAQ.html b/doc/FAQ.html
index 6e20e85..d83b7ee 100644
--- a/doc/FAQ.html
+++ b/doc/FAQ.html
@@ -99,9 +99,9 @@
<pre>
java.lang.VerifyError: Cannot inherit from final class
- at java.lang.ClassLoader.defineClass0(Native Method)
- at java.lang.ClassLoader.defineClass(ClassLoader.java:537)
- ...
+ at java.lang.ClassLoader.defineClass0(Native Method)
+ at java.lang.ClassLoader.defineClass(ClassLoader.java:537)
+ ...
</pre>
<p> The problem here is that the wrong version of the
@@ -194,8 +194,8 @@
<p> The reason for this problem is that the Eclipse
plugin distributed with FindBugs
-does not work with 2.x versions of Eclipse.
-Please use Eclipse version 3.3 (June 2007) or newer.
+does not work with older 3.x versions of Eclipse.
+Please use Eclipse version 3.6 (June 2010) or newer.
<h2><a name="q6">Q6: I'm getting a lot of false "OS" and "ODR" warnings</a></h2>
@@ -214,26 +214,12 @@
<h2><a name="q7">Q7: The Eclipse plugin loads, but doesn't work correctly</a></h2>
-<p> In versions 0.0.6 and 0.0.7 of the FindBugs Eclipse plugin,
-which correspond to the 0.7.4 and 0.8.0 releases,
-bugs in the experimental SwitchFallthrough detector can prevent
-FindBugs from running properly within Eclipse.
+<p> Make sure the Java code you trying to analyze is built properly and has no
+classpath or compile errors.
-<p> To work around the problem, make sure that SwitchFallthrough
-is disabled in the FindBugs Properties of your project.
-Right click on your project, and choose "Properties".
-In the Properties dialog, choose "FindBugs",
-and disable the checkbox next to SwitchFallthrough.
+<p> Make sure the project and workspace FindBugs settings are valid - in doubt, revert them to defaults.
-<p> Another common problem with the Eclipse plugin is that
-the FindBugs warnings do not appear in the "Problems" view.
-Make sure that FindBugs warnings are enabled in the filters
-for this view. The Filters menu is accessible by
-clicking on the icon that looks like this:
-<blockquote>
-<img src="eclipse-filters-icon.png">
-</blockquote>
-Make sure the "FindBugs Problem" checkbox is enabled.
+<p> Make sure the Error log view does not show errors.
<h2><a name="q8">Q8: Where is the Maven plugin for FindBugs?</a></h2>
@@ -250,7 +236,7 @@
which bundles FindBugs, PMD and CheckStyle. Use the following
update site:
<a href="http://deadlock.netbeans.org/hudson/job/sqe/lastStableBuild/artifact/build/full-sqe-updatecenter/updates.xml
-">http://deadlock.netbeans.org/hudson/job/sqe/lastStableBuild/artifact/build/full-sqe-updatecenter/updates.xml</a>a>
+">http://deadlock.netbeans.org/hudson/job/sqe/lastStableBuild/artifact/build/full-sqe-updatecenter/updates.xml</a>
<p>Pease note that the SQE plugin is not maintained by the FindBugs developers,
so we can't answer questions about it.
</p>
diff --git a/doc/allBugDescriptions.html b/doc/allBugDescriptions.html
index f1cf159..a9e94e0 100644
--- a/doc/allBugDescriptions.html
+++ b/doc/allBugDescriptions.html
@@ -1,3 +1,4 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><title>FindBugs Bug Descriptions (Unabridged)</title>
<link rel="stylesheet" type="text/css" href="findbugs.css"/>
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon"/>
@@ -142,20 +143,22 @@
<tr bgcolor="#eeeeee"><td><a href="#SE_TRANSIENT_FIELD_NOT_RESTORED">Se: Transient field that isn't set by deserialization. </a></td><td>Bad practice</td></tr>
<tr bgcolor="#ffffff"><td><a href="#SE_NO_SERIALVERSIONID">SnVI: Class is Serializable, but doesn't define serialVersionUID</a></td><td>Bad practice</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UI_INHERITANCE_UNSAFE_GETRESOURCE">UI: Usage of GetResource may be unsafe if class is extended</a></td><td>Bad practice</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_CAST">BC: Impossible cast</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_DOWNCAST">BC: Impossible downcast</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY">BC: Impossible downcast of toArray() result</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_INSTANCEOF">BC: instanceof will always return false</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BIT_ADD_OF_SIGNED_BYTE">BIT: Bitwise add of signed byte value</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BIT_AND">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BIT_AND_ZZ">BIT: Check to see if ((...) & 0) == 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BIT_IOR">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BIT_IOR_OF_SIGNED_BYTE">BIT: Bitwise OR of signed byte value</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BOA_BADLY_OVERRIDDEN_ADAPTER">BOA: Class overrides a method implemented in super class Adapter wrongly</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range 0..31</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BAC_BAD_APPLET_CONSTRUCTOR">BAC: Bad Applet Constructor relies on uninitialized AppletStub</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_CAST">BC: Impossible cast</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_DOWNCAST">BC: Impossible downcast</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BC_IMPOSSIBLE_DOWNCAST_OF_TOARRAY">BC: Impossible downcast of toArray() result</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BC_IMPOSSIBLE_INSTANCEOF">BC: instanceof will always return false</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BIT_ADD_OF_SIGNED_BYTE">BIT: Bitwise add of signed byte value</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BIT_AND">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BIT_AND_ZZ">BIT: Check to see if ((...) & 0) == 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BIT_IOR">BIT: Incompatible bit masks</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BIT_IOR_OF_SIGNED_BYTE">BIT: Bitwise OR of signed byte value</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BOA_BADLY_OVERRIDDEN_ADAPTER">BOA: Class overrides a method implemented in super class Adapter wrongly</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range -31..31</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#DLS_OVERWRITTEN_INCREMENT">DLS: Overwritten increment</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#DMI_ARGUMENTS_WRONG_ORDER">DMI: Reversed method arguments</a></td><td>Correctness</td></tr>
@@ -187,106 +190,112 @@
<tr bgcolor="#ffffff"><td><a href="#EQ_OTHER_USE_OBJECT">Eq: equals() method defined that doesn't override Object.equals(Object)</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC">Eq: equals method overrides equals in superclass and may not be symmetric</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#EQ_SELF_USE_OBJECT">Eq: Covariant equals() method defined, Object.equals(Object) inherited</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#FB_MISSING_EXPECTED_WARNING">FB: Missing expected or desired warning from FindBugs</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#FB_UNEXPECTED_WARNING">FB: Unexpected/undesired warning from FindBugs</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER">FE: Doomed test for equality to NaN</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_ARGUMENT">FS: Format string placeholder incompatible with passed argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION">FS: The type of a supplied argument doesn't match format specifier</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED">FS: MessageFormat supplied where printf style format expected</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED">FS: More arguments are passed than are actually used in the format string</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_ILLEGAL">FS: Illegal format string</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_MISSING_ARGUMENT">FS: Format string references missing argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT">FS: No previous argument for format string</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#GC_UNRELATED_TYPES">GC: No relationship between generic parameter and method argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS">HE: Signature declares use of unhashable class in hashed construct</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#HE_USE_OF_UNHASHABLE_CLASS">HE: Use of class without a hashCode() method in a hashed data structure</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_INT_2_LONG_AS_INSTANT">ICAST: int value converted to long and used as absolute time</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: integral value cast to double and then passed to Math.ceil</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND">ICAST: int value cast to float and then passed to Math.round</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IJU_ASSERT_METHOD_INVOKED_FROM_RUN_METHOD">IJU: JUnit assertion in run method will not be noticed by JUnit</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IJU_BAD_SUITE_METHOD">IJU: TestCase declares a bad suite method </a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IJU_NO_TESTS">IJU: TestCase has no tests</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IJU_SETUP_NO_SUPER">IJU: TestCase defines setUp that doesn't call super.setUp()</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IJU_SUITE_NOT_STATIC">IJU: TestCase implements a non-static suite method </a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IJU_TEARDOWN_NO_SUPER">IJU: TestCase defines tearDown that doesn't call super.tearDown()</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IL_CONTAINER_ADDED_TO_ITSELF">IL: A collection is added to itself</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IL_INFINITE_LOOP">IL: An apparent infinite loop</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IL_INFINITE_RECURSIVE_LOOP">IL: An apparent infinite recursive loop</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IM_MULTIPLYING_RESULT_OF_IREM">IM: Integer multiply of result of integer remainder</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_INT_VALUE">INT: Bad comparison of int value with long constant</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_SIGNED_BYTE">INT: Bad comparison of signed byte</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IO_APPENDING_TO_OBJECT_OUTPUT_STREAM">IO: Doomed attempt to append to an object output stream</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IP_PARAMETER_IS_DEAD_BUT_OVERWRITTEN">IP: A parameter is dead upon entry to a method but overwritten</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#MF_CLASS_MASKS_FIELD">MF: Class defines field that masks a superclass field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#MF_METHOD_MASKS_FIELD">MF: Method defines a variable that obscures a field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_ALWAYS_NULL">NP: Null pointer dereference</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_ALWAYS_NULL_EXCEPTION">NP: Null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_ARGUMENT_MIGHT_BE_NULL">NP: Method does not check for null argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_CLOSING_NULL">NP: close() invoked on a value that is always null</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_GUARANTEED_DEREF">NP: Null value is guaranteed to be dereferenced</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH">NP: Value is null and guaranteed to be dereferenced on exception path</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Nonnull field is not initialized</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a nonnull parameter </a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @NonNull</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_INSTANCEOF">NP: A known null value is checked to see if it is an instance of a type</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH">NP: Possible null pointer dereference</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_EXCEPTION">NP: Possible null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated NonNull</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_UNWRITTEN_FIELD">NP: Read of unwritten field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NM_BAD_EQUAL">Nm: Class defines equal(Object); should it be equals(Object)?</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NM_LCASE_HASHCODE">Nm: Class defines hashcode(); should it be hashCode()?</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NM_LCASE_TOSTRING">Nm: Class defines tostring(); should it be toString()?</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NM_METHOD_CONSTRUCTOR_CONFUSION">Nm: Apparent method/constructor confusion</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NM_VERY_CONFUSING">Nm: Very confusing method names</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NM_WRONG_PACKAGE">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT">QBA: Method assigns boolean literal in boolean expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RC_REF_COMPARISON">RC: Suspicious reference comparison</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE">RCN: Nullcheck of value previously dereferenced</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION">RE: Invalid syntax for regular expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION">RE: File.separator used for regular expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." used for regular expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_01_TO_INT">RV: Random value from 0 to 1 is coerced to the integer 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_ABSOLUTE_VALUE_OF_HASHCODE">RV: Bad attempt to compute absolute value of signed 32-bit hashcode </a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_ABSOLUTE_VALUE_OF_RANDOM_INT">RV: Bad attempt to compute absolute value of signed random integer</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE">RV: Code checks for specific values returned by compareTo</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_EXCEPTION_NOT_THROWN">RV: Exception created and dropped rather than thrown</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED">RV: Method ignores return value</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RpC_REPEATED_CONDITIONAL_TEST">RpC: Repeated conditional tests</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_ASSIGNMENT">SA: Self assignment of field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_COMPARISON">SA: Self comparison of field with itself</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_COMPUTATION">SA: Nonsensical self computation involving a field (e.g., x & x)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD">SA: Self assignment of local rather than assignment to field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_COMPARISON">SA: Self comparison of value with itself</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_COMPUTATION">SA: Nonsensical self computation involving a variable (e.g., x & x)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH">SF: Dead store due to switch statement fall through</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW">SF: Dead store due to switch statement fall through to throw</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SIC_THREADLOCAL_DEADLY_EMBRACE">SIC: Deadly embrace of non-static inner class and thread local</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SIO_SUPERFLUOUS_INSTANCEOF">SIO: Unnecessary type check done using instanceof operator</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SQL_BAD_PREPARED_STATEMENT_ACCESS">SQL: Method attempts to access a prepared statement parameter with index 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SQL_BAD_RESULTSET_ACCESS">SQL: Method attempts to access a result set field with index 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#STI_INTERRUPTED_ON_CURRENTTHREAD">STI: Unneeded use of currentThread() call, to call interrupted() </a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#STI_INTERRUPTED_ON_UNKNOWNTHREAD">STI: Static Thread.interrupted() method invoked on thread instance</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SE_METHOD_MUST_BE_PRIVATE">Se: Method must be private in order for serialization to work</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SE_READ_RESOLVE_IS_STATIC">Se: The readResolve method must not be declared as a static method. </a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED">TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ: Comparing values with incompatible type qualifiers</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED">TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#FL_MATH_USING_FLOAT_PRECISION">FL: Method performs math using floating point precision</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_ARGUMENT">FS: Format string placeholder incompatible with passed argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION">FS: The type of a supplied argument doesn't match format specifier</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED">FS: MessageFormat supplied where printf style format expected</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED">FS: More arguments are passed than are actually used in the format string</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_ILLEGAL">FS: Illegal format string</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_MISSING_ARGUMENT">FS: Format string references missing argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT">FS: No previous argument for format string</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#GC_UNRELATED_TYPES">GC: No relationship between generic parameter and method argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS">HE: Signature declares use of unhashable class in hashed construct</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#HE_USE_OF_UNHASHABLE_CLASS">HE: Use of class without a hashCode() method in a hashed data structure</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_INT_2_LONG_AS_INSTANT">ICAST: int value converted to long and used as absolute time</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: Integral value cast to double and then passed to Math.ceil</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND">ICAST: int value cast to float and then passed to Math.round</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IJU_ASSERT_METHOD_INVOKED_FROM_RUN_METHOD">IJU: JUnit assertion in run method will not be noticed by JUnit</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IJU_BAD_SUITE_METHOD">IJU: TestCase declares a bad suite method </a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IJU_NO_TESTS">IJU: TestCase has no tests</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IJU_SETUP_NO_SUPER">IJU: TestCase defines setUp that doesn't call super.setUp()</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IJU_SUITE_NOT_STATIC">IJU: TestCase implements a non-static suite method </a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IJU_TEARDOWN_NO_SUPER">IJU: TestCase defines tearDown that doesn't call super.tearDown()</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IL_CONTAINER_ADDED_TO_ITSELF">IL: A collection is added to itself</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IL_INFINITE_LOOP">IL: An apparent infinite loop</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IL_INFINITE_RECURSIVE_LOOP">IL: An apparent infinite recursive loop</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IM_MULTIPLYING_RESULT_OF_IREM">IM: Integer multiply of result of integer remainder</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_INT_VALUE">INT: Bad comparison of int value with long constant</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_SIGNED_BYTE">INT: Bad comparison of signed byte</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IO_APPENDING_TO_OBJECT_OUTPUT_STREAM">IO: Doomed attempt to append to an object output stream</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IP_PARAMETER_IS_DEAD_BUT_OVERWRITTEN">IP: A parameter is dead upon entry to a method but overwritten</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#MF_CLASS_MASKS_FIELD">MF: Class defines field that masks a superclass field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#MF_METHOD_MASKS_FIELD">MF: Method defines a variable that obscures a field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_ALWAYS_NULL">NP: Null pointer dereference</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_ALWAYS_NULL_EXCEPTION">NP: Null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_ARGUMENT_MIGHT_BE_NULL">NP: Method does not check for null argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_CLOSING_NULL">NP: close() invoked on a value that is always null</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_GUARANTEED_DEREF">NP: Null value is guaranteed to be dereferenced</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH">NP: Value is null and guaranteed to be dereferenced on exception path</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Nonnull field is not initialized</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a nonnull parameter </a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @NonNull</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_INSTANCEOF">NP: A known null value is checked to see if it is an instance of a type</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH">NP: Possible null pointer dereference</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_EXCEPTION">NP: Possible null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated NonNull</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_UNWRITTEN_FIELD">NP: Read of unwritten field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NM_BAD_EQUAL">Nm: Class defines equal(Object); should it be equals(Object)?</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NM_LCASE_HASHCODE">Nm: Class defines hashcode(); should it be hashCode()?</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NM_LCASE_TOSTRING">Nm: Class defines tostring(); should it be toString()?</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NM_METHOD_CONSTRUCTOR_CONFUSION">Nm: Apparent method/constructor confusion</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NM_VERY_CONFUSING">Nm: Very confusing method names</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NM_WRONG_PACKAGE">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT">QBA: Method assigns boolean literal in boolean expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RC_REF_COMPARISON">RC: Suspicious reference comparison</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE">RCN: Nullcheck of value previously dereferenced</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION">RE: Invalid syntax for regular expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION">RE: File.separator used for regular expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." or "|" used for regular expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_01_TO_INT">RV: Random value from 0 to 1 is coerced to the integer 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_ABSOLUTE_VALUE_OF_HASHCODE">RV: Bad attempt to compute absolute value of signed 32-bit hashcode </a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_ABSOLUTE_VALUE_OF_RANDOM_INT">RV: Bad attempt to compute absolute value of signed random integer</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE">RV: Code checks for specific values returned by compareTo</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_EXCEPTION_NOT_THROWN">RV: Exception created and dropped rather than thrown</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED">RV: Method ignores return value</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RpC_REPEATED_CONDITIONAL_TEST">RpC: Repeated conditional tests</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_ASSIGNMENT">SA: Self assignment of field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_COMPARISON">SA: Self comparison of field with itself</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_COMPUTATION">SA: Nonsensical self computation involving a field (e.g., x & x)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD">SA: Self assignment of local rather than assignment to field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_COMPARISON">SA: Self comparison of value with itself</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_COMPUTATION">SA: Nonsensical self computation involving a variable (e.g., x & x)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH">SF: Dead store due to switch statement fall through</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW">SF: Dead store due to switch statement fall through to throw</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SIC_THREADLOCAL_DEADLY_EMBRACE">SIC: Deadly embrace of non-static inner class and thread local</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SIO_SUPERFLUOUS_INSTANCEOF">SIO: Unnecessary type check done using instanceof operator</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SQL_BAD_PREPARED_STATEMENT_ACCESS">SQL: Method attempts to access a prepared statement parameter with index 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SQL_BAD_RESULTSET_ACCESS">SQL: Method attempts to access a result set field with index 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#STI_INTERRUPTED_ON_CURRENTTHREAD">STI: Unneeded use of currentThread() call, to call interrupted() </a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#STI_INTERRUPTED_ON_UNKNOWNTHREAD">STI: Static Thread.interrupted() method invoked on thread instance</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SE_METHOD_MUST_BE_PRIVATE">Se: Method must be private in order for serialization to work</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SE_READ_RESOLVE_IS_STATIC">Se: The readResolve method must not be declared as a static method. </a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED">TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ: Comparing values with incompatible type qualifiers</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED">TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ: Value without a type qualifier used where a value is required to have that qualifier</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS">UMAC: Uncallable method defined in anonymous class</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#UR_UNINIT_READ">UR: Uninitialized read of field in constructor</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR">UR: Uninitialized read of field method called from constructor of superclass</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an array</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an unnamed array</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#DMI_INVOKING_TOSTRING_ON_ARRAY">USELESS_STRING: Invocation of toString on an array</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_FROM_ARRAY">USELESS_STRING: Array formatted in useless way using format string</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UWF_NULL_FIELD">UwF: Field only ever set to null</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#UWF_UNWRITTEN_FIELD">UwF: Unwritten field</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#VA_PRIMITIVE_ARRAY_PASSED_TO_OBJECT_VARARG">VA: Primitive array passed to function expecting a variable number of object arguments</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE">LG: Potential lost logger changes due to weak reference in OpenJDK</a></td><td>Experimental</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#OBL_UNSATISFIED_OBLIGATION">OBL: Method may fail to clean up stream or resource</a></td><td>Experimental</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE">OBL: Method may fail to clean up stream or resource on checked exception</a></td><td>Experimental</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VR_UNRESOLVABLE_REFERENCE">VR: Class makes reference to unresolvable class or method</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE">LG: Potential lost logger changes due to weak reference in OpenJDK</a></td><td>Experimental</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#OBL_UNSATISFIED_OBLIGATION">OBL: Method may fail to clean up stream or resource</a></td><td>Experimental</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE">OBL: Method may fail to clean up stream or resource on checked exception</a></td><td>Experimental</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TESTING">TEST: Testing</a></td><td>Experimental</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#DM_CONVERT_CASE">Dm: Consider using Locale parameterized version of invoked method</a></td><td>Internationalization</td></tr>
<tr bgcolor="#ffffff"><td><a href="#DM_DEFAULT_ENCODING">Dm: Reliance on default encoding</a></td><td>Internationalization</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED">DP: Classloaders should only be created inside doPrivileged block</a></td><td>Malicious code vulnerability</td></tr>
@@ -349,22 +358,28 @@
<tr bgcolor="#ffffff"><td><a href="#WS_WRITEOBJECT_SYNC">WS: Class's writeObject() method is synchronized but nothing else is</a></td><td>Multithreaded correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#WA_AWAIT_NOT_IN_LOOP">Wa: Condition.await() not in loop </a></td><td>Multithreaded correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#WA_NOT_IN_LOOP">Wa: Wait not in loop </a></td><td>Multithreaded correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NOISE_FIELD_REFERENCE">NOISE: Bogus warning about a field reference</a></td><td>Bogus random noise</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NOISE_METHOD_CALL">NOISE: Bogus warning about a method call</a></td><td>Bogus random noise</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NOISE_NULL_DEREFERENCE">NOISE: Bogus warning about a null pointer dereference</a></td><td>Bogus random noise</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NOISE_OPERATION">NOISE: Bogus warning about an operation</a></td><td>Bogus random noise</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#BX_BOXING_IMMEDIATELY_UNBOXED">Bx: Primitive value is boxed and then immediately unboxed</a></td><td>Performance</td></tr>
<tr bgcolor="#ffffff"><td><a href="#BX_BOXING_IMMEDIATELY_UNBOXED_TO_PERFORM_COERCION">Bx: Primitive value is boxed then unboxed to perform primitive coercion</a></td><td>Performance</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#BX_UNBOXING_IMMEDIATELY_REBOXED">Bx: Boxed value is unboxed and then immediately reboxed</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_FP_NUMBER_CTOR">Bx: Method invokes inefficient floating-point Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_NUMBER_CTOR">Bx: Method invokes inefficient Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_BLOCKING_METHODS_ON_URL">Dm: The equals and hashCode methods of URL are blocking</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_COLLECTION_OF_URLS">Dm: Maps and sets of URLs can be performance hogs</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_BOOLEAN_CTOR">Dm: Method invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_GC">Dm: Explicit garbage collection; extremely dubious except in benchmarking code</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_NEW_FOR_GETCLASS">Dm: Method allocates an object, only to get the class object</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_NEXTINT_VIA_NEXTDOUBLE">Dm: Use the nextInt method of Random rather than nextDouble to generate a random integer</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_CTOR">Dm: Method invokes inefficient new String(String) constructor</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_STRING_TOSTRING">Dm: Method invokes toString() method on a String</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_VOID_CTOR">Dm: Method invokes inefficient new String() constructor</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#HSC_HUGE_SHARED_STRING_CONSTANT">HSC: Huge string constants is duplicated across multiple class files</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_BOXED_PRIMITIVE_FOR_PARSING">Bx: Boxing/unboxing to parse a primitive</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_FP_NUMBER_CTOR">Bx: Method invokes inefficient floating-point Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_NUMBER_CTOR">Bx: Method invokes inefficient Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_BLOCKING_METHODS_ON_URL">Dm: The equals and hashCode methods of URL are blocking</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_COLLECTION_OF_URLS">Dm: Maps and sets of URLs can be performance hogs</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_BOOLEAN_CTOR">Dm: Method invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_GC">Dm: Explicit garbage collection; extremely dubious except in benchmarking code</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_NEW_FOR_GETCLASS">Dm: Method allocates an object, only to get the class object</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_NEXTINT_VIA_NEXTDOUBLE">Dm: Use the nextInt method of Random rather than nextDouble to generate a random integer</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_STRING_CTOR">Dm: Method invokes inefficient new String(String) constructor</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_TOSTRING">Dm: Method invokes toString() method on a String</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_STRING_VOID_CTOR">Dm: Method invokes inefficient new String() constructor</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#HSC_HUGE_SHARED_STRING_CONSTANT">HSC: Huge string constants is duplicated across multiple class files</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IMA_INEFFICIENT_MEMBER_ACCESS">IMA: Method accesses a private member variable of owning class</a></td><td>Performance</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#ITA_INEFFICIENT_TO_ARRAY">ITA: Method uses toArray() with zero-length array argument</a></td><td>Performance</td></tr>
<tr bgcolor="#ffffff"><td><a href="#SBSC_USE_STRINGBUFFER_CONCATENATION">SBSC: Method concatenates strings using + in a loop</a></td><td>Performance</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#SIC_INNER_SHOULD_BE_STATIC">SIC: Should be a static inner class</a></td><td>Performance</td></tr>
@@ -393,24 +408,26 @@
<tr bgcolor="#ffffff"><td><a href="#BC_UNCONFIRMED_CAST_OF_RETURN_VALUE">BC: Unchecked/unconfirmed cast of return value from method</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#BC_VACUOUS_INSTANCEOF">BC: instanceof will always return true</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT">BSHIFT: Unsigned right shift cast to short/byte</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DB_DUPLICATE_BRANCHES">DB: Method uses the same code for two branches</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DB_DUPLICATE_SWITCH_CLAUSES">DB: Method uses the same code for two switch clauses</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE">DLS: Dead store to local variable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_IN_RETURN">DLS: Useless assignment in return statement</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_OF_NULL">DLS: Dead store of null to local variable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD">DLS: Dead store to local variable that shadows field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_HARDCODED_ABSOLUTE_FILENAME">DMI: Code contains a hard coded reference to an absolute pathname</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_NONSERIALIZABLE_OBJECT_WRITTEN">DMI: Non serializable object written to ObjectOutput</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_USELESS_SUBSTRING">DMI: Invocation of substring(0), which returns the original value</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED">Dm: Thread passed where Runnable expected</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#CD_CIRCULAR_DEPENDENCY">CD: Test for circular dependencies among classes</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DB_DUPLICATE_BRANCHES">DB: Method uses the same code for two branches</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DB_DUPLICATE_SWITCH_CLAUSES">DB: Method uses the same code for two switch clauses</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE">DLS: Dead store to local variable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_IN_RETURN">DLS: Useless assignment in return statement</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_OF_NULL">DLS: Dead store of null to local variable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD">DLS: Dead store to local variable that shadows field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_HARDCODED_ABSOLUTE_FILENAME">DMI: Code contains a hard coded reference to an absolute pathname</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_NONSERIALIZABLE_OBJECT_WRITTEN">DMI: Non serializable object written to ObjectOutput</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_USELESS_SUBSTRING">DMI: Invocation of substring(0), which returns the original value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED">Dm: Thread passed where Runnable expected</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_UNSUPPORTED_METHOD">Dm: Call to unsupported method</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#EQ_DOESNT_OVERRIDE_EQUALS">Eq: Class doesn't override equals in superclass</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#EQ_UNUSUAL">Eq: Unusual equals method </a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#FE_FLOATING_POINT_EQUALITY">FE: Test for floating point equality</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN">FS: Non-Boolean argument formatted using %b format specifier</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Ambiguous invocation of either an inherited or outer method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#IC_INIT_CIRCULARITY">IC: Initialization circularity</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_IDIV_CAST_TO_DOUBLE">ICAST: integral division result cast to double or float</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#ICAST_IDIV_CAST_TO_DOUBLE">ICAST: Integral division result cast to double or float</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#ICAST_INTEGER_MULTIPLY_CAST_TO_LONG">ICAST: Result of integer multiplication cast to long</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#IM_BAD_CHECK_FOR_ODD">IM: Check for oddness that won't work for negative numbers </a></td><td>Dodgy code</td></tr>
@@ -422,42 +439,47 @@
<tr bgcolor="#eeeeee"><td><a href="#NP_DEREFERENCE_OF_READLINE_VALUE">NP: Dereference of the result of readLine() without nullcheck</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#NP_IMMEDIATE_DEREFERENCE_OF_READLINE">NP: Immediate dereference of the result of readLine()</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#NP_LOAD_OF_KNOWN_NULL_VALUE">NP: Load of known null value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP: Method tightens nullness annotation on parameter</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE">NP: Possible null pointer dereference on branch that might be infeasible</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be nonnull but is marked as nullable</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#NP_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">NP: Read of unwritten public or protected field</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#ffffff"><td><a href="#NS_DANGEROUS_NON_SHORT_CIRCUIT">NS: Potentially dangerous use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#NS_NON_SHORT_CIRCUIT">NS: Questionable use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#QF_QUESTIONABLE_FOR_LOOP">QF: Complicated, subtle or wrong increment in for-loop </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE">RCN: Redundant comparison of non-null value to null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES">RCN: Redundant comparison of two null values</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE">RCN: Redundant nullcheck of value known to be non-null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN: Redundant nullcheck of value known to be null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#REC_CATCH_EXCEPTION">REC: Exception is caught when Exception is not thrown</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_CHECK_FOR_POSITIVE_INDEXOF">RV: Method checks to see if result of String.indexOf is positive</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is nonnull</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_REM_OF_HASHCODE">RV: Remainder of hashCode could be negative</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_REM_OF_RANDOM_INT">RV: Remainder of 32-bit signed random integer</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED_INFERRED">RV: Method ignores return value, is this OK?</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_DOUBLE_ASSIGNMENT">SA: Double assignment of field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_DOUBLE_ASSIGNMENT">SA: Double assignment of local variable </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT">SA: Self assignment of local variable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SF_SWITCH_FALLTHROUGH">SF: Switch statement found where one case falls through to the next case</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SF_SWITCH_NO_DEFAULT">SF: Switch statement found where default case is missing</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: private readResolve method not inherited by subclasses</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS">Se: Transient field of class that isn't Serializable. </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value required to have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value required to not have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UCF_USELESS_CONTROL_FLOW_NEXT_LINE">UCF: Useless control flow to next line</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD">UuF: Unused public or protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">UwF: Field not initialized in constructor but dereferenced without null check</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">UwF: Unwritten public or protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#XFB_XML_FACTORY_BYPASS">XFB: Method directly allocates a specific implementation of xml interfaces</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#PS_PUBLIC_SEMAPHORES">PS: Class exposes synchronization and semaphores in its public interface</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#QF_QUESTIONABLE_FOR_LOOP">QF: Complicated, subtle or wrong increment in for-loop </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE">RCN: Redundant comparison of non-null value to null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES">RCN: Redundant comparison of two null values</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE">RCN: Redundant nullcheck of value known to be non-null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN: Redundant nullcheck of value known to be null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#REC_CATCH_EXCEPTION">REC: Exception is caught when Exception is not thrown</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_CHECK_FOR_POSITIVE_INDEXOF">RV: Method checks to see if result of String.indexOf is positive</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is nonnull</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_REM_OF_HASHCODE">RV: Remainder of hashCode could be negative</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_REM_OF_RANDOM_INT">RV: Remainder of 32-bit signed random integer</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED_INFERRED">RV: Method ignores return value, is this OK?</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_DOUBLE_ASSIGNMENT">SA: Double assignment of field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_DOUBLE_ASSIGNMENT">SA: Double assignment of local variable </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT">SA: Self assignment of local variable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SF_SWITCH_FALLTHROUGH">SF: Switch statement found where one case falls through to the next case</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SF_SWITCH_NO_DEFAULT">SF: Switch statement found where default case is missing</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: Private readResolve method not inherited by subclasses</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS">Se: Transient field of class that isn't Serializable. </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value required to have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value required to not have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UCF_USELESS_CONTROL_FLOW_NEXT_LINE">UCF: Useless control flow to next line</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#USM_USELESS_ABSTRACT_METHOD">USM: Abstract Method is already defined in implemented interface</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#USM_USELESS_SUBCLASS_METHOD">USM: Method superfluously delegates to parent class method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD">UuF: Unused public or protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">UwF: Field not initialized in constructor but dereferenced without null check</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">UwF: Unwritten public or protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#XFB_XML_FACTORY_BYPASS">XFB: Method directly allocates a specific implementation of xml interfaces</a></td><td>Dodgy code</td></tr>
</table>
<h2>Descriptions</h2>
<h3><a name="AM_CREATES_EMPTY_JAR_FILE_ENTRY">AM: Creates an empty jar file entry (AM_CREATES_EMPTY_JAR_FILE_ENTRY)</a></h3>
@@ -495,9 +517,9 @@
<h3><a name="BIT_SIGNED_CHECK">BIT: Check for sign of bitwise operation (BIT_SIGNED_CHECK)</a></h3>
-<p> This method compares an expression such as
+<p> This method compares an expression such as</p>
<pre>((event.detail & SWT.SELECTED) > 0)</pre>.
-Using bit arithmetic and then comparing with the greater than operator can
+<p>Using bit arithmetic and then comparing with the greater than operator can
lead to unexpected results (of course depending on the value of
SWT.SELECTED). If SWT.SELECTED is a negative number, this is a candidate
for a bug. Even when SWT.SELECTED is not negative, it seems good practice
@@ -664,15 +686,15 @@
(i.e., a class that is neither a supertype nor subtype of the class that defines
the equals method). For example, the Foo class might have an equals method
that looks like:
-
-<p><code><pre>
+</p>
+<pre>
public boolean equals(Object o) {
if (o instanceof Foo)
return name.equals(((Foo)o).name);
else if (o instanceof String)
return name.equals(o);
else return false;
-</pre></code></p>
+</pre>
<p>This is considered bad practice, as it makes it very hard to implement an equals method that
is symmetric and transitive. Without those properties, very unexpected behavoirs are possible.
@@ -846,10 +868,10 @@
than simple reference equality.)</p>
<p>If you don't think instances of this class will ever be inserted into a HashMap/HashTable,
the recommended <code>hashCode</code> implementation to use is:</p>
-<p><pre>public int hashCode() {
+<pre>public int hashCode() {
assert false : "hashCode not designed";
return 42; // any arbitrary constant will do
- }</pre></p>
+ }</pre>
<h3><a name="HE_INHERITS_EQUALS_USE_HASHCODE">HE: Class inherits equals() and uses Object.hashCode() (HE_INHERITS_EQUALS_USE_HASHCODE)</a></h3>
@@ -924,8 +946,8 @@
<h3><a name="JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS">JCIP: Fields of immutable classes should be final (JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS)</a></h3>
- <p> The class is annotated with net.jcip.annotations.Immutable, and the rules for that annotation require
-that all fields are final.
+ <p> The class is annotated with net.jcip.annotations.Immutable or javax.annotation.concurrent.Immutable,
+ and the rules for those annotations require that all fields are final.
.</p>
@@ -1391,6 +1413,16 @@
another package.</p>
+<h3><a name="BAC_BAD_APPLET_CONSTRUCTOR">BAC: Bad Applet Constructor relies on uninitialized AppletStub (BAC_BAD_APPLET_CONSTRUCTOR)</a></h3>
+
+
+<p>
+This constructor calls methods in the parent Applet that rely on the AppletStub. Since the AppletStub
+isn't initialized until the init() method of this applet is called, these methods will not perform
+correctly.
+</p>
+
+
<h3><a name="BC_IMPOSSIBLE_CAST">BC: Impossible cast (BC_IMPOSSIBLE_CAST)</a></h3>
@@ -1422,7 +1454,7 @@
<p>
This code is casting the result of calling <code>toArray()</code> on a collection
-to a type more specific than <code>Object[]</code>, as in:
+to a type more specific than <code>Object[]</code>, as in:</p>
<pre>
String[] getAsArray(Collection<String> c) {
return (String[]) c.toArray();
@@ -1543,9 +1575,9 @@
<h3><a name="BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation (BIT_SIGNED_CHECK_HIGH_BIT)</a></h3>
-<p> This method compares an expression such as
+<p> This method compares an expression such as</p>
<pre>((event.detail & SWT.SELECTED) > 0)</pre>.
-Using bit arithmetic and then comparing with the greater than operator can
+<p>Using bit arithmetic and then comparing with the greater than operator can
lead to unexpected results (of course depending on the value of
SWT.SELECTED). If SWT.SELECTED is a negative number, this is a candidate
for a bug. Even when SWT.SELECTED is not negative, it seems good practice
@@ -1564,12 +1596,12 @@
get called when the event occurs.</p>
-<h3><a name="ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range 0..31 (ICAST_BAD_SHIFT_AMOUNT)</a></h3>
+<h3><a name="ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range -31..31 (ICAST_BAD_SHIFT_AMOUNT)</a></h3>
<p>
The code performs shift of a 32 bit int by a constant amount outside
-the range 0..31.
+the range -31..31.
The effect of this is to use the lower 5 bits of the integer
value to decide how much to shift by (e.g., shifting by 40 bits is the same as shifting by 8 bits,
and shifting by 32 bits is the same as shifting by zero bits). This probably isn't what was expected,
@@ -1601,6 +1633,16 @@
So just return -1 rather than Integer.MIN_VALUE.
+<h3><a name="DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement (DLS_DEAD_LOCAL_INCREMENT_IN_RETURN)</a></h3>
+
+
+<p>This statement has a return such as <code>return x++;</code>.
+A postfix increment/decrement does not impact the value of the expression,
+so this increment/decrement has no effect.
+Please verify that this statement does the right thing.
+</p>
+
+
<h3><a name="DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal (DLS_DEAD_STORE_OF_CLASS_LITERAL)</a></h3>
@@ -1862,11 +1904,10 @@
<p> This class defines an equals method that always returns false. This means that an object is not equal to itself, and it is impossible to create useful Maps or Sets of this class. More fundamentally, it means
that equals is not reflexive, one of the requirements of the equals method.</p>
<p>The likely intended semantics are object identity: that an object is equal to itself. This is the behavior inherited from class <code>Object</code>. If you need to override an equals inherited from a different
-superclass, you can use use:
+superclass, you can use use:</p>
<pre>
public boolean equals(Object o) { return this == o; }
</pre>
-</p>
<h3><a name="EQ_ALWAYS_TRUE">Eq: equals method always returns true (EQ_ALWAYS_TRUE)</a></h3>
@@ -1941,6 +1982,20 @@
</p>
+<h3><a name="FB_MISSING_EXPECTED_WARNING">FB: Missing expected or desired warning from FindBugs (FB_MISSING_EXPECTED_WARNING)</a></h3>
+
+
+ <p>FindBugs didn't generate generated a warning that, according to a @ExpectedWarning annotated,
+ is expected or desired</p>
+
+
+<h3><a name="FB_UNEXPECTED_WARNING">FB: Unexpected/undesired warning from FindBugs (FB_UNEXPECTED_WARNING)</a></h3>
+
+
+ <p>FindBugs generated a warning that, according to a @NoWarning annotated,
+ is unexpected or undesired</p>
+
+
<h3><a name="FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER">FE: Doomed test for equality to NaN (FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER)</a></h3>
@@ -1958,6 +2013,15 @@
</p>
+<h3><a name="FL_MATH_USING_FLOAT_PRECISION">FL: Method performs math using floating point precision (FL_MATH_USING_FLOAT_PRECISION)</a></h3>
+
+
+<p>
+ The method performs math operations using floating point precision.
+ Floating point precision is very imprecise. For example,
+ 16777216.0f + 1.0f = 16777216.0f. Consider using double math instead.</p>
+
+
<h3><a name="VA_FORMAT_STRING_BAD_ARGUMENT">FS: Format string placeholder incompatible with passed argument (VA_FORMAT_STRING_BAD_ARGUMENT)</a></h3>
@@ -1996,7 +2060,6 @@
is required. At runtime, all of the arguments will be ignored
and the format string will be returned exactly as provided without any formatting.
</p>
-</p>
<h3><a name="VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED">FS: More arguments are passed than are actually used in the format string (VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED)</a></h3>
@@ -2120,7 +2183,7 @@
</pre>
-<h3><a name="ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: integral value cast to double and then passed to Math.ceil (ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL)</a></h3>
+<h3><a name="ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: Integral value cast to double and then passed to Math.ceil (ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL)</a></h3>
<p>
@@ -2168,11 +2231,10 @@
<p> Class is a JUnit TestCase and defines a suite() method.
-However, the suite method needs to be declared as either
+However, the suite method needs to be declared as either</p>
<pre>public static junit.framework.Test suite()</pre>
or
<pre>public static junit.framework.TestSuite suite()</pre>
-</p>
<h3><a name="IJU_NO_TESTS">IJU: TestCase has no tests (IJU_NO_TESTS)</a></h3>
@@ -2354,7 +2416,7 @@
(except on forward paths involving runtime exceptions).
</p>
<p>Note that a check such as
- <code>if (x == null) throw new NullPointerException();</code
+ <code>if (x == null) throw new NullPointerException();</code>
is treated as a dereference of <code>x</code>.
@@ -2609,16 +2671,17 @@
</p>
-<h3><a name="RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." used for regular expression (RE_POSSIBLE_UNINTENDED_PATTERN)</a></h3>
+<h3><a name="RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." or "|" used for regular expression (RE_POSSIBLE_UNINTENDED_PATTERN)</a></h3>
<p>
-A String function is being invoked and "." is being passed
+A String function is being invoked and "." or "|" is being passed
to a parameter that takes a regular expression as an argument. Is this what you intended?
For example
-s.replaceAll(".", "/") will return a String in which <em>every</em>
-character has been replaced by a / character,
-and s.split(".") <em>always</em> returns a zero length array of String.
+<li>s.replaceAll(".", "/") will return a String in which <em>every</em> character has been replaced by a '/' character
+<li>s.split(".") <em>always</em> returns a zero length array of String
+<li>"ab|cd".replaceAll("|", "/") will return "/a/b/|/c/d/"
+<li>"ab|cd".split("|") will return array with six (!) elements: [, a, b, |, c, d]
</p>
@@ -2967,6 +3030,23 @@
</p>
+<h3><a name="TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ: Value without a type qualifier used where a value is required to have that qualifier (TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED)</a></h3>
+
+
+ <p>
+ A value is being used in a way that requires the value be annotation with a type qualifier.
+ The type qualifier is strict, so the tool rejects any values that do not have
+ the appropriate annotation.
+ </p>
+
+ <p>
+ To coerce a value to have a strict annotation, define an identity function where the return value is annotated
+ with the strict annotation.
+ This is the only way to turn a non-annotated value into a value with a strict type qualifier annotation.
+ </p>
+
+
+
<h3><a name="UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS">UMAC: Uncallable method defined in anonymous class (UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS)</a></h3>
@@ -3017,7 +3097,7 @@
</p>
-<h3><a name="DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an array (DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY)</a></h3>
+<h3><a name="DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an unnamed array (DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY)</a></h3>
<p>
@@ -3072,6 +3152,15 @@
</p>
+<h3><a name="VR_UNRESOLVABLE_REFERENCE">VR: Class makes reference to unresolvable class or method (VR_UNRESOLVABLE_REFERENCE)</a></h3>
+
+
+ <p>
+ This class makes a reference to a class or method that can not be
+ resolved using against the libraries it is being analyzed with.
+ </p>
+
+
<h3><a name="LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE">LG: Potential lost logger changes due to weak reference in OpenJDK (LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE)</a></h3>
@@ -3085,22 +3174,22 @@
consider:
</p>
-<p><pre>public static void initLogging() throws Exception {
+<pre>public static void initLogging() throws Exception {
Logger logger = Logger.getLogger("edu.umd.cs");
logger.addHandler(new FileHandler()); // call to change logger configuration
logger.setUseParentHandlers(false); // another call to change logger configuration
-}</pre></p>
+}</pre>
<p>The logger reference is lost at the end of the method (it doesn't
escape the method), so if you have a garbage collection cycle just
after the call to initLogging, the logger configuration is lost
(because Logger only keeps weak references).</p>
-<p><pre>public static void main(String[] args) throws Exception {
+<pre>public static void main(String[] args) throws Exception {
initLogging(); // adds a file handler to the logger
System.gc(); // logger configuration lost
Logger.getLogger("edu.umd.cs").info("Some message"); // this isn't logged to the file as expected
-}</pre></p>
+}</pre>
<p><em>Ulf Ochsenfahrt and Eric Fellheimer</em></p>
@@ -3190,6 +3279,13 @@
</p>
+<h3><a name="TESTING">TEST: Testing (TESTING)</a></h3>
+
+
+<p>This bug pattern is only generated by new, incompletely implemented
+bug detectors.</p>
+
+
<h3><a name="DM_CONVERT_CASE">Dm: Consider using Locale parameterized version of invoked method (DM_CONVERT_CASE)</a></h3>
@@ -3385,7 +3481,7 @@
<h3><a name="DL_SYNCHRONIZATION_ON_BOOLEAN">DL: Synchronization on Boolean (DL_SYNCHRONIZATION_ON_BOOLEAN)</a></h3>
- <p> The code synchronizes on a boxed primitive constant, such as an Boolean.
+ <p> The code synchronizes on a boxed primitive constant, such as an Boolean.</p>
<pre>
private static Boolean inited = Boolean.FALSE;
...
@@ -3397,7 +3493,6 @@
}
...
</pre>
-</p>
<p>Since there normally exist only two Boolean objects, this code could be synchronizing on the same object as other, unrelated code, leading to unresponsiveness
and possible deadlock</p>
<p>See CERT <a href="https://www.securecoding.cert.org/confluence/display/java/CON08-J.+Do+not+synchronize+on+objects+that+may+be+reused">CON08-J. Do not synchronize on objects that may be reused</a> for more information.</p>
@@ -3406,7 +3501,7 @@
<h3><a name="DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE">DL: Synchronization on boxed primitive (DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE)</a></h3>
- <p> The code synchronizes on a boxed primitive constant, such as an Integer.
+ <p> The code synchronizes on a boxed primitive constant, such as an Integer.</p>
<pre>
private static Integer count = 0;
...
@@ -3415,7 +3510,6 @@
}
...
</pre>
-</p>
<p>Since Integer objects can be cached and shared,
this code could be synchronizing on the same object as other, unrelated code, leading to unresponsiveness
and possible deadlock</p>
@@ -3425,26 +3519,25 @@
<h3><a name="DL_SYNCHRONIZATION_ON_SHARED_CONSTANT">DL: Synchronization on interned String (DL_SYNCHRONIZATION_ON_SHARED_CONSTANT)</a></h3>
- <p> The code synchronizes on interned String.
+ <p> The code synchronizes on interned String.</p>
<pre>
private static String LOCK = "LOCK";
...
synchronized(LOCK) { ...}
...
</pre>
-</p>
<p>Constant Strings are interned and shared across all other classes loaded by the JVM. Thus, this could
is locking on something that other code might also be locking. This could result in very strange and hard to diagnose
blocking and deadlock behavior. See <a href="http://www.javalobby.org/java/forums/t96352.html">http://www.javalobby.org/java/forums/t96352.html</a> and <a href="http://jira.codehaus.org/browse/JETTY-352">http://jira.codehaus.org/browse/JETTY-352</a>.
-<p>See CERT <a href="https://www.securecoding.cert.org/confluence/display/java/CON08-J.+Do+not+synchronize+on+objects+that+may+be+reused">CON08-J. Do not synchronize on objects that may be reused</a> for more information.</p>
</p>
+<p>See CERT <a href="https://www.securecoding.cert.org/confluence/display/java/CON08-J.+Do+not+synchronize+on+objects+that+may+be+reused">CON08-J. Do not synchronize on objects that may be reused</a> for more information.</p>
<h3><a name="DL_SYNCHRONIZATION_ON_UNSHARED_BOXED_PRIMITIVE">DL: Synchronization on boxed primitive values (DL_SYNCHRONIZATION_ON_UNSHARED_BOXED_PRIMITIVE)</a></h3>
<p> The code synchronizes on an apparently unshared boxed primitive,
-such as an Integer.
+such as an Integer.</p>
<pre>
private static final Integer fileLock = new Integer(1);
...
@@ -3453,11 +3546,11 @@
}
...
</pre>
-</p>
-<p>It would be much better, in this code, to redeclare fileLock as
+<p>It would be much better, in this code, to redeclare fileLock as</p>
<pre>
private static final Object fileLock = new Object();
</pre>
+<p>
The existing code might be OK, but it is confusing and a
future refactoring, such as the "Remove Boxing" refactoring in IntelliJ,
might replace this with the use of an interned Integer object shared
@@ -3507,6 +3600,7 @@
</p>
<ul>
<li> The class contains a mix of locked and unlocked accesses,</li>
+ <li> The class is <b>not</b> annotated as javax.annotation.concurrent.NotThreadSafe,</li>
<li> At least one locked access was performed by one of the class's own methods, and</li>
<li> The number of unsynchronized field accesses (reads and writes) was no more than
one third of all accesses, with writes being weighed twice as high as reads</li>
@@ -3530,8 +3624,8 @@
<h3><a name="IS_FIELD_NOT_GUARDED">IS: Field not guarded against concurrent access (IS_FIELD_NOT_GUARDED)</a></h3>
- <p> This field is annotated with net.jcip.annotations.GuardedBy,
-but can be accessed in a way that seems to violate the annotation.</p>
+ <p> This field is annotated with net.jcip.annotations.GuardedBy or javax.annotation.concurrent.GuardedBy,
+but can be accessed in a way that seems to violate those annotations.</p>
<h3><a name="JLM_JSR166_LOCK_MONITORENTER">JLM: Synchronization performed on Lock (JLM_JSR166_LOCK_MONITORENTER)</a></h3>
@@ -3611,9 +3705,8 @@
gets a lock on the referenced object, not on the field. This may not
provide the mutual exclusion you need, and other threads might
be obtaining locks on the referenced objects (for other purposes). An example
-of this pattern would be:
-
-<p><pre>
+of this pattern would be:</p>
+<pre>
private Long myNtfSeqNbrCounter = new Long(0);
private Long getNotificationSequenceNumber() {
Long result = null;
@@ -3625,9 +3718,6 @@
}
</pre>
-
-</p>
-
<h3><a name="ML_SYNC_ON_UPDATED_FIELD">ML: Method synchronizes on an updated field (ML_SYNC_ON_UPDATED_FIELD)</a></h3>
@@ -3900,7 +3990,7 @@
<p>
This instance method synchronizes on <code>this.getClass()</code>. If this class is subclassed,
subclasses will synchronize on the class object for the subclass, which isn't likely what was intended.
- For example, consider this code from java.awt.Label:
+ For example, consider this code from java.awt.Label:</p>
<pre>
private static final String base = "label";
private static int nameCounter = 0;
@@ -3909,9 +3999,9 @@
return base + nameCounter++;
}
}
- </pre></p>
+ </pre>
<p>Subclasses of <code>Label</code> won't synchronize on the same subclass, giving rise to a datarace.
- Instead, this code should be synchronizing on <code>Label.class</code>
+ Instead, this code should be synchronizing on <code>Label.class</code></p>
<pre>
private static final String base = "label";
private static int nameCounter = 0;
@@ -3920,7 +4010,7 @@
return base + nameCounter++;
}
}
- </pre></p>
+ </pre>
<p>Bug pattern contributed by Jason Mehrens</p>
@@ -3950,6 +4040,30 @@
that actually occurred.</p>
+<h3><a name="NOISE_FIELD_REFERENCE">NOISE: Bogus warning about a field reference (NOISE_FIELD_REFERENCE)</a></h3>
+
+
+ <p>Bogus warning.</p>
+
+
+<h3><a name="NOISE_METHOD_CALL">NOISE: Bogus warning about a method call (NOISE_METHOD_CALL)</a></h3>
+
+
+ <p>Bogus warning.</p>
+
+
+<h3><a name="NOISE_NULL_DEREFERENCE">NOISE: Bogus warning about a null pointer dereference (NOISE_NULL_DEREFERENCE)</a></h3>
+
+
+ <p>Bogus warning.</p>
+
+
+<h3><a name="NOISE_OPERATION">NOISE: Bogus warning about an operation (NOISE_OPERATION)</a></h3>
+
+
+ <p>Bogus warning.</p>
+
+
<h3><a name="BX_BOXING_IMMEDIATELY_UNBOXED">Bx: Primitive value is boxed and then immediately unboxed (BX_BOXING_IMMEDIATELY_UNBOXED)</a></h3>
@@ -3973,6 +4087,13 @@
</p>
+<h3><a name="DM_BOXED_PRIMITIVE_FOR_PARSING">Bx: Boxing/unboxing to parse a primitive (DM_BOXED_PRIMITIVE_FOR_PARSING)</a></h3>
+
+
+ <p>A boxed primitive is created from a String, just to extract the unboxed primitive value.
+ It is more efficient to just call the static parseXXX method.</p>
+
+
<h3><a name="DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString (DM_BOXED_PRIMITIVE_TOSTRING)</a></h3>
@@ -4123,6 +4244,17 @@
</p>
+<h3><a name="IMA_INEFFICIENT_MEMBER_ACCESS">IMA: Method accesses a private member variable of owning class (IMA_INEFFICIENT_MEMBER_ACCESS)</a></h3>
+
+
+ <p>
+ This method of an inner class reads from or writes to a private member variable of the owning class,
+ or calls a private method of the owning class. The compiler must generate a special method to access this
+ private member, causing this to be less efficient. Relaxing the protection of the member variable or method
+ will allow the compiler to treat this as a normal access.
+ </p>
+
+
<h3><a name="ITA_INEFFICIENT_TO_ARRAY">ITA: Method uses toArray() with zero-length array argument (ITA_INEFFICIENT_TO_ARRAY)</a></h3>
@@ -4529,6 +4661,16 @@
</p>
+<h3><a name="CD_CIRCULAR_DEPENDENCY">CD: Test for circular dependencies among classes (CD_CIRCULAR_DEPENDENCY)</a></h3>
+
+
+ <p>
+ This class has a circular dependency with other classes. This makes building these classes
+ difficult, as each is dependent on the other to build correctly. Consider using interfaces
+ to break the hard dependency.
+ </p>
+
+
<h3><a name="CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field (CI_CONFUSED_INHERITANCE)</a></h3>
@@ -4639,6 +4781,14 @@
</p>
+<h3><a name="DMI_UNSUPPORTED_METHOD">Dm: Call to unsupported method (DMI_UNSUPPORTED_METHOD)</a></h3>
+
+
+ <p>All targets of this method invocation throw an UnsupportedOperationException.
+</p>
+
+
+
<h3><a name="EQ_DOESNT_OVERRIDE_EQUALS">Eq: Class doesn't override equals in superclass (EQ_DOESNT_OVERRIDE_EQUALS)</a></h3>
@@ -4687,16 +4837,26 @@
</p>
-<h3><a name="IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Ambiguous invocation of either an inherited or outer method (IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD)</a></h3>
+<h3><a name="IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method (IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD)</a></h3>
- <p> An inner class is invoking a method that could be resolved to either a inherited method or a method defined in an outer class. By the Java semantics,
+ <p>
+An inner class is invoking a method that could be resolved to either a inherited method or a method defined in an outer class.
+For example, you invoke <code>foo(17)</code>, which is defined in both a superclass and in an outer method.
+By the Java semantics,
it will be resolved to invoke the inherited method, but this may not be want
-you intend. If you really intend to invoke the inherited method,
+you intend.
+</p>
+<p>If you really intend to invoke the inherited method,
invoke it by invoking the method on super (e.g., invoke super.foo(17)), and
thus it will be clear to other readers of your code and to FindBugs
that you want to invoke the inherited method, not the method in the outer class.
</p>
+<p>If you call <code>this.foo(17)</code>, then the inherited method will be invoked. However, since FindBugs only looks at
+classfiles, it
+can't tell the difference between an invocation of <code>this.foo(17)</code> and <code>foo(17)</code>, it will still
+complain about a potential ambiguous invocation.
+</p>
<h3><a name="IC_INIT_CIRCULARITY">IC: Initialization circularity (IC_INIT_CIRCULARITY)</a></h3>
@@ -4707,7 +4867,7 @@
behavior may arise from such circularity.</p>
-<h3><a name="ICAST_IDIV_CAST_TO_DOUBLE">ICAST: integral division result cast to double or float (ICAST_IDIV_CAST_TO_DOUBLE)</a></h3>
+<h3><a name="ICAST_IDIV_CAST_TO_DOUBLE">ICAST: Integral division result cast to double or float (ICAST_IDIV_CAST_TO_DOUBLE)</a></h3>
<p>
@@ -4738,26 +4898,22 @@
<p>
This code performs integer multiply and then converts the result to a long,
-as in:
-<code>
+as in:</p>
<pre>
long convertDaysToMilliseconds(int days) { return 1000*3600*24*days; }
-</pre></code>
+</pre>
+<p>
If the multiplication is done using long arithmetic, you can avoid
the possibility that the result will overflow. For example, you
-could fix the above code to:
-<code>
+could fix the above code to:</p>
<pre>
long convertDaysToMilliseconds(int days) { return 1000L*3600*24*days; }
-</pre></code>
+</pre>
or
-<code>
<pre>
static final long MILLISECONDS_PER_DAY = 24L*3600*1000;
long convertDaysToMilliseconds(int days) { return days * MILLISECONDS_PER_DAY; }
-</pre></code>
-</p>
-
+</pre>
<h3><a name="IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow (IM_AVERAGE_COMPUTATION_COULD_OVERFLOW)</a></h3>
@@ -4862,6 +5018,23 @@
</p>
+<h3><a name="NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP: Method tightens nullness annotation on parameter (NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION)</a></h3>
+
+ <p>
+ A method should always implement the contract of a method it overrides. Thus, if a method takes a parameter
+ that is marked as @Nullable, you shouldn't override that method in a subclass with a method where that parameter is @Nonnull.
+ Doing so violates the contract that the method should handle a null parameter.
+ </p>
+
+<h3><a name="NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value (NP_METHOD_RETURN_RELAXING_ANNOTATION)</a></h3>
+
+ <p>
+ A method should always implement the contract of a method it overrides. Thus, if a method takes is annotated
+ as returning a @Nonnull value,
+ you shouldn't override that method in a subclass with a method annotated as returning a @Nullable or @CheckForNull value.
+ Doing so violates the contract that the method shouldn't return null.
+ </p>
+
<h3><a name="NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method (NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE)</a></h3>
@@ -4944,6 +5117,18 @@
</p>
+<h3><a name="PS_PUBLIC_SEMAPHORES">PS: Class exposes synchronization and semaphores in its public interface (PS_PUBLIC_SEMAPHORES)</a></h3>
+
+
+ <p>
+ This class uses synchronization along with wait(), notify() or notifyAll() on itself (the this
+ reference). Client classes that use this class, may, in addition, use an instance of this class
+ as a synchronizing object. Because two classes are using the same object for synchronization,
+ Multithread correctness is suspect. You should not synchronize nor call semaphore methods on
+ a public reference. Consider using a internal private member variable to control synchronization.
+ </p>
+
+
<h3><a name="PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null (PZLA_PREFER_ZERO_LENGTH_ARRAYS)</a></h3>
@@ -5006,6 +5191,16 @@
each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well,
masking potential bugs.
</p>
+ <p>A better approach is to either explicitly catch the specific exceptions that are thrown,
+ or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:</p>
+ <pre>
+ try {
+ ...
+ } catch (RuntimeException e) {
+ throw e;
+ } catch (Exception e) {
+ ... deal with all non-runtime exceptions ...
+ }</pre>
<h3><a name="RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass (RI_REDUNDANT_INTERFACES)</a></h3>
@@ -5139,6 +5334,8 @@
<p> This method contains a switch statement where default case is missing.
Usually you need to provide a default case.</p>
+ <p>Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if
+the default case is at the end of the switch statement and doesn't end with a break statement.
<h3><a name="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method (ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD)</a></h3>
@@ -5150,7 +5347,7 @@
</p>
-<h3><a name="SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: private readResolve method not inherited by subclasses (SE_PRIVATE_READ_RESOLVE_NOT_INHERITED)</a></h3>
+<h3><a name="SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: Private readResolve method not inherited by subclasses (SE_PRIVATE_READ_RESOLVE_NOT_INHERITED)</a></h3>
<p> This class defines a private readResolve method. Since it is private, it won't be inherited by subclasses.
@@ -5217,10 +5414,28 @@
</pre>
+<h3><a name="USM_USELESS_ABSTRACT_METHOD">USM: Abstract Method is already defined in implemented interface (USM_USELESS_ABSTRACT_METHOD)</a></h3>
+
+
+ <p>
+ This abstract method is already defined in an interface that is implemented by this abstract
+ class. This method can be removed, as it provides no additional value.
+ </p>
+
+
+<h3><a name="USM_USELESS_SUBCLASS_METHOD">USM: Method superfluously delegates to parent class method (USM_USELESS_SUBCLASS_METHOD)</a></h3>
+
+
+ <p>
+ This derived method merely calls the same superclass method passing in the exact parameters
+ received. This method can be removed, as it provides no additional value.
+ </p>
+
+
<h3><a name="URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field (URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD)</a></h3>
- <p> This field is never read. 
+ <p> This field is never read.
The field is public or protected, so perhaps
it is intended to be used with classes not seen as part of the analysis. If not,
consider removing it from the class.</p>
diff --git a/doc/bugDescriptions.html b/doc/bugDescriptions.html
index a8f61c5..be1c9d7 100644
--- a/doc/bugDescriptions.html
+++ b/doc/bugDescriptions.html
@@ -1,3 +1,4 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><title>FindBugs Bug Descriptions</title>
<link rel="stylesheet" type="text/css" href="findbugs.css"/>
<link rel="shortcut icon" href="favicon.ico" type="image/x-icon"/>
@@ -50,12 +51,10 @@
<td align="left" valign="top">
<h1>FindBugs Bug Descriptions</h1>
<p>This document lists the standard bug patterns reported by
-<a href="http://findbugs.sourceforge.net">FindBugs</a> version 2.0.1.</p>
+<a href="http://findbugs.sourceforge.net">FindBugs</a> version 2.0.3.</p>
<h2>Summary</h2>
<table width="100%">
<tr bgcolor="#b9b9fe"><th>Description</th><th>Category</th></tr>
-<tr bgcolor="#eeeeee"><td><a href="#AM_CREATES_EMPTY_JAR_FILE_ENTRY">AM: Creates an empty jar file entry</a></td><td>Bad practice</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#AM_CREATES_EMPTY_ZIP_FILE_ENTRY">AM: Creates an empty zip file entry</a></td><td>Bad practice</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#BC_EQUALS_METHOD_SHOULD_WORK_FOR_ALL_OBJECTS">BC: Equals method should not assume anything about the type of its argument</a></td><td>Bad practice</td></tr>
<tr bgcolor="#ffffff"><td><a href="#BIT_SIGNED_CHECK">BIT: Check for sign of bitwise operation</a></td><td>Bad practice</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#CN_IDIOM">CN: Class implements Cloneable but does not define or use clone method</a></td><td>Bad practice</td></tr>
@@ -150,132 +149,134 @@
<tr bgcolor="#ffffff"><td><a href="#BIT_IOR_OF_SIGNED_BYTE">BIT: Bitwise OR of signed byte value</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#BOA_BADLY_OVERRIDDEN_ADAPTER">BOA: Class overrides a method implemented in super class Adapter wrongly</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range 0..31</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range -31..31</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#BX_UNBOXED_AND_COERCED_FOR_TERNARY_OPERATOR">Bx: Primitive value is unboxed and coerced for ternary operator</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#CO_COMPARETO_RESULTS_MIN_VALUE">Co: compareTo()/compare() returns Integer.MIN_VALUE</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DLS_OVERWRITTEN_INCREMENT">DLS: Overwritten increment</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_ARGUMENTS_WRONG_ORDER">DMI: Reversed method arguments</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_BAD_MONTH">DMI: Bad constant value for month</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE">DMI: BigDecimal constructed from double that isn't represented precisely</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_CALLING_NEXT_FROM_HASNEXT">DMI: hasNext method invokes next</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES">DMI: Collections should not contain themselves</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_DOH">DMI: D'oh! A nonsensical method invocation</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_HASHCODE_ON_ARRAY">DMI: Invocation of hashCode on an array</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_LONG_BITS_TO_DOUBLE_INVOKED_ON_INT">DMI: Double.longBitsToDouble invoked on an int</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_VACUOUS_SELF_COLLECTION_CALL">DMI: Vacuous call to collections</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_ANNOTATION_IS_NOT_VISIBLE_TO_REFLECTION">Dm: Can't use reflection to check for presence of annotation without runtime retention</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR">Dm: Futile attempt to change max pool size of ScheduledThreadPoolExecutor</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_SCHEDULED_THREAD_POOL_EXECUTOR_WITH_ZERO_CORE_THREADS">Dm: Creation of ScheduledThreadPoolExecutor with zero core threads</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_VACUOUS_CALL_TO_EASYMOCK_METHOD">Dm: Useless/vacuous call to EasyMock method</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EC_ARRAY_AND_NONARRAY">EC: equals() used to compare array and nonarray</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EC_BAD_ARRAY_COMPARE">EC: Invocation of equals() on an array, which is equivalent to ==</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EC_INCOMPATIBLE_ARRAY_COMPARE">EC: equals(...) used to compare incompatible arrays</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EC_NULL_ARG">EC: Call to equals(null)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EC_UNRELATED_CLASS_AND_INTERFACE">EC: Call to equals() comparing unrelated class and interface</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EC_UNRELATED_INTERFACES">EC: Call to equals() comparing different interface types</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EC_UNRELATED_TYPES">EC: Call to equals() comparing different types</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EC_UNRELATED_TYPES_USING_POINTER_EQUALITY">EC: Using pointer equality to compare different types</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EQ_ALWAYS_FALSE">Eq: equals method always returns false</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EQ_ALWAYS_TRUE">Eq: equals method always returns true</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EQ_COMPARING_CLASS_NAMES">Eq: equals method compares class names rather than class objects</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EQ_DONT_DEFINE_EQUALS_FOR_ENUM">Eq: Covariant equals() method defined for enum</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EQ_OTHER_NO_OBJECT">Eq: equals() method defined that doesn't override equals(Object)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EQ_OTHER_USE_OBJECT">Eq: equals() method defined that doesn't override Object.equals(Object)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC">Eq: equals method overrides equals in superclass and may not be symmetric</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EQ_SELF_USE_OBJECT">Eq: Covariant equals() method defined, Object.equals(Object) inherited</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER">FE: Doomed test for equality to NaN</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_ARGUMENT">FS: Format string placeholder incompatible with passed argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION">FS: The type of a supplied argument doesn't match format specifier</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED">FS: MessageFormat supplied where printf style format expected</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED">FS: More arguments are passed than are actually used in the format string</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_ILLEGAL">FS: Illegal format string</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_MISSING_ARGUMENT">FS: Format string references missing argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT">FS: No previous argument for format string</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#GC_UNRELATED_TYPES">GC: No relationship between generic parameter and method argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS">HE: Signature declares use of unhashable class in hashed construct</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#HE_USE_OF_UNHASHABLE_CLASS">HE: Use of class without a hashCode() method in a hashed data structure</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_INT_2_LONG_AS_INSTANT">ICAST: int value converted to long and used as absolute time</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: integral value cast to double and then passed to Math.ceil</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND">ICAST: int value cast to float and then passed to Math.round</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IJU_ASSERT_METHOD_INVOKED_FROM_RUN_METHOD">IJU: JUnit assertion in run method will not be noticed by JUnit</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IJU_BAD_SUITE_METHOD">IJU: TestCase declares a bad suite method </a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IJU_NO_TESTS">IJU: TestCase has no tests</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IJU_SETUP_NO_SUPER">IJU: TestCase defines setUp that doesn't call super.setUp()</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IJU_SUITE_NOT_STATIC">IJU: TestCase implements a non-static suite method </a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IJU_TEARDOWN_NO_SUPER">IJU: TestCase defines tearDown that doesn't call super.tearDown()</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IL_CONTAINER_ADDED_TO_ITSELF">IL: A collection is added to itself</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IL_INFINITE_LOOP">IL: An apparent infinite loop</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IL_INFINITE_RECURSIVE_LOOP">IL: An apparent infinite recursive loop</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IM_MULTIPLYING_RESULT_OF_IREM">IM: Integer multiply of result of integer remainder</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_INT_VALUE">INT: Bad comparison of int value with long constant</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_SIGNED_BYTE">INT: Bad comparison of signed byte</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IO_APPENDING_TO_OBJECT_OUTPUT_STREAM">IO: Doomed attempt to append to an object output stream</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IP_PARAMETER_IS_DEAD_BUT_OVERWRITTEN">IP: A parameter is dead upon entry to a method but overwritten</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#MF_CLASS_MASKS_FIELD">MF: Class defines field that masks a superclass field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#MF_METHOD_MASKS_FIELD">MF: Method defines a variable that obscures a field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_ALWAYS_NULL">NP: Null pointer dereference</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_ALWAYS_NULL_EXCEPTION">NP: Null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_ARGUMENT_MIGHT_BE_NULL">NP: Method does not check for null argument</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_CLOSING_NULL">NP: close() invoked on a value that is always null</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_GUARANTEED_DEREF">NP: Null value is guaranteed to be dereferenced</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH">NP: Value is null and guaranteed to be dereferenced on exception path</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Nonnull field is not initialized</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a nonnull parameter </a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @NonNull</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_INSTANCEOF">NP: A known null value is checked to see if it is an instance of a type</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH">NP: Possible null pointer dereference</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_EXCEPTION">NP: Possible null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated NonNull</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_UNWRITTEN_FIELD">NP: Read of unwritten field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NM_BAD_EQUAL">Nm: Class defines equal(Object); should it be equals(Object)?</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NM_LCASE_HASHCODE">Nm: Class defines hashcode(); should it be hashCode()?</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NM_LCASE_TOSTRING">Nm: Class defines tostring(); should it be toString()?</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NM_METHOD_CONSTRUCTOR_CONFUSION">Nm: Apparent method/constructor confusion</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NM_VERY_CONFUSING">Nm: Very confusing method names</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NM_WRONG_PACKAGE">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT">QBA: Method assigns boolean literal in boolean expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RC_REF_COMPARISON">RC: Suspicious reference comparison</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE">RCN: Nullcheck of value previously dereferenced</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION">RE: Invalid syntax for regular expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION">RE: File.separator used for regular expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." used for regular expression</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_01_TO_INT">RV: Random value from 0 to 1 is coerced to the integer 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_ABSOLUTE_VALUE_OF_HASHCODE">RV: Bad attempt to compute absolute value of signed 32-bit hashcode </a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_ABSOLUTE_VALUE_OF_RANDOM_INT">RV: Bad attempt to compute absolute value of signed random integer</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE">RV: Code checks for specific values returned by compareTo</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_EXCEPTION_NOT_THROWN">RV: Exception created and dropped rather than thrown</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED">RV: Method ignores return value</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RpC_REPEATED_CONDITIONAL_TEST">RpC: Repeated conditional tests</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_ASSIGNMENT">SA: Self assignment of field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_COMPARISON">SA: Self comparison of field with itself</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_COMPUTATION">SA: Nonsensical self computation involving a field (e.g., x & x)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD">SA: Self assignment of local rather than assignment to field</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_COMPARISON">SA: Self comparison of value with itself</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_COMPUTATION">SA: Nonsensical self computation involving a variable (e.g., x & x)</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH">SF: Dead store due to switch statement fall through</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW">SF: Dead store due to switch statement fall through to throw</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SIC_THREADLOCAL_DEADLY_EMBRACE">SIC: Deadly embrace of non-static inner class and thread local</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SIO_SUPERFLUOUS_INSTANCEOF">SIO: Unnecessary type check done using instanceof operator</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SQL_BAD_PREPARED_STATEMENT_ACCESS">SQL: Method attempts to access a prepared statement parameter with index 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SQL_BAD_RESULTSET_ACCESS">SQL: Method attempts to access a result set field with index 0</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#STI_INTERRUPTED_ON_CURRENTTHREAD">STI: Unneeded use of currentThread() call, to call interrupted() </a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#STI_INTERRUPTED_ON_UNKNOWNTHREAD">STI: Static Thread.interrupted() method invoked on thread instance</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SE_METHOD_MUST_BE_PRIVATE">Se: Method must be private in order for serialization to work</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SE_READ_RESOLVE_IS_STATIC">Se: The readResolve method must not be declared as a static method. </a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED">TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ: Comparing values with incompatible type qualifiers</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier</a></td><td>Correctness</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED">TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DLS_OVERWRITTEN_INCREMENT">DLS: Overwritten increment</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_ARGUMENTS_WRONG_ORDER">DMI: Reversed method arguments</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_BAD_MONTH">DMI: Bad constant value for month</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE">DMI: BigDecimal constructed from double that isn't represented precisely</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_CALLING_NEXT_FROM_HASNEXT">DMI: hasNext method invokes next</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_COLLECTIONS_SHOULD_NOT_CONTAIN_THEMSELVES">DMI: Collections should not contain themselves</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_DOH">DMI: D'oh! A nonsensical method invocation</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_INVOKING_HASHCODE_ON_ARRAY">DMI: Invocation of hashCode on an array</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_LONG_BITS_TO_DOUBLE_INVOKED_ON_INT">DMI: Double.longBitsToDouble invoked on an int</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_VACUOUS_SELF_COLLECTION_CALL">DMI: Vacuous call to collections</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_ANNOTATION_IS_NOT_VISIBLE_TO_REFLECTION">Dm: Can't use reflection to check for presence of annotation without runtime retention</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR">Dm: Futile attempt to change max pool size of ScheduledThreadPoolExecutor</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_SCHEDULED_THREAD_POOL_EXECUTOR_WITH_ZERO_CORE_THREADS">Dm: Creation of ScheduledThreadPoolExecutor with zero core threads</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_VACUOUS_CALL_TO_EASYMOCK_METHOD">Dm: Useless/vacuous call to EasyMock method</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EC_ARRAY_AND_NONARRAY">EC: equals() used to compare array and nonarray</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EC_BAD_ARRAY_COMPARE">EC: Invocation of equals() on an array, which is equivalent to ==</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EC_INCOMPATIBLE_ARRAY_COMPARE">EC: equals(...) used to compare incompatible arrays</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EC_NULL_ARG">EC: Call to equals(null)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EC_UNRELATED_CLASS_AND_INTERFACE">EC: Call to equals() comparing unrelated class and interface</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EC_UNRELATED_INTERFACES">EC: Call to equals() comparing different interface types</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EC_UNRELATED_TYPES">EC: Call to equals() comparing different types</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EC_UNRELATED_TYPES_USING_POINTER_EQUALITY">EC: Using pointer equality to compare different types</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EQ_ALWAYS_FALSE">Eq: equals method always returns false</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EQ_ALWAYS_TRUE">Eq: equals method always returns true</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EQ_COMPARING_CLASS_NAMES">Eq: equals method compares class names rather than class objects</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EQ_DONT_DEFINE_EQUALS_FOR_ENUM">Eq: Covariant equals() method defined for enum</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EQ_OTHER_NO_OBJECT">Eq: equals() method defined that doesn't override equals(Object)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EQ_OTHER_USE_OBJECT">Eq: equals() method defined that doesn't override Object.equals(Object)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EQ_OVERRIDING_EQUALS_NOT_SYMMETRIC">Eq: equals method overrides equals in superclass and may not be symmetric</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EQ_SELF_USE_OBJECT">Eq: Covariant equals() method defined, Object.equals(Object) inherited</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER">FE: Doomed test for equality to NaN</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_ARGUMENT">FS: Format string placeholder incompatible with passed argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION">FS: The type of a supplied argument doesn't match format specifier</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED">FS: MessageFormat supplied where printf style format expected</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED">FS: More arguments are passed than are actually used in the format string</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_ILLEGAL">FS: Illegal format string</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_MISSING_ARGUMENT">FS: Format string references missing argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT">FS: No previous argument for format string</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#GC_UNRELATED_TYPES">GC: No relationship between generic parameter and method argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS">HE: Signature declares use of unhashable class in hashed construct</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#HE_USE_OF_UNHASHABLE_CLASS">HE: Use of class without a hashCode() method in a hashed data structure</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_INT_2_LONG_AS_INSTANT">ICAST: int value converted to long and used as absolute time</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: Integral value cast to double and then passed to Math.ceil</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_INT_CAST_TO_FLOAT_PASSED_TO_ROUND">ICAST: int value cast to float and then passed to Math.round</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IJU_ASSERT_METHOD_INVOKED_FROM_RUN_METHOD">IJU: JUnit assertion in run method will not be noticed by JUnit</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IJU_BAD_SUITE_METHOD">IJU: TestCase declares a bad suite method </a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IJU_NO_TESTS">IJU: TestCase has no tests</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IJU_SETUP_NO_SUPER">IJU: TestCase defines setUp that doesn't call super.setUp()</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IJU_SUITE_NOT_STATIC">IJU: TestCase implements a non-static suite method </a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IJU_TEARDOWN_NO_SUPER">IJU: TestCase defines tearDown that doesn't call super.tearDown()</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IL_CONTAINER_ADDED_TO_ITSELF">IL: A collection is added to itself</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IL_INFINITE_LOOP">IL: An apparent infinite loop</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IL_INFINITE_RECURSIVE_LOOP">IL: An apparent infinite recursive loop</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IM_MULTIPLYING_RESULT_OF_IREM">IM: Integer multiply of result of integer remainder</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_INT_VALUE">INT: Bad comparison of int value with long constant</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_COMPARISON_WITH_NONNEGATIVE_VALUE">INT: Bad comparison of nonnegative value with negative constant</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#INT_BAD_COMPARISON_WITH_SIGNED_BYTE">INT: Bad comparison of signed byte</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IO_APPENDING_TO_OBJECT_OUTPUT_STREAM">IO: Doomed attempt to append to an object output stream</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IP_PARAMETER_IS_DEAD_BUT_OVERWRITTEN">IP: A parameter is dead upon entry to a method but overwritten</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#MF_CLASS_MASKS_FIELD">MF: Class defines field that masks a superclass field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#MF_METHOD_MASKS_FIELD">MF: Method defines a variable that obscures a field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_ALWAYS_NULL">NP: Null pointer dereference</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_ALWAYS_NULL_EXCEPTION">NP: Null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_ARGUMENT_MIGHT_BE_NULL">NP: Method does not check for null argument</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_CLOSING_NULL">NP: close() invoked on a value that is always null</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_GUARANTEED_DEREF">NP: Null value is guaranteed to be dereferenced</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_GUARANTEED_DEREF_ON_EXCEPTION_PATH">NP: Value is null and guaranteed to be dereferenced on exception path</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">NP: Nonnull field is not initialized</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NONNULL_PARAM_VIOLATION">NP: Method call passes null to a nonnull parameter </a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NONNULL_RETURN_VIOLATION">NP: Method may return null, but is declared @NonNull</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_INSTANCEOF">NP: A known null value is checked to see if it is an instance of a type</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH">NP: Possible null pointer dereference</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_EXCEPTION">NP: Possible null pointer dereference in method on exception path</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_PARAM_DEREF_ALL_TARGETS_DANGEROUS">NP: Method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_PARAM_DEREF_NONVIRTUAL">NP: Non-virtual method call passes null for nonnull parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_STORE_INTO_NONNULL_FIELD">NP: Store of null value into field annotated NonNull</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_UNWRITTEN_FIELD">NP: Read of unwritten field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NM_BAD_EQUAL">Nm: Class defines equal(Object); should it be equals(Object)?</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NM_LCASE_HASHCODE">Nm: Class defines hashcode(); should it be hashCode()?</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NM_LCASE_TOSTRING">Nm: Class defines tostring(); should it be toString()?</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NM_METHOD_CONSTRUCTOR_CONFUSION">Nm: Apparent method/constructor confusion</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NM_VERY_CONFUSING">Nm: Very confusing method names</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NM_WRONG_PACKAGE">Nm: Method doesn't override method in superclass due to wrong package for parameter</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#QBA_QUESTIONABLE_BOOLEAN_ASSIGNMENT">QBA: Method assigns boolean literal in boolean expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RC_REF_COMPARISON">RC: Suspicious reference comparison</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE">RCN: Nullcheck of value previously dereferenced</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RE_BAD_SYNTAX_FOR_REGULAR_EXPRESSION">RE: Invalid syntax for regular expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RE_CANT_USE_FILE_SEPARATOR_AS_REGULAR_EXPRESSION">RE: File.separator used for regular expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." or "|" used for regular expression</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_01_TO_INT">RV: Random value from 0 to 1 is coerced to the integer 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_ABSOLUTE_VALUE_OF_HASHCODE">RV: Bad attempt to compute absolute value of signed 32-bit hashcode </a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_ABSOLUTE_VALUE_OF_RANDOM_INT">RV: Bad attempt to compute absolute value of signed random integer</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_CHECK_COMPARETO_FOR_SPECIFIC_RETURN_VALUE">RV: Code checks for specific values returned by compareTo</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_EXCEPTION_NOT_THROWN">RV: Exception created and dropped rather than thrown</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED">RV: Method ignores return value</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RpC_REPEATED_CONDITIONAL_TEST">RpC: Repeated conditional tests</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_ASSIGNMENT">SA: Self assignment of field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_SELF_COMPARISON">SA: Self comparison of field with itself</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_SELF_COMPUTATION">SA: Nonsensical self computation involving a field (e.g., x & x)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT_INSTEAD_OF_FIELD">SA: Self assignment of local rather than assignment to field</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_COMPARISON">SA: Self comparison of value with itself</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_COMPUTATION">SA: Nonsensical self computation involving a variable (e.g., x & x)</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH">SF: Dead store due to switch statement fall through</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH_TO_THROW">SF: Dead store due to switch statement fall through to throw</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SIC_THREADLOCAL_DEADLY_EMBRACE">SIC: Deadly embrace of non-static inner class and thread local</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SIO_SUPERFLUOUS_INSTANCEOF">SIO: Unnecessary type check done using instanceof operator</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SQL_BAD_PREPARED_STATEMENT_ACCESS">SQL: Method attempts to access a prepared statement parameter with index 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SQL_BAD_RESULTSET_ACCESS">SQL: Method attempts to access a result set field with index 0</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#STI_INTERRUPTED_ON_CURRENTTHREAD">STI: Unneeded use of currentThread() call, to call interrupted() </a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#STI_INTERRUPTED_ON_UNKNOWNTHREAD">STI: Static Thread.interrupted() method invoked on thread instance</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SE_METHOD_MUST_BE_PRIVATE">Se: Method must be private in order for serialization to work</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SE_READ_RESOLVE_IS_STATIC">Se: The readResolve method must not be declared as a static method. </a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_ALWAYS_VALUE_USED_WHERE_NEVER_REQUIRED">TQ: Value annotated as carrying a type qualifier used where a value that must not carry that qualifier is required</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_COMPARING_VALUES_WITH_INCOMPATIBLE_TYPE_QUALIFIERS">TQ: Comparing values with incompatible type qualifiers</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value that might not carry a type qualifier is always used in a way requires that type qualifier</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_MAYBE_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value that might carry a type qualifier is always used in a way prohibits it from having that type qualifier</a></td><td>Correctness</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_NEVER_VALUE_USED_WHERE_ALWAYS_REQUIRED">TQ: Value annotated as never carrying a type qualifier used where value carrying that qualifier is required</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ: Value without a type qualifier used where a value is required to have that qualifier</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS">UMAC: Uncallable method defined in anonymous class</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#UR_UNINIT_READ">UR: Uninitialized read of field in constructor</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UR_UNINIT_READ_CALLED_FROM_SUPER_CONSTRUCTOR">UR: Uninitialized read of field method called from constructor of superclass</a></td><td>Correctness</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an array</a></td><td>Correctness</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an unnamed array</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#DMI_INVOKING_TOSTRING_ON_ARRAY">USELESS_STRING: Invocation of toString on an array</a></td><td>Correctness</td></tr>
<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_FROM_ARRAY">USELESS_STRING: Array formatted in useless way using format string</a></td><td>Correctness</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#UWF_NULL_FIELD">UwF: Field only ever set to null</a></td><td>Correctness</td></tr>
@@ -349,136 +350,117 @@
<tr bgcolor="#eeeeee"><td><a href="#BX_BOXING_IMMEDIATELY_UNBOXED">Bx: Primitive value is boxed and then immediately unboxed</a></td><td>Performance</td></tr>
<tr bgcolor="#ffffff"><td><a href="#BX_BOXING_IMMEDIATELY_UNBOXED_TO_PERFORM_COERCION">Bx: Primitive value is boxed then unboxed to perform primitive coercion</a></td><td>Performance</td></tr>
<tr bgcolor="#eeeeee"><td><a href="#BX_UNBOXING_IMMEDIATELY_REBOXED">Bx: Boxed value is unboxed and then immediately reboxed</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_FP_NUMBER_CTOR">Bx: Method invokes inefficient floating-point Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_NUMBER_CTOR">Bx: Method invokes inefficient Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_BLOCKING_METHODS_ON_URL">Dm: The equals and hashCode methods of URL are blocking</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_COLLECTION_OF_URLS">Dm: Maps and sets of URLs can be performance hogs</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_BOOLEAN_CTOR">Dm: Method invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_GC">Dm: Explicit garbage collection; extremely dubious except in benchmarking code</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_NEW_FOR_GETCLASS">Dm: Method allocates an object, only to get the class object</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_NEXTINT_VIA_NEXTDOUBLE">Dm: Use the nextInt method of Random rather than nextDouble to generate a random integer</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_CTOR">Dm: Method invokes inefficient new String(String) constructor</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DM_STRING_TOSTRING">Dm: Method invokes toString() method on a String</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_VOID_CTOR">Dm: Method invokes inefficient new String() constructor</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#HSC_HUGE_SHARED_STRING_CONSTANT">HSC: Huge string constants is duplicated across multiple class files</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#ITA_INEFFICIENT_TO_ARRAY">ITA: Method uses toArray() with zero-length array argument</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SBSC_USE_STRINGBUFFER_CONCATENATION">SBSC: Method concatenates strings using + in a loop</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SIC_INNER_SHOULD_BE_STATIC">SIC: Should be a static inner class</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SIC_INNER_SHOULD_BE_STATIC_ANON">SIC: Could be refactored into a named static inner class</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SIC_INNER_SHOULD_BE_STATIC_NEEDS_THIS">SIC: Could be refactored into a static inner class</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SS_SHOULD_BE_STATIC">SS: Unread field: should this field be static?</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#UM_UNNECESSARY_MATH">UM: Method calls static Math class method on a constant value</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UPM_UNCALLED_PRIVATE_METHOD">UPM: Private method is never called</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#URF_UNREAD_FIELD">UrF: Unread field</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UUF_UNUSED_FIELD">UuF: Unused field</a></td><td>Performance</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#WMI_WRONG_MAP_ITERATOR">WMI: Inefficient use of keySet iterator instead of entrySet iterator</a></td><td>Performance</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_CONSTANT_DB_PASSWORD">Dm: Hardcoded constant database password</a></td><td>Security</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_EMPTY_DB_PASSWORD">Dm: Empty database password</a></td><td>Security</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#HRS_REQUEST_PARAMETER_TO_COOKIE">HRS: HTTP cookie formed from untrusted input</a></td><td>Security</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#HRS_REQUEST_PARAMETER_TO_HTTP_HEADER">HRS: HTTP Response splitting vulnerability</a></td><td>Security</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#PT_ABSOLUTE_PATH_TRAVERSAL">PT: Absolute path traversal in servlet</a></td><td>Security</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#PT_RELATIVE_PATH_TRAVERSAL">PT: Relative path traversal in servlet</a></td><td>Security</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE">SQL: Nonconstant string passed to execute method on an SQL statement</a></td><td>Security</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING">SQL: A prepared statement is generated from a nonconstant String</a></td><td>Security</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#XSS_REQUEST_PARAMETER_TO_JSP_WRITER">XSS: JSP reflected cross site scripting vulnerability</a></td><td>Security</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#XSS_REQUEST_PARAMETER_TO_SEND_ERROR">XSS: Servlet reflected cross site scripting vulnerability in error page</a></td><td>Security</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#XSS_REQUEST_PARAMETER_TO_SERVLET_WRITER">XSS: Servlet reflected cross site scripting vulnerability</a></td><td>Security</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BC_BAD_CAST_TO_ABSTRACT_COLLECTION">BC: Questionable cast to abstract collection </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BC_BAD_CAST_TO_CONCRETE_COLLECTION">BC: Questionable cast to concrete collection</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BC_UNCONFIRMED_CAST">BC: Unchecked/unconfirmed cast</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#BC_UNCONFIRMED_CAST_OF_RETURN_VALUE">BC: Unchecked/unconfirmed cast of return value from method</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#BC_VACUOUS_INSTANCEOF">BC: instanceof will always return true</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT">BSHIFT: Unsigned right shift cast to short/byte</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DB_DUPLICATE_BRANCHES">DB: Method uses the same code for two branches</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DB_DUPLICATE_SWITCH_CLAUSES">DB: Method uses the same code for two switch clauses</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE">DLS: Dead store to local variable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_IN_RETURN">DLS: Useless assignment in return statement</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_OF_NULL">DLS: Dead store of null to local variable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD">DLS: Dead store to local variable that shadows field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_HARDCODED_ABSOLUTE_FILENAME">DMI: Code contains a hard coded reference to an absolute pathname</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_NONSERIALIZABLE_OBJECT_WRITTEN">DMI: Non serializable object written to ObjectOutput</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#DMI_USELESS_SUBSTRING">DMI: Invocation of substring(0), which returns the original value</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED">Dm: Thread passed where Runnable expected</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#EQ_DOESNT_OVERRIDE_EQUALS">Eq: Class doesn't override equals in superclass</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#EQ_UNUSUAL">Eq: Unusual equals method </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#FE_FLOATING_POINT_EQUALITY">FE: Test for floating point equality</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN">FS: Non-Boolean argument formatted using %b format specifier</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Ambiguous invocation of either an inherited or outer method</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IC_INIT_CIRCULARITY">IC: Initialization circularity</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ICAST_IDIV_CAST_TO_DOUBLE">ICAST: integral division result cast to double or float</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#ICAST_INTEGER_MULTIPLY_CAST_TO_LONG">ICAST: Result of integer multiplication cast to long</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#IM_BAD_CHECK_FOR_ODD">IM: Check for oddness that won't work for negative numbers </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#INT_BAD_REM_BY_1">INT: Integer remainder modulo 1</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#INT_VACUOUS_BIT_OPERATION">INT: Vacuous bit mask operation on integer value</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#INT_VACUOUS_COMPARISON">INT: Vacuous comparison of integer value</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#MTIA_SUSPECT_SERVLET_INSTANCE_FIELD">MTIA: Class extends Servlet class and uses instance variables</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#MTIA_SUSPECT_STRUTS_INSTANCE_FIELD">MTIA: Class extends Struts Action class and uses instance variables</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_DEREFERENCE_OF_READLINE_VALUE">NP: Dereference of the result of readLine() without nullcheck</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_IMMEDIATE_DEREFERENCE_OF_READLINE">NP: Immediate dereference of the result of readLine()</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_LOAD_OF_KNOWN_NULL_VALUE">NP: Load of known null value</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE">NP: Possible null pointer dereference on branch that might be infeasible</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be nonnull but is marked as nullable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NP_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">NP: Read of unwritten public or protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#NS_DANGEROUS_NON_SHORT_CIRCUIT">NS: Potentially dangerous use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#NS_NON_SHORT_CIRCUIT">NS: Questionable use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#QF_QUESTIONABLE_FOR_LOOP">QF: Complicated, subtle or wrong increment in for-loop </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE">RCN: Redundant comparison of non-null value to null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES">RCN: Redundant comparison of two null values</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE">RCN: Redundant nullcheck of value known to be non-null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN: Redundant nullcheck of value known to be null</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#REC_CATCH_EXCEPTION">REC: Exception is caught when Exception is not thrown</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_CHECK_FOR_POSITIVE_INDEXOF">RV: Method checks to see if result of String.indexOf is positive</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is nonnull</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_REM_OF_HASHCODE">RV: Remainder of hashCode could be negative</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#RV_REM_OF_RANDOM_INT">RV: Remainder of 32-bit signed random integer</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#RV_RETURN_VALUE_IGNORED_INFERRED">RV: Method ignores return value, is this OK?</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_FIELD_DOUBLE_ASSIGNMENT">SA: Double assignment of field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_DOUBLE_ASSIGNMENT">SA: Double assignment of local variable </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT">SA: Self assignment of local variable</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SF_SWITCH_FALLTHROUGH">SF: Switch statement found where one case falls through to the next case</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SF_SWITCH_NO_DEFAULT">SF: Switch statement found where default case is missing</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: private readResolve method not inherited by subclasses</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS">Se: Transient field of class that isn't Serializable. </a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value required to have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value required to not have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UCF_USELESS_CONTROL_FLOW_NEXT_LINE">UCF: Useless control flow to next line</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD">UuF: Unused public or protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">UwF: Field not initialized in constructor but dereferenced without null check</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#ffffff"><td><a href="#UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">UwF: Unwritten public or protected field</a></td><td>Dodgy code</td></tr>
-<tr bgcolor="#eeeeee"><td><a href="#XFB_XML_FACTORY_BYPASS">XFB: Method directly allocates a specific implementation of xml interfaces</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_BOXED_PRIMITIVE_FOR_PARSING">Bx: Boxing/unboxing to parse a primitive</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_FP_NUMBER_CTOR">Bx: Method invokes inefficient floating-point Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_NUMBER_CTOR">Bx: Method invokes inefficient Number constructor; use static valueOf instead</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_BLOCKING_METHODS_ON_URL">Dm: The equals and hashCode methods of URL are blocking</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_COLLECTION_OF_URLS">Dm: Maps and sets of URLs can be performance hogs</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_BOOLEAN_CTOR">Dm: Method invokes inefficient Boolean constructor; use Boolean.valueOf(...) instead</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_GC">Dm: Explicit garbage collection; extremely dubious except in benchmarking code</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_NEW_FOR_GETCLASS">Dm: Method allocates an object, only to get the class object</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_NEXTINT_VIA_NEXTDOUBLE">Dm: Use the nextInt method of Random rather than nextDouble to generate a random integer</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_STRING_CTOR">Dm: Method invokes inefficient new String(String) constructor</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DM_STRING_TOSTRING">Dm: Method invokes toString() method on a String</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DM_STRING_VOID_CTOR">Dm: Method invokes inefficient new String() constructor</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#HSC_HUGE_SHARED_STRING_CONSTANT">HSC: Huge string constants is duplicated across multiple class files</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#ITA_INEFFICIENT_TO_ARRAY">ITA: Method uses toArray() with zero-length array argument</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SBSC_USE_STRINGBUFFER_CONCATENATION">SBSC: Method concatenates strings using + in a loop</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SIC_INNER_SHOULD_BE_STATIC">SIC: Should be a static inner class</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SIC_INNER_SHOULD_BE_STATIC_ANON">SIC: Could be refactored into a named static inner class</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SIC_INNER_SHOULD_BE_STATIC_NEEDS_THIS">SIC: Could be refactored into a static inner class</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SS_SHOULD_BE_STATIC">SS: Unread field: should this field be static?</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#UM_UNNECESSARY_MATH">UM: Method calls static Math class method on a constant value</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UPM_UNCALLED_PRIVATE_METHOD">UPM: Private method is never called</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#URF_UNREAD_FIELD">UrF: Unread field</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UUF_UNUSED_FIELD">UuF: Unused field</a></td><td>Performance</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#WMI_WRONG_MAP_ITERATOR">WMI: Inefficient use of keySet iterator instead of entrySet iterator</a></td><td>Performance</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_CONSTANT_DB_PASSWORD">Dm: Hardcoded constant database password</a></td><td>Security</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_EMPTY_DB_PASSWORD">Dm: Empty database password</a></td><td>Security</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#HRS_REQUEST_PARAMETER_TO_COOKIE">HRS: HTTP cookie formed from untrusted input</a></td><td>Security</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#HRS_REQUEST_PARAMETER_TO_HTTP_HEADER">HRS: HTTP Response splitting vulnerability</a></td><td>Security</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#PT_ABSOLUTE_PATH_TRAVERSAL">PT: Absolute path traversal in servlet</a></td><td>Security</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#PT_RELATIVE_PATH_TRAVERSAL">PT: Relative path traversal in servlet</a></td><td>Security</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE">SQL: Nonconstant string passed to execute method on an SQL statement</a></td><td>Security</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SQL_PREPARED_STATEMENT_GENERATED_FROM_NONCONSTANT_STRING">SQL: A prepared statement is generated from a nonconstant String</a></td><td>Security</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#XSS_REQUEST_PARAMETER_TO_JSP_WRITER">XSS: JSP reflected cross site scripting vulnerability</a></td><td>Security</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#XSS_REQUEST_PARAMETER_TO_SEND_ERROR">XSS: Servlet reflected cross site scripting vulnerability in error page</a></td><td>Security</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#XSS_REQUEST_PARAMETER_TO_SERVLET_WRITER">XSS: Servlet reflected cross site scripting vulnerability</a></td><td>Security</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BC_BAD_CAST_TO_ABSTRACT_COLLECTION">BC: Questionable cast to abstract collection </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BC_BAD_CAST_TO_CONCRETE_COLLECTION">BC: Questionable cast to concrete collection</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BC_UNCONFIRMED_CAST">BC: Unchecked/unconfirmed cast</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#BC_UNCONFIRMED_CAST_OF_RETURN_VALUE">BC: Unchecked/unconfirmed cast of return value from method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#BC_VACUOUS_INSTANCEOF">BC: instanceof will always return true</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_QUESTIONABLE_UNSIGNED_RIGHT_SHIFT">BSHIFT: Unsigned right shift cast to short/byte</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#CI_CONFUSED_INHERITANCE">CI: Class is final but declares protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DB_DUPLICATE_BRANCHES">DB: Method uses the same code for two branches</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DB_DUPLICATE_SWITCH_CLAUSES">DB: Method uses the same code for two switch clauses</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE">DLS: Dead store to local variable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_IN_RETURN">DLS: Useless assignment in return statement</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DLS_DEAD_LOCAL_STORE_OF_NULL">DLS: Dead store of null to local variable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD">DLS: Dead store to local variable that shadows field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_HARDCODED_ABSOLUTE_FILENAME">DMI: Code contains a hard coded reference to an absolute pathname</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_NONSERIALIZABLE_OBJECT_WRITTEN">DMI: Non serializable object written to ObjectOutput</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#DMI_USELESS_SUBSTRING">DMI: Invocation of substring(0), which returns the original value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#DMI_THREAD_PASSED_WHERE_RUNNABLE_EXPECTED">Dm: Thread passed where Runnable expected</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#EQ_DOESNT_OVERRIDE_EQUALS">Eq: Class doesn't override equals in superclass</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#EQ_UNUSUAL">Eq: Unusual equals method </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#FE_FLOATING_POINT_EQUALITY">FE: Test for floating point equality</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN">FS: Non-Boolean argument formatted using %b format specifier</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IC_INIT_CIRCULARITY">IC: Initialization circularity</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ICAST_IDIV_CAST_TO_DOUBLE">ICAST: Integral division result cast to double or float</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#ICAST_INTEGER_MULTIPLY_CAST_TO_LONG">ICAST: Result of integer multiplication cast to long</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#IM_BAD_CHECK_FOR_ODD">IM: Check for oddness that won't work for negative numbers </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#INT_BAD_REM_BY_1">INT: Integer remainder modulo 1</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#INT_VACUOUS_BIT_OPERATION">INT: Vacuous bit mask operation on integer value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#INT_VACUOUS_COMPARISON">INT: Vacuous comparison of integer value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#MTIA_SUSPECT_SERVLET_INSTANCE_FIELD">MTIA: Class extends Servlet class and uses instance variables</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#MTIA_SUSPECT_STRUTS_INSTANCE_FIELD">MTIA: Class extends Struts Action class and uses instance variables</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_DEREFERENCE_OF_READLINE_VALUE">NP: Dereference of the result of readLine() without nullcheck</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_IMMEDIATE_DEREFERENCE_OF_READLINE">NP: Immediate dereference of the result of readLine()</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_LOAD_OF_KNOWN_NULL_VALUE">NP: Load of known null value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP: Method tightens nullness annotation on parameter</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE">NP: Possible null pointer dereference on branch that might be infeasible</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE">NP: Parameter must be nonnull but is marked as nullable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NP_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">NP: Read of unwritten public or protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#NS_DANGEROUS_NON_SHORT_CIRCUIT">NS: Potentially dangerous use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#NS_NON_SHORT_CIRCUIT">NS: Questionable use of non-short-circuit logic</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#PZLA_PREFER_ZERO_LENGTH_ARRAYS">PZLA: Consider returning a zero length array rather than null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#QF_QUESTIONABLE_FOR_LOOP">QF: Complicated, subtle or wrong increment in for-loop </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE">RCN: Redundant comparison of non-null value to null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_COMPARISON_TWO_NULL_VALUES">RCN: Redundant comparison of two null values</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE">RCN: Redundant nullcheck of value known to be non-null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN: Redundant nullcheck of value known to be null</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#REC_CATCH_EXCEPTION">REC: Exception is caught when Exception is not thrown</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_CHECK_FOR_POSITIVE_INDEXOF">RV: Method checks to see if result of String.indexOf is positive</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_DONT_JUST_NULL_CHECK_READLINE">RV: Method discards result of readLine after checking if it is nonnull</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_REM_OF_HASHCODE">RV: Remainder of hashCode could be negative</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#RV_REM_OF_RANDOM_INT">RV: Remainder of 32-bit signed random integer</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#RV_RETURN_VALUE_IGNORED_INFERRED">RV: Method ignores return value, is this OK?</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_FIELD_DOUBLE_ASSIGNMENT">SA: Double assignment of field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SA_LOCAL_DOUBLE_ASSIGNMENT">SA: Double assignment of local variable </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SA_LOCAL_SELF_ASSIGNMENT">SA: Self assignment of local variable</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SF_SWITCH_FALLTHROUGH">SF: Switch statement found where one case falls through to the next case</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SF_SWITCH_NO_DEFAULT">SF: Switch statement found where default case is missing</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: Private readResolve method not inherited by subclasses</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS">Se: Transient field of class that isn't Serializable. </a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_ALWAYS_SINK">TQ: Value required to have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#TQ_EXPLICIT_UNKNOWN_SOURCE_VALUE_REACHES_NEVER_SINK">TQ: Value required to not have type qualifier, but marked as unknown</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#UCF_USELESS_CONTROL_FLOW">UCF: Useless control flow</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UCF_USELESS_CONTROL_FLOW_NEXT_LINE">UCF: Useless control flow to next line</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UUF_UNUSED_PUBLIC_OR_PROTECTED_FIELD">UuF: Unused public or protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR">UwF: Field not initialized in constructor but dereferenced without null check</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#eeeeee"><td><a href="#UWF_UNWRITTEN_PUBLIC_OR_PROTECTED_FIELD">UwF: Unwritten public or protected field</a></td><td>Dodgy code</td></tr>
+<tr bgcolor="#ffffff"><td><a href="#XFB_XML_FACTORY_BYPASS">XFB: Method directly allocates a specific implementation of xml interfaces</a></td><td>Dodgy code</td></tr>
</table>
<h2>Descriptions</h2>
-<h3><a name="AM_CREATES_EMPTY_JAR_FILE_ENTRY">AM: Creates an empty jar file entry (AM_CREATES_EMPTY_JAR_FILE_ENTRY)</a></h3>
-
-
-<p>The code calls <code>putNextEntry()</code>, immediately
-followed by a call to <code>closeEntry()</code>. This results
-in an empty JarFile entry. The contents of the entry
-should be written to the JarFile between the calls to
-<code>putNextEntry()</code> and
-<code>closeEntry()</code>.</p>
-
-
-<h3><a name="AM_CREATES_EMPTY_ZIP_FILE_ENTRY">AM: Creates an empty zip file entry (AM_CREATES_EMPTY_ZIP_FILE_ENTRY)</a></h3>
-
-
-<p>The code calls <code>putNextEntry()</code>, immediately
-followed by a call to <code>closeEntry()</code>. This results
-in an empty ZipFile entry. The contents of the entry
-should be written to the ZipFile between the calls to
-<code>putNextEntry()</code> and
-<code>closeEntry()</code>.</p>
-
-
<h3><a name="BC_EQUALS_METHOD_SHOULD_WORK_FOR_ALL_OBJECTS">BC: Equals method should not assume anything about the type of its argument (BC_EQUALS_METHOD_SHOULD_WORK_FOR_ALL_OBJECTS)</a></h3>
@@ -492,9 +474,9 @@
<h3><a name="BIT_SIGNED_CHECK">BIT: Check for sign of bitwise operation (BIT_SIGNED_CHECK)</a></h3>
-<p> This method compares an expression such as
+<p> This method compares an expression such as</p>
<pre>((event.detail & SWT.SELECTED) > 0)</pre>.
-Using bit arithmetic and then comparing with the greater than operator can
+<p>Using bit arithmetic and then comparing with the greater than operator can
lead to unexpected results (of course depending on the value of
SWT.SELECTED). If SWT.SELECTED is a negative number, this is a candidate
for a bug. Even when SWT.SELECTED is not negative, it seems good practice
@@ -661,15 +643,15 @@
(i.e., a class that is neither a supertype nor subtype of the class that defines
the equals method). For example, the Foo class might have an equals method
that looks like:
-
-<p><code><pre>
+</p>
+<pre>
public boolean equals(Object o) {
if (o instanceof Foo)
return name.equals(((Foo)o).name);
else if (o instanceof String)
return name.equals(o);
else return false;
-</pre></code></p>
+</pre>
<p>This is considered bad practice, as it makes it very hard to implement an equals method that
is symmetric and transitive. Without those properties, very unexpected behavoirs are possible.
@@ -843,10 +825,10 @@
than simple reference equality.)</p>
<p>If you don't think instances of this class will ever be inserted into a HashMap/HashTable,
the recommended <code>hashCode</code> implementation to use is:</p>
-<p><pre>public int hashCode() {
+<pre>public int hashCode() {
assert false : "hashCode not designed";
return 42; // any arbitrary constant will do
- }</pre></p>
+ }</pre>
<h3><a name="HE_INHERITS_EQUALS_USE_HASHCODE">HE: Class inherits equals() and uses Object.hashCode() (HE_INHERITS_EQUALS_USE_HASHCODE)</a></h3>
@@ -921,8 +903,8 @@
<h3><a name="JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS">JCIP: Fields of immutable classes should be final (JCIP_FIELD_ISNT_FINAL_IN_IMMUTABLE_CLASS)</a></h3>
- <p> The class is annotated with net.jcip.annotations.Immutable, and the rules for that annotation require
-that all fields are final.
+ <p> The class is annotated with net.jcip.annotations.Immutable or javax.annotation.concurrent.Immutable,
+ and the rules for those annotations require that all fields are final.
.</p>
@@ -1419,7 +1401,7 @@
<p>
This code is casting the result of calling <code>toArray()</code> on a collection
-to a type more specific than <code>Object[]</code>, as in:
+to a type more specific than <code>Object[]</code>, as in:</p>
<pre>
String[] getAsArray(Collection<String> c) {
return (String[]) c.toArray();
@@ -1540,9 +1522,9 @@
<h3><a name="BIT_SIGNED_CHECK_HIGH_BIT">BIT: Check for sign of bitwise operation (BIT_SIGNED_CHECK_HIGH_BIT)</a></h3>
-<p> This method compares an expression such as
+<p> This method compares an expression such as</p>
<pre>((event.detail & SWT.SELECTED) > 0)</pre>.
-Using bit arithmetic and then comparing with the greater than operator can
+<p>Using bit arithmetic and then comparing with the greater than operator can
lead to unexpected results (of course depending on the value of
SWT.SELECTED). If SWT.SELECTED is a negative number, this is a candidate
for a bug. Even when SWT.SELECTED is not negative, it seems good practice
@@ -1561,12 +1543,12 @@
get called when the event occurs.</p>
-<h3><a name="ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range 0..31 (ICAST_BAD_SHIFT_AMOUNT)</a></h3>
+<h3><a name="ICAST_BAD_SHIFT_AMOUNT">BSHIFT: 32 bit int shifted by an amount not in the range -31..31 (ICAST_BAD_SHIFT_AMOUNT)</a></h3>
<p>
The code performs shift of a 32 bit int by a constant amount outside
-the range 0..31.
+the range -31..31.
The effect of this is to use the lower 5 bits of the integer
value to decide how much to shift by (e.g., shifting by 40 bits is the same as shifting by 8 bits,
and shifting by 32 bits is the same as shifting by zero bits). This probably isn't what was expected,
@@ -1598,6 +1580,16 @@
So just return -1 rather than Integer.MIN_VALUE.
+<h3><a name="DLS_DEAD_LOCAL_INCREMENT_IN_RETURN">DLS: Useless increment in return statement (DLS_DEAD_LOCAL_INCREMENT_IN_RETURN)</a></h3>
+
+
+<p>This statement has a return such as <code>return x++;</code>.
+A postfix increment/decrement does not impact the value of the expression,
+so this increment/decrement has no effect.
+Please verify that this statement does the right thing.
+</p>
+
+
<h3><a name="DLS_DEAD_STORE_OF_CLASS_LITERAL">DLS: Dead store of class literal (DLS_DEAD_STORE_OF_CLASS_LITERAL)</a></h3>
@@ -1859,11 +1851,10 @@
<p> This class defines an equals method that always returns false. This means that an object is not equal to itself, and it is impossible to create useful Maps or Sets of this class. More fundamentally, it means
that equals is not reflexive, one of the requirements of the equals method.</p>
<p>The likely intended semantics are object identity: that an object is equal to itself. This is the behavior inherited from class <code>Object</code>. If you need to override an equals inherited from a different
-superclass, you can use use:
+superclass, you can use use:</p>
<pre>
public boolean equals(Object o) { return this == o; }
</pre>
-</p>
<h3><a name="EQ_ALWAYS_TRUE">Eq: equals method always returns true (EQ_ALWAYS_TRUE)</a></h3>
@@ -1993,7 +1984,6 @@
is required. At runtime, all of the arguments will be ignored
and the format string will be returned exactly as provided without any formatting.
</p>
-</p>
<h3><a name="VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED">FS: More arguments are passed than are actually used in the format string (VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED)</a></h3>
@@ -2117,7 +2107,7 @@
</pre>
-<h3><a name="ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: integral value cast to double and then passed to Math.ceil (ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL)</a></h3>
+<h3><a name="ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL">ICAST: Integral value cast to double and then passed to Math.ceil (ICAST_INT_CAST_TO_DOUBLE_PASSED_TO_CEIL)</a></h3>
<p>
@@ -2165,11 +2155,10 @@
<p> Class is a JUnit TestCase and defines a suite() method.
-However, the suite method needs to be declared as either
+However, the suite method needs to be declared as either</p>
<pre>public static junit.framework.Test suite()</pre>
or
<pre>public static junit.framework.TestSuite suite()</pre>
-</p>
<h3><a name="IJU_NO_TESTS">IJU: TestCase has no tests (IJU_NO_TESTS)</a></h3>
@@ -2351,7 +2340,7 @@
(except on forward paths involving runtime exceptions).
</p>
<p>Note that a check such as
- <code>if (x == null) throw new NullPointerException();</code
+ <code>if (x == null) throw new NullPointerException();</code>
is treated as a dereference of <code>x</code>.
@@ -2606,16 +2595,17 @@
</p>
-<h3><a name="RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." used for regular expression (RE_POSSIBLE_UNINTENDED_PATTERN)</a></h3>
+<h3><a name="RE_POSSIBLE_UNINTENDED_PATTERN">RE: "." or "|" used for regular expression (RE_POSSIBLE_UNINTENDED_PATTERN)</a></h3>
<p>
-A String function is being invoked and "." is being passed
+A String function is being invoked and "." or "|" is being passed
to a parameter that takes a regular expression as an argument. Is this what you intended?
For example
-s.replaceAll(".", "/") will return a String in which <em>every</em>
-character has been replaced by a / character,
-and s.split(".") <em>always</em> returns a zero length array of String.
+<li>s.replaceAll(".", "/") will return a String in which <em>every</em> character has been replaced by a '/' character
+<li>s.split(".") <em>always</em> returns a zero length array of String
+<li>"ab|cd".replaceAll("|", "/") will return "/a/b/|/c/d/"
+<li>"ab|cd".split("|") will return array with six (!) elements: [, a, b, |, c, d]
</p>
@@ -2964,6 +2954,23 @@
</p>
+<h3><a name="TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED">TQ: Value without a type qualifier used where a value is required to have that qualifier (TQ_UNKNOWN_VALUE_USED_WHERE_ALWAYS_STRICTLY_REQUIRED)</a></h3>
+
+
+ <p>
+ A value is being used in a way that requires the value be annotation with a type qualifier.
+ The type qualifier is strict, so the tool rejects any values that do not have
+ the appropriate annotation.
+ </p>
+
+ <p>
+ To coerce a value to have a strict annotation, define an identity function where the return value is annotated
+ with the strict annotation.
+ This is the only way to turn a non-annotated value into a value with a strict type qualifier annotation.
+ </p>
+
+
+
<h3><a name="UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS">UMAC: Uncallable method defined in anonymous class (UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS)</a></h3>
@@ -3014,7 +3021,7 @@
</p>
-<h3><a name="DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an array (DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY)</a></h3>
+<h3><a name="DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY">USELESS_STRING: Invocation of toString on an unnamed array (DMI_INVOKING_TOSTRING_ON_ANONYMOUS_ARRAY)</a></h3>
<p>
@@ -3082,22 +3089,22 @@
consider:
</p>
-<p><pre>public static void initLogging() throws Exception {
+<pre>public static void initLogging() throws Exception {
Logger logger = Logger.getLogger("edu.umd.cs");
logger.addHandler(new FileHandler()); // call to change logger configuration
logger.setUseParentHandlers(false); // another call to change logger configuration
-}</pre></p>
+}</pre>
<p>The logger reference is lost at the end of the method (it doesn't
escape the method), so if you have a garbage collection cycle just
after the call to initLogging, the logger configuration is lost
(because Logger only keeps weak references).</p>
-<p><pre>public static void main(String[] args) throws Exception {
+<pre>public static void main(String[] args) throws Exception {
initLogging(); // adds a file handler to the logger
System.gc(); // logger configuration lost
Logger.getLogger("edu.umd.cs").info("Some message"); // this isn't logged to the file as expected
-}</pre></p>
+}</pre>
<p><em>Ulf Ochsenfahrt and Eric Fellheimer</em></p>
@@ -3382,7 +3389,7 @@
<h3><a name="DL_SYNCHRONIZATION_ON_BOOLEAN">DL: Synchronization on Boolean (DL_SYNCHRONIZATION_ON_BOOLEAN)</a></h3>
- <p> The code synchronizes on a boxed primitive constant, such as an Boolean.
+ <p> The code synchronizes on a boxed primitive constant, such as an Boolean.</p>
<pre>
private static Boolean inited = Boolean.FALSE;
...
@@ -3394,7 +3401,6 @@
}
...
</pre>
-</p>
<p>Since there normally exist only two Boolean objects, this code could be synchronizing on the same object as other, unrelated code, leading to unresponsiveness
and possible deadlock</p>
<p>See CERT <a href="https://www.securecoding.cert.org/confluence/display/java/CON08-J.+Do+not+synchronize+on+objects+that+may+be+reused">CON08-J. Do not synchronize on objects that may be reused</a> for more information.</p>
@@ -3403,7 +3409,7 @@
<h3><a name="DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE">DL: Synchronization on boxed primitive (DL_SYNCHRONIZATION_ON_BOXED_PRIMITIVE)</a></h3>
- <p> The code synchronizes on a boxed primitive constant, such as an Integer.
+ <p> The code synchronizes on a boxed primitive constant, such as an Integer.</p>
<pre>
private static Integer count = 0;
...
@@ -3412,7 +3418,6 @@
}
...
</pre>
-</p>
<p>Since Integer objects can be cached and shared,
this code could be synchronizing on the same object as other, unrelated code, leading to unresponsiveness
and possible deadlock</p>
@@ -3422,26 +3427,25 @@
<h3><a name="DL_SYNCHRONIZATION_ON_SHARED_CONSTANT">DL: Synchronization on interned String (DL_SYNCHRONIZATION_ON_SHARED_CONSTANT)</a></h3>
- <p> The code synchronizes on interned String.
+ <p> The code synchronizes on interned String.</p>
<pre>
private static String LOCK = "LOCK";
...
synchronized(LOCK) { ...}
...
</pre>
-</p>
<p>Constant Strings are interned and shared across all other classes loaded by the JVM. Thus, this could
is locking on something that other code might also be locking. This could result in very strange and hard to diagnose
blocking and deadlock behavior. See <a href="http://www.javalobby.org/java/forums/t96352.html">http://www.javalobby.org/java/forums/t96352.html</a> and <a href="http://jira.codehaus.org/browse/JETTY-352">http://jira.codehaus.org/browse/JETTY-352</a>.
-<p>See CERT <a href="https://www.securecoding.cert.org/confluence/display/java/CON08-J.+Do+not+synchronize+on+objects+that+may+be+reused">CON08-J. Do not synchronize on objects that may be reused</a> for more information.</p>
</p>
+<p>See CERT <a href="https://www.securecoding.cert.org/confluence/display/java/CON08-J.+Do+not+synchronize+on+objects+that+may+be+reused">CON08-J. Do not synchronize on objects that may be reused</a> for more information.</p>
<h3><a name="DL_SYNCHRONIZATION_ON_UNSHARED_BOXED_PRIMITIVE">DL: Synchronization on boxed primitive values (DL_SYNCHRONIZATION_ON_UNSHARED_BOXED_PRIMITIVE)</a></h3>
<p> The code synchronizes on an apparently unshared boxed primitive,
-such as an Integer.
+such as an Integer.</p>
<pre>
private static final Integer fileLock = new Integer(1);
...
@@ -3450,11 +3454,11 @@
}
...
</pre>
-</p>
-<p>It would be much better, in this code, to redeclare fileLock as
+<p>It would be much better, in this code, to redeclare fileLock as</p>
<pre>
private static final Object fileLock = new Object();
</pre>
+<p>
The existing code might be OK, but it is confusing and a
future refactoring, such as the "Remove Boxing" refactoring in IntelliJ,
might replace this with the use of an interned Integer object shared
@@ -3504,6 +3508,7 @@
</p>
<ul>
<li> The class contains a mix of locked and unlocked accesses,</li>
+ <li> The class is <b>not</b> annotated as javax.annotation.concurrent.NotThreadSafe,</li>
<li> At least one locked access was performed by one of the class's own methods, and</li>
<li> The number of unsynchronized field accesses (reads and writes) was no more than
one third of all accesses, with writes being weighed twice as high as reads</li>
@@ -3527,8 +3532,8 @@
<h3><a name="IS_FIELD_NOT_GUARDED">IS: Field not guarded against concurrent access (IS_FIELD_NOT_GUARDED)</a></h3>
- <p> This field is annotated with net.jcip.annotations.GuardedBy,
-but can be accessed in a way that seems to violate the annotation.</p>
+ <p> This field is annotated with net.jcip.annotations.GuardedBy or javax.annotation.concurrent.GuardedBy,
+but can be accessed in a way that seems to violate those annotations.</p>
<h3><a name="JLM_JSR166_LOCK_MONITORENTER">JLM: Synchronization performed on Lock (JLM_JSR166_LOCK_MONITORENTER)</a></h3>
@@ -3608,9 +3613,8 @@
gets a lock on the referenced object, not on the field. This may not
provide the mutual exclusion you need, and other threads might
be obtaining locks on the referenced objects (for other purposes). An example
-of this pattern would be:
-
-<p><pre>
+of this pattern would be:</p>
+<pre>
private Long myNtfSeqNbrCounter = new Long(0);
private Long getNotificationSequenceNumber() {
Long result = null;
@@ -3622,9 +3626,6 @@
}
</pre>
-
-</p>
-
<h3><a name="ML_SYNC_ON_UPDATED_FIELD">ML: Method synchronizes on an updated field (ML_SYNC_ON_UPDATED_FIELD)</a></h3>
@@ -3897,7 +3898,7 @@
<p>
This instance method synchronizes on <code>this.getClass()</code>. If this class is subclassed,
subclasses will synchronize on the class object for the subclass, which isn't likely what was intended.
- For example, consider this code from java.awt.Label:
+ For example, consider this code from java.awt.Label:</p>
<pre>
private static final String base = "label";
private static int nameCounter = 0;
@@ -3906,9 +3907,9 @@
return base + nameCounter++;
}
}
- </pre></p>
+ </pre>
<p>Subclasses of <code>Label</code> won't synchronize on the same subclass, giving rise to a datarace.
- Instead, this code should be synchronizing on <code>Label.class</code>
+ Instead, this code should be synchronizing on <code>Label.class</code></p>
<pre>
private static final String base = "label";
private static int nameCounter = 0;
@@ -3917,7 +3918,7 @@
return base + nameCounter++;
}
}
- </pre></p>
+ </pre>
<p>Bug pattern contributed by Jason Mehrens</p>
@@ -3970,6 +3971,13 @@
</p>
+<h3><a name="DM_BOXED_PRIMITIVE_FOR_PARSING">Bx: Boxing/unboxing to parse a primitive (DM_BOXED_PRIMITIVE_FOR_PARSING)</a></h3>
+
+
+ <p>A boxed primitive is created from a String, just to extract the unboxed primitive value.
+ It is more efficient to just call the static parseXXX method.</p>
+
+
<h3><a name="DM_BOXED_PRIMITIVE_TOSTRING">Bx: Method allocates a boxed primitive just to call toString (DM_BOXED_PRIMITIVE_TOSTRING)</a></h3>
@@ -4684,16 +4692,26 @@
</p>
-<h3><a name="IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Ambiguous invocation of either an inherited or outer method (IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD)</a></h3>
+<h3><a name="IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD">IA: Potentially ambiguous invocation of either an inherited or outer method (IA_AMBIGUOUS_INVOCATION_OF_INHERITED_OR_OUTER_METHOD)</a></h3>
- <p> An inner class is invoking a method that could be resolved to either a inherited method or a method defined in an outer class. By the Java semantics,
+ <p>
+An inner class is invoking a method that could be resolved to either a inherited method or a method defined in an outer class.
+For example, you invoke <code>foo(17)</code>, which is defined in both a superclass and in an outer method.
+By the Java semantics,
it will be resolved to invoke the inherited method, but this may not be want
-you intend. If you really intend to invoke the inherited method,
+you intend.
+</p>
+<p>If you really intend to invoke the inherited method,
invoke it by invoking the method on super (e.g., invoke super.foo(17)), and
thus it will be clear to other readers of your code and to FindBugs
that you want to invoke the inherited method, not the method in the outer class.
</p>
+<p>If you call <code>this.foo(17)</code>, then the inherited method will be invoked. However, since FindBugs only looks at
+classfiles, it
+can't tell the difference between an invocation of <code>this.foo(17)</code> and <code>foo(17)</code>, it will still
+complain about a potential ambiguous invocation.
+</p>
<h3><a name="IC_INIT_CIRCULARITY">IC: Initialization circularity (IC_INIT_CIRCULARITY)</a></h3>
@@ -4704,7 +4722,7 @@
behavior may arise from such circularity.</p>
-<h3><a name="ICAST_IDIV_CAST_TO_DOUBLE">ICAST: integral division result cast to double or float (ICAST_IDIV_CAST_TO_DOUBLE)</a></h3>
+<h3><a name="ICAST_IDIV_CAST_TO_DOUBLE">ICAST: Integral division result cast to double or float (ICAST_IDIV_CAST_TO_DOUBLE)</a></h3>
<p>
@@ -4735,26 +4753,22 @@
<p>
This code performs integer multiply and then converts the result to a long,
-as in:
-<code>
+as in:</p>
<pre>
long convertDaysToMilliseconds(int days) { return 1000*3600*24*days; }
-</pre></code>
+</pre>
+<p>
If the multiplication is done using long arithmetic, you can avoid
the possibility that the result will overflow. For example, you
-could fix the above code to:
-<code>
+could fix the above code to:</p>
<pre>
long convertDaysToMilliseconds(int days) { return 1000L*3600*24*days; }
-</pre></code>
+</pre>
or
-<code>
<pre>
static final long MILLISECONDS_PER_DAY = 24L*3600*1000;
long convertDaysToMilliseconds(int days) { return days * MILLISECONDS_PER_DAY; }
-</pre></code>
-</p>
-
+</pre>
<h3><a name="IM_AVERAGE_COMPUTATION_COULD_OVERFLOW">IM: Computation of average could overflow (IM_AVERAGE_COMPUTATION_COULD_OVERFLOW)</a></h3>
@@ -4859,6 +4873,23 @@
</p>
+<h3><a name="NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION">NP: Method tightens nullness annotation on parameter (NP_METHOD_PARAMETER_TIGHTENS_ANNOTATION)</a></h3>
+
+ <p>
+ A method should always implement the contract of a method it overrides. Thus, if a method takes a parameter
+ that is marked as @Nullable, you shouldn't override that method in a subclass with a method where that parameter is @Nonnull.
+ Doing so violates the contract that the method should handle a null parameter.
+ </p>
+
+<h3><a name="NP_METHOD_RETURN_RELAXING_ANNOTATION">NP: Method relaxes nullness annotation on return value (NP_METHOD_RETURN_RELAXING_ANNOTATION)</a></h3>
+
+ <p>
+ A method should always implement the contract of a method it overrides. Thus, if a method takes is annotated
+ as returning a @Nonnull value,
+ you shouldn't override that method in a subclass with a method annotated as returning a @Nullable or @CheckForNull value.
+ Doing so violates the contract that the method shouldn't return null.
+ </p>
+
<h3><a name="NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE">NP: Possible null pointer dereference due to return value of called method (NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE)</a></h3>
@@ -5003,6 +5034,16 @@
each of whose catch blocks is identical, but this construct also accidentally catches RuntimeException as well,
masking potential bugs.
</p>
+ <p>A better approach is to either explicitly catch the specific exceptions that are thrown,
+ or to explicitly catch RuntimeException exception, rethrow it, and then catch all non-Runtime Exceptions, as shown below:</p>
+ <pre>
+ try {
+ ...
+ } catch (RuntimeException e) {
+ throw e;
+ } catch (Exception e) {
+ ... deal with all non-runtime exceptions ...
+ }</pre>
<h3><a name="RI_REDUNDANT_INTERFACES">RI: Class implements same interface as superclass (RI_REDUNDANT_INTERFACES)</a></h3>
@@ -5136,6 +5177,8 @@
<p> This method contains a switch statement where default case is missing.
Usually you need to provide a default case.</p>
+ <p>Because the analysis only looks at the generated bytecode, this warning can be incorrect triggered if
+the default case is at the end of the switch statement and doesn't end with a break statement.
<h3><a name="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD">ST: Write to static field from instance method (ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD)</a></h3>
@@ -5147,7 +5190,7 @@
</p>
-<h3><a name="SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: private readResolve method not inherited by subclasses (SE_PRIVATE_READ_RESOLVE_NOT_INHERITED)</a></h3>
+<h3><a name="SE_PRIVATE_READ_RESOLVE_NOT_INHERITED">Se: Private readResolve method not inherited by subclasses (SE_PRIVATE_READ_RESOLVE_NOT_INHERITED)</a></h3>
<p> This class defines a private readResolve method. Since it is private, it won't be inherited by subclasses.
@@ -5217,7 +5260,7 @@
<h3><a name="URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD">UrF: Unread public/protected field (URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD)</a></h3>
- <p> This field is never read. 
+ <p> This field is never read.
The field is public or protected, so perhaps
it is intended to be used with classes not seen as part of the analysis. If not,
consider removing it from the class.</p>
diff --git a/doc/downloads.html b/doc/downloads.html
index 2741934..28bd639 100644
--- a/doc/downloads.html
+++ b/doc/downloads.html
@@ -57,46 +57,46 @@
<h1>FindBugs downloads</h1>
<p> This page contains links to downloads
-of Findbugs version 2.0.1,
-released on 19:56:04 EDT, 12 July, 2012. Download links
+of FindBugs version 2.0.3,
+released on 17:16:15 EST, 22 November, 2013. Download links
for all FindBugs versions and files
are <a href="http://sourceforge.net/project/showfiles.php?group_id=96405">available
on the sourceforge download page</a>.
<ul>
-<li>FindBugs tool (standard version with command line, ant, and Swing interfaces)
-<ul>
-<li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.tar.gz?download">findbugs-2.0.1.tar.gz</a>
-<li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.zip?download">findbugs-2.0.1.zip</a>
-
-<li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1-source.zip?download">findbugs-2.0.1-source.zip</a>
-</ul>
-<ul>
-<li>The following versions of FindBugs are pre-configured to disable <a href="updateChecking.html">checks for updated versions</a>
-of FindBugs, and
-the plugin tha allows communication with the FindBugs community cloud is disabled by default.
-Such configurations are appropriate in situations where it is important that no information about the use of FindBugs
-be disclosed outside of the organization where it is used.
-
-<ul>
-<li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-noUpdateChecks-2.0.1.tar.gz?download">findbugs-2.0.1.tar.gz</a>
-<li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-noUpdateChecks-2.0.1.zip?download">findbugs-2.0.1.zip</a>
-</ul>
-
-
-<li>Eclipse plugin for FindBugs version 2.0.1.20120712 (requires Eclipse 3.3 or later)
-<ul>
-<li><a href="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download">edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip</a>
-
-<li><a href="http://prdownloads.sourceforge.net/findbugs/eclipsePlugin-2.0.1.20120712-source.zip?download">eclipsePlugin-2.0.1.20120712-source.zip</a>
-</ul>
+ <li>
+ FindBugs tool (standard version with command line, ant, and Swing interfaces)
+ <ul>
+ <li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.tar.gz?download">findbugs-2.0.3.tar.gz</a></li>
+ <li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.zip?download">findbugs-2.0.3.zip</a></li>
+ <li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3-source.zip?download">findbugs-2.0.3-source.zip</a></li>
+ </ul>
+ </li>
+ <li>
+ The following versions of FindBugs are pre-configured to disable <a href="updateChecking.html">checks for updated versions</a>
+ of FindBugs, and
+ the plugin that allows communication with the FindBugs community cloud is disabled by default.
+ Such configurations are appropriate in situations where it is important that no information about the use of FindBugs
+ be disclosed outside of the organization where it is used.
+ <ul>
+ <li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-noUpdateChecks-2.0.3.tar.gz?download">findbugs-2.0.3.tar.gz</a></li>
+ <li><a href="http://prdownloads.sourceforge.net/findbugs/findbugs-noUpdateChecks-2.0.3.zip?download">findbugs-2.0.3.zip</a></li>
+ </ul>
+ </li>
+ <li>Eclipse plugin for FindBugs version 2.0.3.20131122 (requires Eclipse 3.6 or later)
+ <ul>
+<li><a href="http://sourceforge.net/projects/findbugs/files/findbugs%20eclipse%20plugin/2.0.3/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122-15020.zip/download">edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122-15020.zip</a>
+<li><a href="http://sourceforge.net/projects/findbugs/files/findbugs%20eclipse%20plugin/2.0.3/eclipsePlugin-2.0.3.20131122-15020-source.zip/download">
+eclipsePlugin-2.0.3.20131122-15020-source.zip/download</a>
+ </ul>
+ </li>
</ul>
The Eclipse plugin may also be obtained from one of the FindBugs Eclipse plugin update sites:
<ul>
-<li><a href="http://findbugs.cs.umd.edu/eclipse">http://findbugs.cs.umd.edu/eclipse</a> update site for official releases</li>
-<li><a href="http://findbugs.cs.umd.edu/eclipse-candidate">http://findbugs.cs.umd.edu/eclipse-candidate</a> update site for candidate releases and official releases</li>
-<li><a href="http://findbugs.cs.umd.edu/eclipse-daily">http://findbugs.cs.umd.edu/eclipse-daily</a> update site for all releases, including developmental ones</li>
+ <li><a href="http://findbugs.cs.umd.edu/eclipse">http://findbugs.cs.umd.edu/eclipse</a> update site for <b>official</b> releases</li>
+ <li><a href="http://findbugs.cs.umd.edu/eclipse-candidate">http://findbugs.cs.umd.edu/eclipse-candidate</a> update site for <b>candidate</b> releases and official releases</li>
+ <li><a href="http://findbugs.cs.umd.edu/eclipse-daily">http://findbugs.cs.umd.edu/eclipse-daily</a> update site for <b>all</b> releases, including developmental ones</li>
</ul>
diff --git a/doc/findbugs2.html b/doc/findbugs2.html
index c398cd8..fc4066d 100644
--- a/doc/findbugs2.html
+++ b/doc/findbugs2.html
@@ -105,7 +105,7 @@
basis.</li>
<li><code>fb</code> command - rather than using the rather haphazard collection of command line
scripts developed over the years for running various FindBugs commands, you can now use just
- one: <code>fb></code>.
+ one: <code>fb</code>.
<ul>
<li><code>fb analyze</code> - invokes the FindBugs analysis</li>
<li><code>fb gui</code> - launches the FindBugs GUI
@@ -131,7 +131,7 @@
particular, we've significantly improved both the accuracy and performance of the analysis of
type qualifiers.</li>
</ul>
-
+
<h2 id="cloud">Cloud storage of issue evaluations</h2>
<p>For many years, you could store evaluations of FindBugs issues within the XML containing the
analysis results. However, this approach did not work well for a team of distributed developers.
diff --git a/doc/index.html b/doc/index.html
index e89a7bc..111f6ef 100644
--- a/doc/index.html
+++ b/doc/index.html
@@ -77,27 +77,38 @@
a million times.
</p>
- <p>The current version of FindBugs is 2.0.1.</p>
+ <p>The current version of FindBugs is 2.0.3.</p>
<p>
FindBugs requires JRE (or JDK) 1.5.0 or later to run. However, it can analyze programs
- compiled for any version of Java, from 1.0 to 1.8. The current version of FindBugs is 2.0.1,
- released on 19:56:04 EDT, 12 July, 2012. <a href="reportingBugs.html">We are very interested in getting
+ compiled for any version of Java, from 1.0 to 1.7. Some classfiles compiled for Java 1.8 give
+ FindBugs problems, the next major release of FindBugs will handle Java 1.8 classfiles.
+
+ <p> The current version of FindBugs is 2.0.3,
+
+ released on 17:16:15 EST, 22 November, 2013. <a href="reportingBugs.html">We are very interested in getting
feedback on how to improve FindBugs</a>. File bug reports on <a
href="http://sourceforge.net/tracker/?func=browse&group_id=96405&atid=614693"> our
sourceforge bug tracker</a>
</p>
+ <p>The current version of FindBugs may encounter errors when analyzing
+ Java 1.8 bytecode, due to changes in the classfile format. After FindBugs 2.0.3
+ is released, work will start on the next major release of FindBugs, which will
+ be able to analyze Java 1.8 (and will require Java 1.7 to compile and run).
+
<p>
<a href="#changes">Changes</a> | <a href="#talks">Talks</a> | <a href="#papers">Papers </a> | <a
href="#sponsors">Sponsors</a> | <a href="#support">Support</a>
</p>
- <h1>FindBugs 2.0 Release</h1>
- <p>After many delays, we have released FindBugs 2.0. We are pretty happy and confident about the
- functionality, although we know the documentation of the changes in 2.0 is lacking. We decided that
- releasing 2.0 took precedence over fixing the documentation. Anyone currently using FindBugs 1.3.9
- should find FindBugs 2.0 to largely be a drop-in replacement that offers better accuracy and
- performance.</p>
+
+ <h1>FindBugs 2.0.3 Release</h1>
+ <p>FindBugs 2.0.3 is intended to be a minor bug fix release over
+ FindBugs 2.0.2. Although than some improvements to existing bug detectors
+ and analysis engines, and a few new bug patterns, and some
+ important bug fixes to the Eclipse plugin, no significant changes
+ should be observed. Consult the <a href="Changes.html">Change log</a>
+ for more details.</p>
<p>
Also check out <a href="http://code.google.com/p/findbugs/w/list">http://code.google.com/p/findbugs/w/list</a>
@@ -106,13 +117,13 @@
<h3>
- <a href="findbugs2.html">Major changes in FindBugs 2.0</a>
+ <a href="findbugs2.html">Major changes in FindBugs 2.0 (from FindBugs 1.3.x)</a>
</h3>
<ul>
<li><a href="findbugs2.html#cloud">FindBugs Communal cloud</a></li>
<li><a href="findbugs2.html#updateChecks">checks for updated versions of FindBugs</a></li>
<li><a href="findbugs2.html#plugins">Powerful plugin capabilities</a></li>
- <li><a href="findbugs2.html#newBugPatterns">new bug patterns</a>,
+ <li><a href="findbugs2.html#newBugPatterns">new bug patterns</a>,
including new/improved support for <a href="findbugs2.html#guava">Guava</a>
and <a href="findbugs2.html#jsr305">JSR-305</a>
</li>
@@ -146,18 +157,21 @@
<dd>
<a href="http://kenai.com/projects/sqe/pages/Home">SQE: Software Quality Environment</a>
</dd>
+ <dt><a href="https://wiki.jenkins-ci.org/display/JENKINS">Jenkins</a></dt>
+ <dd> <a href="https://wiki.jenkins-ci.org/display/JENKINS/FindBugs+Plugin">Jenkins FindBugs Plugin</a>
+
<dt>
<a href="http://wiki.hudson-ci.org/display/HUDSON/Home">Hudson</a>
</dt>
<dd>
- <a href="http://wiki.hudson-ci.org/display/HUDSON/FindBugs+Plugin">http://wiki.hudson-ci.org/display/HUDSON/FindBugs+Plugin</a>
+ <a href="http://wiki.hudson-ci.org/display/HUDSON/FindBugs+Plugin"> HUDSON FindBugs Plugin</a>
</dd>
<dt>
<a href="http://www.jetbrains.com/idea/">IntelliJ</a>
</dt>
<dd>
Several plugins, see <a href="http://code.google.com/p/findbugs/wiki/IntellijFindBugsPlugins">http://code.google.com/p/findbugs/wiki/IntellijFindBugsPlugins</a>
- for a descrption.
+ for a description.
</dd>
</dl>
@@ -165,6 +179,17 @@
<h1>New</h1>
<ul>
+
+ <li>jFormatString library republished at
+ <a href="http://code.google.com/p/j-format-string">http://code.google.com/p/j-format-string</a>.
+ This is the library we use for compile time checking of format strings. It is separately published to
+
+ <li>We're releasing FindBugs 2.0.3.
+
+ Mostly small changes to address false positives, with one important fix to the Eclipse plugin
+ to fix a problem that had prevented the plugin from running in some versions of Eclipse.
+ Check the <a href="Changes.html">change log</a> for more details.
+
<li>We've released <a href="findbugs2.html">FindBugs 2.0</a>
</li>
<li>FindBugs communal cloud and Java web start links:. We have analyzed several large open
@@ -184,13 +209,14 @@
<h1>Experience with FindBugs</h1>
+ <ul>
<li><b>Google FindBugs Fixit</b>: Google has a tradition of <a
href="http://www.nytimes.com/2007/10/21/jobs/21pre.html">engineering fixits</a>, special days where
they try to get all of their engineers focused on some specific problem or technique for improving
the systems at Google. A fixit might work to improve web accessibility, internal testing, removing
TODO's from internal software, etc.
- <p>On May 13-14, Google held a global fixit for UMD's FindBugs tool a static analysis tool for
+ <p>In 2009, Google held a global fixit for UMD's FindBugs tool a static analysis tool for
finding coding mistakes in Java software. The focus of the fixit was to get feedback on the
4,000 highest confidence issues found by FindBugs at Google, and let Google engineers decide
which issues, if any, needed fixing.</p>
@@ -213,17 +239,20 @@
having to provide their own review first. These capabilities have all been contributed to UMD's
open source FindBugs tool, although a fair bit of engineering remains to prepare the
capabilities for general release and make sure they can integrate into systems outside of
- Google. The new capabilities are expected to be ready for general release in Fall 2009.</p></li>
- <ul></ul>
+ Google. The new capabilities are expected to be ready for general release in Fall 2009.</p>
+ </li>
+ </ul>
<h2>
<a name="talks">Talks about FindBugs</a>
</h2>
<ul>
- <p>
+ <li>
<a href="http://www.cs.umd.edu/~pugh/MistakesThatMatter.pdf">Mistakes That Matter</a>, JavaOne,
2009
- </p>
+ </li>
+ <li><a href="http://youtu.be/jflQSFhYTEo?hd=1">Youtube video</a> showing of demo
+ of our 2.0 Eclipse plugin (5 minutes)</li>
<li><a href="http://findbugs.cs.umd.edu/talks/findbugs.mov">Quicktime movie</a> showing of demo
of our new GUI to view some of the null pointer bugs in Eclipse (Big file warning: 23 Megabytes)</li>
<li><a href="http://findbugs.cs.umd.edu/talks/JavaOne2007-TS2007.pdf">JavaOne 2007 talk on
@@ -250,11 +279,11 @@
SIGPLAN-SIGSOFT Workshop on Program Analysis for Software Tools and Engineering</a>, June, 2007</li>
<li><a href="http://findbugs.cs.umd.edu/papers/FindBugsExperiences07.pdf">Evaluating Static
Analysis Defect Warnings On Production Software,</a> <a href="http://www.cs.umd.edu/~nat/">Nathaniel
- Ayewah and <a href="http://www.cs.umd.edu/~pugh/">William Pugh</a>, Univ. of Maryland, and
+ Ayewah</a> and <a href="http://www.cs.umd.edu/~pugh/">William Pugh</a>, Univ. of Maryland, and
J. David Morgenthaler, John Penix and YuQian Zhou, Google, Inc., <a
href="http://paste07.cs.washington.edu/">7th ACM SIGPLAN-SIGSOFT Workshop on Program
Analysis for Software Tools and Engineering</a>, June, 2007
- </a></li>
+ </li>
</ul>
<h1>
@@ -265,8 +294,7 @@
href="http://www.cs.umd.edu/~pugh">Bill Pugh</a> and <a
href="http://andrei.gmxhome.de/privat.html">Andrey Loskutov</a>.
</p>
- <p>Current funding for FindBugs comes from a Google Faculty Research Awards. We'd be interested in
- any offers of support or sponsorship.</p>
+ <p>The most recent funding for FindBugs comes from a Google Faculty Research Awards.</p>
<h2>
<a name="support">Additional Support</a>
</h2>
@@ -293,6 +321,7 @@
</p>
<p>Any opinions, findings and conclusions or recommendations expressed in this material are those of
the author(s) and do not necessarily reflect the views of the National Science Foundation (NSF).
+ </p>
<hr> <p>
<script language="JavaScript" type="text/javascript">
@@ -302,7 +331,7 @@
</script>
<p> Send comments to <a class="sidebar" href="mailto:findbugs@cs.umd.edu">findbugs@cs.umd.edu</a>
<p>
-<A href="http://sourceforge.net"><IMG src="http://sourceforge.net/sflogo.php?group_id=96405&type=5" width="210" height="62" border="0" alt="SourceForge.net Logo" /></A></p>
+<A href="http://sourceforge.net"><IMG src="http://sourceforge.net/sflogo.php?group_id=96405&type=5" width="210" height="62" border="0" alt="SourceForge.net Logo" /></A>
</td>
</tr>
</table>
diff --git a/doc/ja/manual/building.html b/doc/ja/manual/building.html
index 0b0cff7..299264f 100644
--- a/doc/ja/manual/building.html
+++ b/doc/ja/manual/building.html
@@ -1,13 +1,13 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>第3章 FindBugs™ のソールからのビルド</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="installing.html" title="第2章 FindBugs™ のインストール"><link rel="next" href="running.html" title="第4章 FindBugs™ の実行"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第3章 <span class="application">FindBugs</span>™ のソールからのビルド</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="installing.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="running.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第3章 FindBugs™ のソールからのビルド"><div class="titlepage"><div><div><h2 class="title"><a name="building"></a>第3章 <span class="application">FindBugs</span>™ のソールからのビルド</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="building.html#d0e175">1. 前提条件</a></span></dt><dt><span class="sect1"><a href="building.html#d0e258">2. ソース配布物の展開</a></span></dt><dt><span class="sect1"><a href="building.html#d0e271">3. <code class="filename">local.properties</code> の修正</a></span></dt><dt><span class="sect1"><a href="building.html#d0e326">4. <span class="application">Ant</span> の実行</a></span></dt><dt><span class="sect1"><a href="building.html#d0e420">5. ソースディレクトリーからの <span class="application">FindBugs</span>™ の実行</a></span></dt></dl></div><p>この章では、 <span class="application">FindBugs</span> をソースコードからビルドする方法を説明します。<span class="application">FindBugs</span> を修正することに興味がないのであれば、 <a class="link" href="running.html" title="第4章 FindBugs™ の実行">次の章</a> に進んでください。</p><div class="sect1" title="1. 前提条件"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e175"></a>1. 前提条件</h2></div></div></div><p>ソースから <span class="application">FindBugs</span> をコンパイルするためには、以下のものが必要です。</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1-source.zip?download" target="_top"><span class="application">FindBugs</span> のソース配布物</a>
+ <title>第3章 FindBugs™ のソールからのビルド</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="installing.html" title="第2章 FindBugs™ のインストール"><link rel="next" href="running.html" title="第4章 FindBugs™ の実行"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第3章 <span class="application">FindBugs</span>™ のソールからのビルド</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="installing.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="running.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第3章 FindBugs™ のソールからのビルド"><div class="titlepage"><div><div><h2 class="title"><a name="building"></a>第3章 <span class="application">FindBugs</span>™ のソールからのビルド</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="building.html#d0e175">1. 前提条件</a></span></dt><dt><span class="sect1"><a href="building.html#d0e258">2. ソース配布物の展開</a></span></dt><dt><span class="sect1"><a href="building.html#d0e271">3. <code class="filename">local.properties</code> の修正</a></span></dt><dt><span class="sect1"><a href="building.html#d0e326">4. <span class="application">Ant</span> の実行</a></span></dt><dt><span class="sect1"><a href="building.html#d0e420">5. ソースディレクトリーからの <span class="application">FindBugs</span>™ の実行</a></span></dt></dl></div><p>この章では、 <span class="application">FindBugs</span> をソースコードからビルドする方法を説明します。<span class="application">FindBugs</span> を修正することに興味がないのであれば、 <a class="link" href="running.html" title="第4章 FindBugs™ の実行">次の章</a> に進んでください。</p><div class="sect1" title="1. 前提条件"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e175"></a>1. 前提条件</h2></div></div></div><p>ソースから <span class="application">FindBugs</span> をコンパイルするためには、以下のものが必要です。</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3-source.zip?download" target="_top"><span class="application">FindBugs</span> のソース配布物</a>
</p></li><li class="listitem"><p>
<a class="ulink" href="http://java.sun.com/j2se/" target="_top">JDK 1.5.0 ベータ またはそれ以降</a>
</p></li><li class="listitem"><p>
<a class="ulink" href="http://ant.apache.org/" target="_top">Apache <span class="application">Ant</span></a>, バージョン 1.6.3 またはそれ以降</p></li></ul></div><p>
</p><div class="warning" title="警告" style="margin-left: 0.5in; margin-right: 0.5in;"><table border="0" summary="Warning"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[警告]" src="warning.png"></td><th align="left">警告</th></tr><tr><td align="left" valign="top"><p>Redhat Linux システムの <code class="filename">/usr/bin/ant</code> に同梱されている <span class="application">Ant</span> のバージョンでは、 <span class="application">FindBugs</span> のコンパイルは<span class="emphasis"><em>うまくできません</em></span>。<a class="ulink" href="http://ant.apache.org/" target="_top"><span class="application">Ant</span> web サイト</a>からバイナリ配布物をダウンロードしてインストールすることを推奨します。<span class="application">Ant</span> を実行する場合は、 環境変数 <em class="replaceable"><code>JAVA_HOME</code></em> が JDK 1.5 (またはそれ以降)をインストールしたディレクトリーを指していることを確認してください。</p></td></tr></table></div><p>体裁の整った <span class="application">FindBugs</span> のドキュメントを生成したい場合は、以下のソフトウェアも必要となります:</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><a class="ulink" href="http://docbook.sourceforge.net/projects/xsl/index.html" target="_top">DocBook XSL スタイルシート</a>。<span class="application">FindBugs</span> のマニュアルを HTML に変換するのに必要です。</p></li><li class="listitem"><p><a class="ulink" href="http://saxon.sourceforge.net/" target="_top"><span class="application">Saxon</span> XSLT プロセッサー</a>。(同様に、 <span class="application">FindBugs</span> のマニュアルを HTML に変換するのに必要です。)</p></li></ul></div><p>
</p></div><div class="sect1" title="2. ソース配布物の展開"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e258"></a>2. ソース配布物の展開</h2></div></div></div><p>ソース配布物をダウンロードした後に、それを作業用ディレクトリーに展開する必要があります。通常は、次のようなコマンドで展開を行います:</p><pre class="screen">
-<code class="prompt">$ </code><span class="command"><strong>unzip findbugs-2.0.1-source.zip</strong></span>
+<code class="prompt">$ </code><span class="command"><strong>unzip findbugs-2.0.3-source.zip</strong></span>
</pre><p>
</p></div><div class="sect1" title="3. local.properties の修正"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e271"></a>3. <code class="filename">local.properties</code> の修正</h2></div></div></div><p>FindBugs のドキュメントをビルドするためには、 <code class="filename">local.properties</code> ファイルを修正する必要があります。このファイルは、 <span class="application">FindBugs</span> をビルドする際に <a class="ulink" href="http://ant.apache.org/" target="_top"><span class="application">Ant</span></a> <code class="filename">build.xml</code> ファイルが参照します。FindBugs のドキュメントをビルドしない場合は、このファイルは無視してもかまいません。</p><p><code class="filename">local.properties</code> での定義は、 <code class="filename">build.properties</code> ファイルでの定義に優先します。<code class="filename">build.properties</code> は次のような内容です:</p><pre class="programlisting">
diff --git a/doc/ja/manual/eclipse.html b/doc/ja/manual/eclipse.html
index 4fbb745..d1bc7f1 100644
--- a/doc/ja/manual/eclipse.html
+++ b/doc/ja/manual/eclipse.html
@@ -1,3 +1,3 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>第7章 FindBugs™ Eclipse プラグインの使用方法</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="anttask.html" title="第6章 FindBugs™ Ant タスクの使用方法"><link rel="next" href="filter.html" title="第8章 フィルターファイル"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第7章 <span class="application">FindBugs</span>™ Eclipse プラグインの使用方法</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="anttask.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="filter.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第7章 FindBugs™ Eclipse プラグインの使用方法"><div class="titlepage"><div><div><h2 class="title"><a name="eclipse"></a>第7章 <span class="application">FindBugs</span>™ Eclipse プラグインの使用方法</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="eclipse.html#d0e1604">1. 必要条件</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1611">2. インストール</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1658">3. プラグインの使用方法</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1681">4. トラブルシューティング</a></span></dt></dl></div><p>FindBugs Eclipse プラグインを使用することによって、 <span class="application">FindBugs</span> を <a class="ulink" href="http://www.eclipse.org/" target="_top">Eclipse</a> IDE で使用することができるようになります。このFindBugs Eclipse プラグインは、 Peter Friese 氏の多大な貢献によるものです。Phil Crosby 氏 と Andrei Loskutov 氏は、プラグインの重要な改良に貢献しました。</p><div class="sect1" title="1. 必要条件"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1604"></a>1. 必要条件</h2></div></div></div><p><span class="application">FindBugs</span> Eclipse Plugin を使用するためには、 Eclipse 3.3 あるいはそれ以降のバージョン、また、 JRE/JDK 1.5 あるいはそれ以降のバージョンが必要です。</p></div><div class="sect1" title="2. インストール"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1611"></a>2. インストール</h2></div></div></div><p>更新サイトが提供されています。更新サイトを利用して、機械的に FindBugs を Eclipse にインストールできます。また自動的に、最新版のアップデートを照会してインストールすることもできます。内容の異なる 3 つの更新サイトが存在します。</p><div class="variablelist" title="FindBugs Eclipse 更新サイト一覧"><p class="title"><b>FindBugs Eclipse 更新サイト一覧</b></p><dl><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse/" target="_top">http://findbugs.cs.umd.edu/eclipse/</a></span></dt><dd><p>FindBugs の公式リリース物を提供します。</p></dd><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse-candidate/" target="_top">http://findbugs.cs.umd.edu/eclips-candidate/</a></span></dt><dd><p>FindBugsの公式リリース物に加えて、公式リリース候補版を提供します。</p></dd><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse-daily/" target="_top">http://findbugs.cs.umd.edu/eclipse-daily/</a></span></dt><dd><p>FindBugsの日次ビルド物を提供します。コンパイルができること以上のテストは行われていません。</p></dd></dl></div><p>また、次に示すリンクから手動でプラグインをダウンロードすることもできます : <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download" target="_top">http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download</a>. 展開して Eclipse の「plugins」サブディレクトリーに入れてください。(そうすると、 <eclipse インストールディレクトリー >/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712/findbugs.png が <span class="application">FindBugs</span> のロゴファイルへのパスになるはずです。)</p><p>プラグインの展開ができたら、 Eclipse を起動して <span class="guimenu">Help</span> → <span class="guimenuitem">About Eclipse Platform</span> → <span class="guimenuitem">Plug-in Details</span> を選択してください。「FindBugs Project」から提供された「FindBugs Plug-in」というプラグインがあることを確認してください。</p></div><div class="sect1" title="3. プラグインの使用方法"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1658"></a>3. プラグインの使用方法</h2></div></div></div><p>実行するには、 Java プロジェクト上で右クリックして「Find Bugs」を選択します。<span class="application">FindBugs</span> が実行されて、バグパターンの実例の可能性があると識別されたコード箇所に問題マーカーがつきます。 (ソース画面および Eclipse 問題ビューに表示されます。)</p><p>Java プロジェクトのプロパティーダイアログを開いて「Findbugs」プロパティーページを選択することで、 <span class="application">FindBugs</span> の動作をカスタマイズすることができます。選択できる項目には次のようなものがあります :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>「Run FindBugs Automatically」チェックボックスの設定。チェックすると、プロジェクト内の Java クラスが修正されるたびに FindBugs が実行されます。</p></li><li class="listitem"><p>優先度とバグカテゴリーの選択。これらのオプションは、どの警告を表示するかを選択します。例えば、優先度で 「Medium」 を選択すると、優先度 (中) および優先度 (高) の警告のみが表示されます。同様に、「Style」チェックボックスのチェックマークを外すと、Style カテゴリーに属する警告は表示されません。</p></li><li class="listitem"><p>ディテクタの選択。表からプロジェクトで有効にしたいディテクタを選択することができます。</p></li></ul></div></div><div class="sect1" title="4. トラブルシューティング"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1681"></a>4. トラブルシューティング</h2></div></div></div><p><span class="application">FindBugs</span> Eclipse プラグインは、まだ実験段階です。このセクションでは、プラグインに関する一般的な問題と (判明していれば) それらの問題の解決方法を記述します。</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><span class="application">FindBugs</span> 問題マーカーが (ソース画面および問題ビューに) 表示されない場合は、問題ビューのフィルター設定を変更してください。詳細情報は <a class="ulink" href="http://findbugs.sourceforge.net/FAQ.html#q7" target="_top">http://findbugs.sourceforge.net/FAQ.html#q7</a> を参照してください。</p></li></ul></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="anttask.html">戻る</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="filter.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top">第6章 <span class="application">FindBugs</span>™ <span class="application">Ant</span> タスクの使用方法 </td><td width="20%" align="center"><a accesskey="h" href="index.html">ホーム</a></td><td width="40%" align="right" valign="top"> 第8章 フィルターファイル</td></tr></table></div></body></html>
\ No newline at end of file
+ <title>第7章 FindBugs™ Eclipse プラグインの使用方法</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="anttask.html" title="第6章 FindBugs™ Ant タスクの使用方法"><link rel="next" href="filter.html" title="第8章 フィルターファイル"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第7章 <span class="application">FindBugs</span>™ Eclipse プラグインの使用方法</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="anttask.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="filter.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第7章 FindBugs™ Eclipse プラグインの使用方法"><div class="titlepage"><div><div><h2 class="title"><a name="eclipse"></a>第7章 <span class="application">FindBugs</span>™ Eclipse プラグインの使用方法</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="eclipse.html#d0e1604">1. 必要条件</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1611">2. インストール</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1658">3. プラグインの使用方法</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1681">4. トラブルシューティング</a></span></dt></dl></div><p>FindBugs Eclipse プラグインを使用することによって、 <span class="application">FindBugs</span> を <a class="ulink" href="http://www.eclipse.org/" target="_top">Eclipse</a> IDE で使用することができるようになります。このFindBugs Eclipse プラグインは、 Peter Friese 氏の多大な貢献によるものです。Phil Crosby 氏 と Andrei Loskutov 氏は、プラグインの重要な改良に貢献しました。</p><div class="sect1" title="1. 必要条件"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1604"></a>1. 必要条件</h2></div></div></div><p><span class="application">FindBugs</span> Eclipse Plugin を使用するためには、 Eclipse 3.3 あるいはそれ以降のバージョン、また、 JRE/JDK 1.5 あるいはそれ以降のバージョンが必要です。</p></div><div class="sect1" title="2. インストール"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1611"></a>2. インストール</h2></div></div></div><p>更新サイトが提供されています。更新サイトを利用して、機械的に FindBugs を Eclipse にインストールできます。また自動的に、最新版のアップデートを照会してインストールすることもできます。内容の異なる 3 つの更新サイトが存在します。</p><div class="variablelist" title="FindBugs Eclipse 更新サイト一覧"><p class="title"><b>FindBugs Eclipse 更新サイト一覧</b></p><dl><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse/" target="_top">http://findbugs.cs.umd.edu/eclipse/</a></span></dt><dd><p>FindBugs の公式リリース物を提供します。</p></dd><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse-candidate/" target="_top">http://findbugs.cs.umd.edu/eclips-candidate/</a></span></dt><dd><p>FindBugsの公式リリース物に加えて、公式リリース候補版を提供します。</p></dd><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse-daily/" target="_top">http://findbugs.cs.umd.edu/eclipse-daily/</a></span></dt><dd><p>FindBugsの日次ビルド物を提供します。コンパイルができること以上のテストは行われていません。</p></dd></dl></div><p>また、次に示すリンクから手動でプラグインをダウンロードすることもできます : <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download" target="_top">http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download</a>. 展開して Eclipse の「plugins」サブディレクトリーに入れてください。(そうすると、 <eclipse インストールディレクトリー >/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122/findbugs.png が <span class="application">FindBugs</span> のロゴファイルへのパスになるはずです。)</p><p>プラグインの展開ができたら、 Eclipse を起動して <span class="guimenu">Help</span> → <span class="guimenuitem">About Eclipse Platform</span> → <span class="guimenuitem">Plug-in Details</span> を選択してください。「FindBugs Project」から提供された「FindBugs Plug-in」というプラグインがあることを確認してください。</p></div><div class="sect1" title="3. プラグインの使用方法"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1658"></a>3. プラグインの使用方法</h2></div></div></div><p>実行するには、 Java プロジェクト上で右クリックして「Find Bugs」を選択します。<span class="application">FindBugs</span> が実行されて、バグパターンの実例の可能性があると識別されたコード箇所に問題マーカーがつきます。 (ソース画面および Eclipse 問題ビューに表示されます。)</p><p>Java プロジェクトのプロパティーダイアログを開いて「Findbugs」プロパティーページを選択することで、 <span class="application">FindBugs</span> の動作をカスタマイズすることができます。選択できる項目には次のようなものがあります :</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>「Run FindBugs Automatically」チェックボックスの設定。チェックすると、プロジェクト内の Java クラスが修正されるたびに FindBugs が実行されます。</p></li><li class="listitem"><p>優先度とバグカテゴリーの選択。これらのオプションは、どの警告を表示するかを選択します。例えば、優先度で 「Medium」 を選択すると、優先度 (中) および優先度 (高) の警告のみが表示されます。同様に、「Style」チェックボックスのチェックマークを外すと、Style カテゴリーに属する警告は表示されません。</p></li><li class="listitem"><p>ディテクタの選択。表からプロジェクトで有効にしたいディテクタを選択することができます。</p></li></ul></div></div><div class="sect1" title="4. トラブルシューティング"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1681"></a>4. トラブルシューティング</h2></div></div></div><p><span class="application">FindBugs</span> Eclipse プラグインは、まだ実験段階です。このセクションでは、プラグインに関する一般的な問題と (判明していれば) それらの問題の解決方法を記述します。</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p><span class="application">FindBugs</span> 問題マーカーが (ソース画面および問題ビューに) 表示されない場合は、問題ビューのフィルター設定を変更してください。詳細情報は <a class="ulink" href="http://findbugs.sourceforge.net/FAQ.html#q7" target="_top">http://findbugs.sourceforge.net/FAQ.html#q7</a> を参照してください。</p></li></ul></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="anttask.html">戻る</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="filter.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top">第6章 <span class="application">FindBugs</span>™ <span class="application">Ant</span> タスクの使用方法 </td><td width="20%" align="center"><a accesskey="h" href="index.html">ホーム</a></td><td width="40%" align="right" valign="top"> 第8章 フィルターファイル</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/ja/manual/index.html b/doc/ja/manual/index.html
index 8c7fb5e..b039130 100644
--- a/doc/ja/manual/index.html
+++ b/doc/ja/manual/index.html
@@ -1,3 +1,3 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>FindBugs™ マニュアル</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="next" href="introduction.html" title="第1章 はじめに"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center"><span class="application">FindBugs</span>™ マニュアル</th></tr><tr><td width="20%" align="left"> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="introduction.html">次へ</a></td></tr></table><hr></div><div lang="ja" class="book" title="FindBugs™ マニュアル"><div class="titlepage"><div><div><h1 class="title"><a name="findbugs-manual"></a><span class="application">FindBugs</span>™ マニュアル</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="surname">Hovemeyer</span> <span class="firstname">David</span> [FAMILY Given]</h3></div><div class="author"><h3 class="author"><span class="surname">Pugh</span> <span class="firstname">William</span> [FAMILY Given]</h3></div></div></div><div><p class="copyright">製作著作 © 2003, 2004, 2005, 2006, 2008 University of Maryland</p></div><div><div class="legalnotice" title="法律上の通知"><a name="d0e35"></a><p>このマニュアルは、クリエイティブ・コモンズ表示-非営利-継承に基づく使用許諾がなされています。使用許諾書をご覧になる場合は、 <a class="ulink" href="http://creativecommons.org/licenses/by-nc-sa/1.0/deed.ja" target="_top">http://creativecommons.org/licenses/by-nc-sa/1.0/</a> にアクセスするか、クリエイティブ・コモンズ(559 Nathan Abbott Way, Stanford, California 94305, USA)に書簡を送付してください。</p><p>名称「FindBugs」および FindBugs のロゴは、メリーランド大学の登録商標です。</p></div></div><div><p class="pubdate">19:56:04 EDT, 12 July, 2012</p></div></div><hr></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="chapter"><a href="introduction.html">1. はじめに</a></span></dt><dd><dl><dt><span class="sect1"><a href="introduction.html#d0e74">1. 必要条件</a></span></dt></dl></dd><dt><span class="chapter"><a href="installing.html">2. <span class="application">FindBugs</span>™ のインストール</a></span></dt><dd><dl><dt><span class="sect1"><a href="installing.html#d0e102">1. 配布物の展開</a></span></dt></dl></dd><dt><span class="chapter"><a href="building.html">3. <span class="application">FindBugs</span>™ のソールからのビルド</a></span></dt><dd><dl><dt><span class="sect1"><a href="building.html#d0e175">1. 前提条件</a></span></dt><dt><span class="sect1"><a href="building.html#d0e258">2. ソース配布物の展開</a></span></dt><dt><span class="sect1"><a href="building.html#d0e271">3. <code class="filename">local.properties</code> の修正</a></span></dt><dt><span class="sect1"><a href="building.html#d0e326">4. <span class="application">Ant</span> の実行</a></span></dt><dt><span class="sect1"><a href="building.html#d0e420">5. ソースディレクトリーからの <span class="application">FindBugs</span>™ の実行</a></span></dt></dl></dd><dt><span class="chapter"><a href="running.html">4. <span class="application">FindBugs</span>™ の実行</a></span></dt><dd><dl><dt><span class="sect1"><a href="running.html#d0e455">1. クイック・スタート</a></span></dt><dt><span class="sect1"><a href="running.html#d0e493">2. <span class="application">FindBugs</span> の起動</a></span></dt><dt><span class="sect1"><a href="running.html#commandLineOptions">3. コマンドラインオプション</a></span></dt></dl></dd><dt><span class="chapter"><a href="gui.html">5. <span class="application">FindBugs</span> GUI の使用方法</a></span></dt><dd><dl><dt><span class="sect1"><a href="gui.html#d0e1058">1. プロジェクトの作成</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1099">2. 分析の実行</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1104">3. 結果の閲覧</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1119">4. 保存と読み込み</a></span></dt></dl></dd><dt><span class="chapter"><a href="anttask.html">6. <span class="application">FindBugs</span>™ <span class="application">Ant</span> タスクの使用方法</a></span></dt><dd><dl><dt><span class="sect1"><a href="anttask.html#d0e1173">1. <span class="application">Ant</span> タスクのインストール</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1209">2. build.xml の書き方</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1278">3. タスクの実行</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1303">4. パラメーター</a></span></dt></dl></dd><dt><span class="chapter"><a href="eclipse.html">7. <span class="application">FindBugs</span>™ Eclipse プラグインの使用方法</a></span></dt><dd><dl><dt><span class="sect1"><a href="eclipse.html#d0e1604">1. 必要条件</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1611">2. インストール</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1658">3. プラグインの使用方法</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1681">4. トラブルシューティング</a></span></dt></dl></dd><dt><span class="chapter"><a href="filter.html">8. フィルターファイル</a></span></dt><dd><dl><dt><span class="sect1"><a href="filter.html#d0e1709">1. フィルターファイルの概要</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1759">2. マッチング条件の種類</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1958">3. Java 要素名マッチング</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1982">4. 留意事項</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2012">5. 例</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2065">6. 完全な例</a></span></dt></dl></dd><dt><span class="chapter"><a href="analysisprops.html">9. 分析プロパティー</a></span></dt><dt><span class="chapter"><a href="annotations.html">10. アノテーション</a></span></dt><dt><span class="chapter"><a href="rejarForAnalysis.html">11. rejarForAnalysis の使用方法</a></span></dt><dt><span class="chapter"><a href="datamining.html">12. <span class="application">FindBugs</span>™ によるデータ・マイニング</a></span></dt><dd><dl><dt><span class="sect1"><a href="datamining.html#commands">1. コマンド</a></span></dt><dt><span class="sect1"><a href="datamining.html#examples">2. 例</a></span></dt><dt><span class="sect1"><a href="datamining.html#antexample">3. Ant の例</a></span></dt></dl></dd><dt><span class="chapter"><a href="license.html">13. ライセンス</a></span></dt><dt><span class="chapter"><a href="acknowledgments.html">14. 謝辞</a></span></dt><dd><dl><dt><span class="sect1"><a href="acknowledgments.html#d0e3438">1. 貢献者</a></span></dt><dt><span class="sect1"><a href="acknowledgments.html#d0e3561">2. 使用しているソフトウェア</a></span></dt></dl></dd></dl></div><div class="list-of-tables"><p><b>表の一覧</b></p><dl><dt>9.1. <a href="analysisprops.html#analysisproptable">設定可能な分析プロパティー</a></dt><dt>12.1. <a href="datamining.html#computeBugHistoryTable">computeBugHistory コマンドのオプション一覧</a></dt><dt>12.2. <a href="datamining.html#filterOptionsTable">filterBugs コマンドのオプション一覧</a></dt><dt>12.3. <a href="datamining.html#mineBugHistoryOptionsTable">mineBugHistory コマンドのオプション一覧</a></dt><dt>12.4. <a href="datamining.html#mineBugHistoryColumns">mineBugHistory 出力のカラム一覧</a></dt><dt>12.5. <a href="datamining.html#defectDensityColumns">defectDensity 出力のカラム一覧</a></dt><dt>12.6. <a href="datamining.html#convertXmlToTextTable">convertXmlToText コマンドのオプション一覧</a></dt><dt>12.7. <a href="datamining.html#setBugDatabaseInfoOptions">setBugDatabaseInfo オプション一覧</a></dt><dt>12.8. <a href="datamining.html#listBugDatabaseInfoColumns">listBugDatabaseInfo カラム一覧</a></dt></dl></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="introduction.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"> </td><td width="40%" align="right" valign="top"> 第1章 はじめに</td></tr></table></div></body></html>
\ No newline at end of file
+ <title>FindBugs™ マニュアル</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="next" href="introduction.html" title="第1章 はじめに"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center"><span class="application">FindBugs</span>™ マニュアル</th></tr><tr><td width="20%" align="left"> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="introduction.html">次へ</a></td></tr></table><hr></div><div lang="ja" class="book" title="FindBugs™ マニュアル"><div class="titlepage"><div><div><h1 class="title"><a name="findbugs-manual"></a><span class="application">FindBugs</span>™ マニュアル</h1></div><div><div class="authorgroup"><div class="author"><h3 class="author"><span class="surname">Hovemeyer</span> <span class="firstname">David</span> [FAMILY Given]</h3></div><div class="author"><h3 class="author"><span class="surname">Pugh</span> <span class="firstname">William</span> [FAMILY Given]</h3></div></div></div><div><p class="copyright">製作著作 © 2003, 2004, 2005, 2006, 2008 University of Maryland</p></div><div><div class="legalnotice" title="法律上の通知"><a name="d0e35"></a><p>このマニュアルは、クリエイティブ・コモンズ表示-非営利-継承に基づく使用許諾がなされています。使用許諾書をご覧になる場合は、 <a class="ulink" href="http://creativecommons.org/licenses/by-nc-sa/1.0/deed.ja" target="_top">http://creativecommons.org/licenses/by-nc-sa/1.0/</a> にアクセスするか、クリエイティブ・コモンズ(559 Nathan Abbott Way, Stanford, California 94305, USA)に書簡を送付してください。</p><p>名称「FindBugs」および FindBugs のロゴは、メリーランド大学の登録商標です。</p></div></div><div><p class="pubdate">17:16:15 EST, 22 November, 2013</p></div></div><hr></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="chapter"><a href="introduction.html">1. はじめに</a></span></dt><dd><dl><dt><span class="sect1"><a href="introduction.html#d0e74">1. 必要条件</a></span></dt></dl></dd><dt><span class="chapter"><a href="installing.html">2. <span class="application">FindBugs</span>™ のインストール</a></span></dt><dd><dl><dt><span class="sect1"><a href="installing.html#d0e102">1. 配布物の展開</a></span></dt></dl></dd><dt><span class="chapter"><a href="building.html">3. <span class="application">FindBugs</span>™ のソールからのビルド</a></span></dt><dd><dl><dt><span class="sect1"><a href="building.html#d0e175">1. 前提条件</a></span></dt><dt><span class="sect1"><a href="building.html#d0e258">2. ソース配布物の展開</a></span></dt><dt><span class="sect1"><a href="building.html#d0e271">3. <code class="filename">local.properties</code> の修正</a></span></dt><dt><span class="sect1"><a href="building.html#d0e326">4. <span class="application">Ant</span> の実行</a></span></dt><dt><span class="sect1"><a href="building.html#d0e420">5. ソースディレクトリーからの <span class="application">FindBugs</span>™ の実行</a></span></dt></dl></dd><dt><span class="chapter"><a href="running.html">4. <span class="application">FindBugs</span>™ の実行</a></span></dt><dd><dl><dt><span class="sect1"><a href="running.html#d0e455">1. クイック・スタート</a></span></dt><dt><span class="sect1"><a href="running.html#d0e493">2. <span class="application">FindBugs</span> の起動</a></span></dt><dt><span class="sect1"><a href="running.html#commandLineOptions">3. コマンドラインオプション</a></span></dt></dl></dd><dt><span class="chapter"><a href="gui.html">5. <span class="application">FindBugs</span> GUI の使用方法</a></span></dt><dd><dl><dt><span class="sect1"><a href="gui.html#d0e1058">1. プロジェクトの作成</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1099">2. 分析の実行</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1104">3. 結果の閲覧</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1119">4. 保存と読み込み</a></span></dt></dl></dd><dt><span class="chapter"><a href="anttask.html">6. <span class="application">FindBugs</span>™ <span class="application">Ant</span> タスクの使用方法</a></span></dt><dd><dl><dt><span class="sect1"><a href="anttask.html#d0e1173">1. <span class="application">Ant</span> タスクのインストール</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1209">2. build.xml の書き方</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1278">3. タスクの実行</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1303">4. パラメーター</a></span></dt></dl></dd><dt><span class="chapter"><a href="eclipse.html">7. <span class="application">FindBugs</span>™ Eclipse プラグインの使用方法</a></span></dt><dd><dl><dt><span class="sect1"><a href="eclipse.html#d0e1604">1. 必要条件</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1611">2. インストール</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1658">3. プラグインの使用方法</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1681">4. トラブルシューティング</a></span></dt></dl></dd><dt><span class="chapter"><a href="filter.html">8. フィルターファイル</a></span></dt><dd><dl><dt><span class="sect1"><a href="filter.html#d0e1709">1. フィルターファイルの概要</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1759">2. マッチング条件の種類</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1958">3. Java 要素名マッチング</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1982">4. 留意事項</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2012">5. 例</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2065">6. 完全な例</a></span></dt></dl></dd><dt><span class="chapter"><a href="analysisprops.html">9. 分析プロパティー</a></span></dt><dt><span class="chapter"><a href="annotations.html">10. アノテーション</a></span></dt><dt><span class="chapter"><a href="rejarForAnalysis.html">11. rejarForAnalysis の使用方法</a></span></dt><dt><span class="chapter"><a href="datamining.html">12. <span class="application">FindBugs</span>™ によるデータ・マイニング</a></span></dt><dd><dl><dt><span class="sect1"><a href="datamining.html#commands">1. コマンド</a></span></dt><dt><span class="sect1"><a href="datamining.html#examples">2. 例</a></span></dt><dt><span class="sect1"><a href="datamining.html#antexample">3. Ant の例</a></span></dt></dl></dd><dt><span class="chapter"><a href="license.html">13. ライセンス</a></span></dt><dt><span class="chapter"><a href="acknowledgments.html">14. 謝辞</a></span></dt><dd><dl><dt><span class="sect1"><a href="acknowledgments.html#d0e3438">1. 貢献者</a></span></dt><dt><span class="sect1"><a href="acknowledgments.html#d0e3561">2. 使用しているソフトウェア</a></span></dt></dl></dd></dl></div><div class="list-of-tables"><p><b>表の一覧</b></p><dl><dt>9.1. <a href="analysisprops.html#analysisproptable">設定可能な分析プロパティー</a></dt><dt>12.1. <a href="datamining.html#computeBugHistoryTable">computeBugHistory コマンドのオプション一覧</a></dt><dt>12.2. <a href="datamining.html#filterOptionsTable">filterBugs コマンドのオプション一覧</a></dt><dt>12.3. <a href="datamining.html#mineBugHistoryOptionsTable">mineBugHistory コマンドのオプション一覧</a></dt><dt>12.4. <a href="datamining.html#mineBugHistoryColumns">mineBugHistory 出力のカラム一覧</a></dt><dt>12.5. <a href="datamining.html#defectDensityColumns">defectDensity 出力のカラム一覧</a></dt><dt>12.6. <a href="datamining.html#convertXmlToTextTable">convertXmlToText コマンドのオプション一覧</a></dt><dt>12.7. <a href="datamining.html#setBugDatabaseInfoOptions">setBugDatabaseInfo オプション一覧</a></dt><dt>12.8. <a href="datamining.html#listBugDatabaseInfoColumns">listBugDatabaseInfo カラム一覧</a></dt></dl></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="introduction.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"> </td><td width="40%" align="right" valign="top"> 第1章 はじめに</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/ja/manual/installing.html b/doc/ja/manual/installing.html
index b1a013f..9f3f2b4 100644
--- a/doc/ja/manual/installing.html
+++ b/doc/ja/manual/installing.html
@@ -1,9 +1,9 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>第2章 FindBugs™ のインストール</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="introduction.html" title="第1章 はじめに"><link rel="next" href="building.html" title="第3章 FindBugs™ のソールからのビルド"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第2章 <span class="application">FindBugs</span>™ のインストール</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="introduction.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="building.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第2章 FindBugs™ のインストール"><div class="titlepage"><div><div><h2 class="title"><a name="installing"></a>第2章 <span class="application">FindBugs</span>™ のインストール</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="installing.html#d0e102">1. 配布物の展開</a></span></dt></dl></div><p>この章では、 <span class="application">FindBugs</span> のインストール方法を説明します。</p><div class="sect1" title="1. 配布物の展開"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e102"></a>1. 配布物の展開</h2></div></div></div><p><span class="application">FindBugs</span> をインストールする最も簡単な方法は、バイナリ配布物をダウンロードすることです。 バイナリ配布物は、 <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.tar.gz?download" target="_top">gzipped tar 形式</a> および <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.zip?download" target="_top">zip 形式</a> がそれぞれ入手可能です。バイナリ配布物をダウンロードしてきたら、それを任意のディレクトリーに展開します。</p><p>gzipped tar 形式配布物の展開方法例:</p><pre class="screen">
-<code class="prompt">$ </code><span class="command"><strong>gunzip -c findbugs-2.0.1.tar.gz | tar xvf -</strong></span>
+ <title>第2章 FindBugs™ のインストール</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="introduction.html" title="第1章 はじめに"><link rel="next" href="building.html" title="第3章 FindBugs™ のソールからのビルド"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第2章 <span class="application">FindBugs</span>™ のインストール</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="introduction.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="building.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第2章 FindBugs™ のインストール"><div class="titlepage"><div><div><h2 class="title"><a name="installing"></a>第2章 <span class="application">FindBugs</span>™ のインストール</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="installing.html#d0e102">1. 配布物の展開</a></span></dt></dl></div><p>この章では、 <span class="application">FindBugs</span> のインストール方法を説明します。</p><div class="sect1" title="1. 配布物の展開"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e102"></a>1. 配布物の展開</h2></div></div></div><p><span class="application">FindBugs</span> をインストールする最も簡単な方法は、バイナリ配布物をダウンロードすることです。 バイナリ配布物は、 <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.tar.gz?download" target="_top">gzipped tar 形式</a> および <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.zip?download" target="_top">zip 形式</a> がそれぞれ入手可能です。バイナリ配布物をダウンロードしてきたら、それを任意のディレクトリーに展開します。</p><p>gzipped tar 形式配布物の展開方法例:</p><pre class="screen">
+<code class="prompt">$ </code><span class="command"><strong>gunzip -c findbugs-2.0.3.tar.gz | tar xvf -</strong></span>
</pre><p>
</p><p>zip 形式配布物の展開方法例:</p><pre class="screen">
-<code class="prompt">C:\Software></code><span class="command"><strong>unzip findbugs-2.0.1.zip</strong></span>
+<code class="prompt">C:\Software></code><span class="command"><strong>unzip findbugs-2.0.3.zip</strong></span>
</pre><p>
-</p><p>バイナリ配布物の展開すると、通常は <code class="filename">findbugs-2.0.1</code> ディレクトリーが作成されます。例えば、ディレクトリー <code class="filename">C:\Software</code> でバイナリ配布物を展開すると、ディレクトリー <code class="filename">C:\Software\findbugs-2.0.1</code> に <span class="application">FindBugs</span> は展開されます。このディレクトリーが <span class="application">FindBugs</span> のホームディレクトリーになります。このマニュアルでは、このホームディレクトリーを <em class="replaceable"><code>$FINDBUGS_HOME</code></em> (Windowsでは <em class="replaceable"><code>%FINDBUGS_HOME%</code></em>) を用いて参照します。</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="introduction.html">戻る</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="building.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top">第1章 はじめに </td><td width="20%" align="center"><a accesskey="h" href="index.html">ホーム</a></td><td width="40%" align="right" valign="top"> 第3章 <span class="application">FindBugs</span>™ のソールからのビルド</td></tr></table></div></body></html>
\ No newline at end of file
+</p><p>バイナリ配布物の展開すると、通常は <code class="filename">findbugs-2.0.3</code> ディレクトリーが作成されます。例えば、ディレクトリー <code class="filename">C:\Software</code> でバイナリ配布物を展開すると、ディレクトリー <code class="filename">C:\Software\findbugs-2.0.3</code> に <span class="application">FindBugs</span> は展開されます。このディレクトリーが <span class="application">FindBugs</span> のホームディレクトリーになります。このマニュアルでは、このホームディレクトリーを <em class="replaceable"><code>$FINDBUGS_HOME</code></em> (Windowsでは <em class="replaceable"><code>%FINDBUGS_HOME%</code></em>) を用いて参照します。</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="introduction.html">戻る</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="building.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top">第1章 はじめに </td><td width="20%" align="center"><a accesskey="h" href="index.html">ホーム</a></td><td width="40%" align="right" valign="top"> 第3章 <span class="application">FindBugs</span>™ のソールからのビルド</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/ja/manual/introduction.html b/doc/ja/manual/introduction.html
index 7420019..5ba4736 100644
--- a/doc/ja/manual/introduction.html
+++ b/doc/ja/manual/introduction.html
@@ -1,3 +1,3 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>第1章 はじめに</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="index.html" title="FindBugs™ マニュアル"><link rel="next" href="installing.html" title="第2章 FindBugs™ のインストール"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第1章 はじめに</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="index.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="installing.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第1章 はじめに"><div class="titlepage"><div><div><h2 class="title"><a name="introduction"></a>第1章 はじめに</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="introduction.html#d0e74">1. 必要条件</a></span></dt></dl></div><p><span class="application">FindBugs</span>™ は、Java プログラムの中のバグを見つけるプログラムです。このプログラムは、「バグ パターン」の実例を探します。「バグ パターン」とは、エラーとなる可能性の高いコードの事例です。</p><p>この文書は、<span class="application">FindBugs</span> バージョン 2.0.1 について説明してます。私たちは、 <span class="application">FindBugs</span> に対するフィードバックを心待ちにしています。どうぞ、 <a class="ulink" href="http://findbugs.sourceforge.net" target="_top"><span class="application">FindBugs</span> Web ページ</a> にアクセスしてください。<span class="application">FindBugs</span> についての最新情報、連絡先および <span class="application">FindBugs</span> メーリングリストなどのサポート情報を入手することができます。</p><div class="sect1" title="1. 必要条件"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e74"></a>1. 必要条件</h2></div></div></div><p><span class="application">FindBugs</span> を使用するには、 <a class="ulink" href="http://java.sun.com/j2se" target="_top">Java 2 Standard Edition</a>, バージョン 1.5 以降のバージョンと互換性のあるランタイム環境が必要です。<span class="application">FindBugs</span> は、プラットフォーム非依存であり、 GNU/Linux 、 Windows 、 MacOS X プラットフォーム上で動作することが知られています。</p><p><span class="application">FindBugs</span> を使用するためには、少なくとも 512 MB のメモリが必要です。巨大なプロジェクトを解析するためには、それより多くのメモリが必要とされることがあります。</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="index.html">戻る</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="installing.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top"><span class="application">FindBugs</span>™ マニュアル </td><td width="20%" align="center"><a accesskey="h" href="index.html">ホーム</a></td><td width="40%" align="right" valign="top"> 第2章 <span class="application">FindBugs</span>™ のインストール</td></tr></table></div></body></html>
\ No newline at end of file
+ <title>第1章 はじめに</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ マニュアル"><link rel="up" href="index.html" title="FindBugs™ マニュアル"><link rel="prev" href="index.html" title="FindBugs™ マニュアル"><link rel="next" href="installing.html" title="第2章 FindBugs™ のインストール"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">第1章 はじめに</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="index.html">戻る</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="installing.html">次へ</a></td></tr></table><hr></div><div class="chapter" title="第1章 はじめに"><div class="titlepage"><div><div><h2 class="title"><a name="introduction"></a>第1章 はじめに</h2></div></div></div><div class="toc"><p><b>目次</b></p><dl><dt><span class="sect1"><a href="introduction.html#d0e74">1. 必要条件</a></span></dt></dl></div><p><span class="application">FindBugs</span>™ は、Java プログラムの中のバグを見つけるプログラムです。このプログラムは、「バグ パターン」の実例を探します。「バグ パターン」とは、エラーとなる可能性の高いコードの事例です。</p><p>この文書は、<span class="application">FindBugs</span> バージョン 2.0.3 について説明してます。私たちは、 <span class="application">FindBugs</span> に対するフィードバックを心待ちにしています。どうぞ、 <a class="ulink" href="http://findbugs.sourceforge.net" target="_top"><span class="application">FindBugs</span> Web ページ</a> にアクセスしてください。<span class="application">FindBugs</span> についての最新情報、連絡先および <span class="application">FindBugs</span> メーリングリストなどのサポート情報を入手することができます。</p><div class="sect1" title="1. 必要条件"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e74"></a>1. 必要条件</h2></div></div></div><p><span class="application">FindBugs</span> を使用するには、 <a class="ulink" href="http://java.sun.com/j2se" target="_top">Java 2 Standard Edition</a>, バージョン 1.5 以降のバージョンと互換性のあるランタイム環境が必要です。<span class="application">FindBugs</span> は、プラットフォーム非依存であり、 GNU/Linux 、 Windows 、 MacOS X プラットフォーム上で動作することが知られています。</p><p><span class="application">FindBugs</span> を使用するためには、少なくとも 512 MB のメモリが必要です。巨大なプロジェクトを解析するためには、それより多くのメモリが必要とされることがあります。</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="index.html">戻る</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="installing.html">次へ</a></td></tr><tr><td width="40%" align="left" valign="top"><span class="application">FindBugs</span>™ マニュアル </td><td width="20%" align="center"><a accesskey="h" href="index.html">ホーム</a></td><td width="40%" align="right" valign="top"> 第2章 <span class="application">FindBugs</span>™ のインストール</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/manual.xml b/doc/manual.xml
index 93a7493..e36db9d 100644
--- a/doc/manual.xml
+++ b/doc/manual.xml
@@ -44,9 +44,9 @@
</para>
</legalnotice>
-<edition>2.0.1</edition>
+<edition>2.0.3</edition>
-<pubdate>19:56:04 EDT, 12 July, 2012</pubdate>
+<pubdate>17:16:15 EST, 22 November, 2013</pubdate>
</bookinfo>
@@ -62,7 +62,7 @@
<para> &FindBugs;™ is a program to find bugs in Java programs. It looks for instances
of "bug patterns" --- code instances that are likely to be errors.</para>
-<para> This document describes version 2.0.1 of &FindBugs;.We
+<para> This document describes version 2.0.3 of &FindBugs;.We
are very interested in getting your feedback on &FindBugs;. Please visit
the <ulink url="http://findbugs.sourceforge.net">&FindBugs; web page</ulink> for
the latest information on &FindBugs;, contact information, and support resources such
@@ -100,31 +100,31 @@
<para>
The easiest way to install &FindBugs; is to download a binary distribution.
Binary distributions are available in
-<ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.tar.gz?download">gzipped tar format</ulink> and
-<ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.zip?download">zip format</ulink>.
+<ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.tar.gz?download">gzipped tar format</ulink> and
+<ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.zip?download">zip format</ulink>.
Once you have downloaded a binary distribution, extract it into a directory of your choice.
</para>
<para>
Extracting a gzipped tar format distribution:
<screen>
-<prompt>$ </prompt><command>gunzip -c findbugs-2.0.1.tar.gz | tar xvf -</command>
+<prompt>$ </prompt><command>gunzip -c findbugs-2.0.3.tar.gz | tar xvf -</command>
</screen>
</para>
<para>
Extracting a zip format distribution:
<screen>
-<prompt>C:\Software></prompt><command>unzip findbugs-2.0.1.zip</command>
+<prompt>C:\Software></prompt><command>unzip findbugs-2.0.3.zip</command>
</screen>
</para>
<para>
Usually, extracting a binary distribution will create a directory ending in
-<filename class="directory">findbugs-2.0.1</filename>. For example, if you extracted
+<filename class="directory">findbugs-2.0.3</filename>. For example, if you extracted
the binary distribution from the <filename class="directory">C:\Software</filename>
directory, then the &FindBugs; software will be extracted into the directory
-<filename class="directory">C:\Software\findbugs-2.0.1</filename>.
+<filename class="directory">C:\Software\findbugs-2.0.3</filename>.
This directory is the &FindBugs; home directory. We'll refer to it as
&FBHome; (or &FBHomeWin; for Windows) throughout this manual.
</para>
@@ -155,7 +155,7 @@
<itemizedlist>
<listitem>
<para>
- The <ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1-source.zip?download"
+ The <ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3-source.zip?download"
>&FindBugs; source distribution</ulink>
</para>
</listitem>
@@ -218,7 +218,7 @@
a working directory. A typical command to do this is:
<screen>
-<prompt>$ </prompt><command>unzip findbugs-2.0.1-source.zip</command>
+<prompt>$ </prompt><command>unzip findbugs-2.0.3-source.zip</command>
</screen>
</para>
@@ -938,6 +938,19 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><command>-userPrefs</command> <replaceable>edu.umd.cs.findbugs.core.prefs</replaceable></term>
+ <listitem>
+ <para>
+ Set the path of the user preferences file to use, which might override some of the options abobe.
+ Specifying <literal>userPrefs</literal> as first argument would mean some later
+ options will override them, as last argument would mean they will override some previous options).
+ This rationale behind this option is to reuse FindBugs Eclipse project settings for command
+ line execution.
+ </para>
+ </listitem>
+ </varlistentry>
+
<!--
<varlistentry>
<term><command></command> <replaceable></replaceable></term>
@@ -1232,8 +1245,8 @@
elements may be specified as children of a single <literal>findbugs</literal> element.
</para>
<para>In addition to or instead of specifying a <literal>class</literal> element,
- the &FindBugs; task can contain one or more <literal>fileset</literal> element(s) that
- specify files to be analyzed.
+ the &FindBugs; task can contain one or more <literal>fileset</literal> element(s) that
+ specify files to be analyzed.
For example, you might use a fileset to specify that all of the jar files in a directory
should be analyzed.
</para>
@@ -1292,7 +1305,7 @@
<para>
An optional attribute. It specifies
the confidence/priority threshold for reporting issues. If set to "low", confidence is not used to filter bugs.
- If set to "medium" (the default), low confidence issues are supressed.
+ If set to "medium" (the default), low confidence issues are supressed.
If set to "high", only high confidence bugs are reported.
</para>
</listitem>
@@ -1513,6 +1526,19 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term><literal>userPreferencesFile</literal></term>
+ <listitem>
+ <para>
+ Optional attribute. Set the path of the user preferences file to use, which might override some of the options abobe.
+ Specifying <literal>userPreferencesFile</literal> as first argument would mean some later
+ options will override them, as last argument would mean they will override some previous options).
+ This rationale behind this option is to reuse FindBugs Eclipse project settings for command
+ line execution.
+ </para>
+ </listitem>
+ </varlistentry>
+
</variablelist>
@@ -1591,10 +1617,10 @@
<para>You can also manually
download the plugin from the following link:
-<ulink url="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download"
->http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download</ulink>.
+<ulink url="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download"
+>http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download</ulink>.
Extract it in Eclipse's "plugins" subdirectory.
-(So <eclipse_install_dir>/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712/findbugs.png
+(So <eclipse_install_dir>/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122/findbugs.png
should be the path to the &FindBugs; logo.)
</para>
diff --git a/doc/manual/acknowledgments.html b/doc/manual/acknowledgments.html
index f134030..c2ac454 100644
--- a/doc/manual/acknowledgments.html
+++ b/doc/manual/acknowledgments.html
@@ -1,6 +1,6 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Chapter 14. Acknowledgments</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="license.html" title="Chapter 13. License"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 14. Acknowledgments</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="license.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> </td></tr></table><hr></div><div class="chapter" title="Chapter 14. Acknowledgments"><div class="titlepage"><div><div><h2 class="title"><a name="acknowledgments"></a>Chapter 14. Acknowledgments</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="acknowledgments.html#d0e3606">1. Contributors</a></span></dt><dt><span class="sect1"><a href="acknowledgments.html#d0e3729">2. Software Used</a></span></dt></dl></div><div class="sect1" title="1. Contributors"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e3606"></a>1. Contributors</h2></div></div></div><p><span class="application">FindBugs</span> was originally written by Bill Pugh (<code class="email"><<a class="email" href="mailto:pugh@cs.umd.edu">pugh@cs.umd.edu</a>></code>).
+ <title>Chapter 14. Acknowledgments</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="license.html" title="Chapter 13. License"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 14. Acknowledgments</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="license.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> </td></tr></table><hr></div><div class="chapter" title="Chapter 14. Acknowledgments"><div class="titlepage"><div><div><h2 class="title"><a name="acknowledgments"></a>Chapter 14. Acknowledgments</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="acknowledgments.html#d0e3629">1. Contributors</a></span></dt><dt><span class="sect1"><a href="acknowledgments.html#d0e3752">2. Software Used</a></span></dt></dl></div><div class="sect1" title="1. Contributors"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e3629"></a>1. Contributors</h2></div></div></div><p><span class="application">FindBugs</span> was originally written by Bill Pugh (<code class="email"><<a class="email" href="mailto:pugh@cs.umd.edu">pugh@cs.umd.edu</a>></code>).
David Hovemeyer (<code class="email"><<a class="email" href="mailto:daveho@cs.umd.edu">daveho@cs.umd.edu</a>></code>) implemented some of the
detectors, added the Swing GUI, and is a co-maintainer.</p><p>Mike Fagan (<code class="email"><<a class="email" href="mailto:mfagan@tde.com">mfagan@tde.com</a>></code>) contributed the <span class="application">Ant</span> build script,
the <span class="application">Ant</span> task, and several enhancements and bug fixes to the GUI.</p><p>Germano Leichsenring contributed Japanese translations of the bug
@@ -49,11 +49,11 @@
and fixed a bug related to renaming the Eclipse plugin ID.</p><p>Mark McKay contributed an Ant task to launch the findbugs frame.</p><p>Dieter von Holten (dvholten) contributed
some German improvements to findbugs_de.properties.</p><p>If you have contributed to <span class="application">FindBugs</span>, but aren't mentioned above,
please send email to <code class="email"><<a class="email" href="mailto:findbugs@cs.umd.edu">findbugs@cs.umd.edu</a>></code> (and also accept
-our humble apologies).</p></div><div class="sect1" title="2. Software Used"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e3729"></a>2. Software Used</h2></div></div></div><p><span class="application">FindBugs</span> uses several open-source software packages, without which its
-development would have been much more difficult.</p><div class="sect2" title="2.1. BCEL"><div class="titlepage"><div><div><h3 class="title"><a name="d0e3736"></a>2.1. BCEL</h3></div></div></div><p><span class="application">FindBugs</span> includes software developed by the Apache Software Foundation
+our humble apologies).</p></div><div class="sect1" title="2. Software Used"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e3752"></a>2. Software Used</h2></div></div></div><p><span class="application">FindBugs</span> uses several open-source software packages, without which its
+development would have been much more difficult.</p><div class="sect2" title="2.1. BCEL"><div class="titlepage"><div><div><h3 class="title"><a name="d0e3759"></a>2.1. BCEL</h3></div></div></div><p><span class="application">FindBugs</span> includes software developed by the Apache Software Foundation
(<a class="ulink" href="http://www.apache.org/" target="_top">http://www.apache.org/</a>).
Specifically, it uses the <a class="ulink" href="http://jakarta.apache.org/bcel/" target="_top">Byte Code
-Engineering Library</a>.</p></div><div class="sect2" title="2.2. ASM"><div class="titlepage"><div><div><h3 class="title"><a name="d0e3749"></a>2.2. ASM</h3></div></div></div><p><span class="application">FindBugs</span> uses the <a class="ulink" href="http://asm.objectweb.org/" target="_top">ASM</a>
+Engineering Library</a>.</p></div><div class="sect2" title="2.2. ASM"><div class="titlepage"><div><div><h3 class="title"><a name="d0e3772"></a>2.2. ASM</h3></div></div></div><p><span class="application">FindBugs</span> uses the <a class="ulink" href="http://asm.objectweb.org/" target="_top">ASM</a>
bytecode framework, which is distributed under the following license:</p><div class="blockquote"><blockquote class="blockquote"><p>
Copyright (c) 2000-2005 INRIA, France Telecom
All rights reserved.
@@ -84,7 +84,7 @@
CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
THE POSSIBILITY OF SUCH DAMAGE.
-</p></blockquote></div></div><div class="sect2" title="2.3. DOM4J"><div class="titlepage"><div><div><h3 class="title"><a name="d0e3776"></a>2.3. DOM4J</h3></div></div></div><p><span class="application">FindBugs</span> uses <a class="ulink" href="http://dom4j.org" target="_top">DOM4J</a>, which is
+</p></blockquote></div></div><div class="sect2" title="2.3. DOM4J"><div class="titlepage"><div><div><h3 class="title"><a name="d0e3799"></a>2.3. DOM4J</h3></div></div></div><p><span class="application">FindBugs</span> uses <a class="ulink" href="http://dom4j.org" target="_top">DOM4J</a>, which is
distributed under the following license:</p><div class="blockquote"><blockquote class="blockquote"><p>
Copyright 2001 (C) MetaStuff, Ltd. All Rights Reserved.
</p><p>
diff --git a/doc/manual/anttask.html b/doc/manual/anttask.html
index d222a1b..e601e1f 100644
--- a/doc/manual/anttask.html
+++ b/doc/manual/anttask.html
@@ -1,20 +1,20 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Chapter 6. Using the FindBugs™ Ant task</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="gui.html" title="Chapter 5. Using the FindBugs GUI"><link rel="next" href="eclipse.html" title="Chapter 7. Using the FindBugs™ Eclipse plugin"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 6. Using the <span class="application">FindBugs</span>™ <span class="application">Ant</span> task</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="gui.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="eclipse.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 6. Using the FindBugs™ Ant task"><div class="titlepage"><div><div><h2 class="title"><a name="anttask"></a>Chapter 6. Using the <span class="application">FindBugs</span>™ <span class="application">Ant</span> task</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="anttask.html#d0e1192">1. Installing the <span class="application">Ant</span> task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1230">2. Modifying build.xml</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1301">3. Executing the task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1326">4. Parameters</a></span></dt></dl></div><p>
+ <title>Chapter 6. Using the FindBugs™ Ant task</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="gui.html" title="Chapter 5. Using the FindBugs GUI"><link rel="next" href="eclipse.html" title="Chapter 7. Using the FindBugs™ Eclipse plugin"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 6. Using the <span class="application">FindBugs</span>™ <span class="application">Ant</span> task</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="gui.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="eclipse.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 6. Using the FindBugs™ Ant task"><div class="titlepage"><div><div><h2 class="title"><a name="anttask"></a>Chapter 6. Using the <span class="application">FindBugs</span>™ <span class="application">Ant</span> task</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="anttask.html#d0e1205">1. Installing the <span class="application">Ant</span> task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1243">2. Modifying build.xml</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1314">3. Executing the task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1339">4. Parameters</a></span></dt></dl></div><p>
This chapter describes how to integrate <span class="application">FindBugs</span> into a build script
for <a class="ulink" href="http://ant.apache.org/" target="_top"><span class="application">Ant</span></a>, which is a popular Java build
and deployment tool. Using the <span class="application">FindBugs</span> <span class="application">Ant</span> task, your build script can
automatically run <span class="application">FindBugs</span> on your Java code.
</p><p>
The <span class="application">Ant</span> task was generously contributed by Mike Fagan.
-</p><div class="sect1" title="1. Installing the Ant task"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1192"></a>1. Installing the <span class="application">Ant</span> task</h2></div></div></div><p>
+</p><div class="sect1" title="1. Installing the Ant task"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1205"></a>1. Installing the <span class="application">Ant</span> task</h2></div></div></div><p>
To install the <span class="application">Ant</span> task, simply copy <code class="filename"><em class="replaceable"><code>$FINDBUGS_HOME</code></em>/lib/findbugs-ant.jar</code>
into the <code class="filename">lib</code> subdirectory of your <span class="application">Ant</span> installation.
</p><div class="note" title="Note" style="margin-left: 0.5in; margin-right: 0.5in;"><table border="0" summary="Note"><tr><td rowspan="2" align="center" valign="top" width="25"><img alt="[Note]" src="note.png"></td><th align="left">Note</th></tr><tr><td align="left" valign="top"><p>It is strongly recommended that you use the <span class="application">Ant</span> task with the version
of <span class="application">FindBugs</span> it was included with. We do not guarantee that the <span class="application">Ant</span> task Jar file
will work with any version of <span class="application">FindBugs</span> other than the one it was included with.</p></td></tr></table></div><p>
-</p></div><div class="sect1" title="2. Modifying build.xml"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1230"></a>2. Modifying build.xml</h2></div></div></div><p>
+</p></div><div class="sect1" title="2. Modifying build.xml"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1243"></a>2. Modifying build.xml</h2></div></div></div><p>
To incorporate <span class="application">FindBugs</span> into <code class="filename">build.xml</code> (the build script
for <span class="application">Ant</span>), you first need to add a task definition. This should appear as follows:
@@ -56,7 +56,7 @@
An auxiliary Jar file, <code class="filename">Regex.jar</code>, is added to the aux classpath,
because it is referenced by the main BCEL library. A source path is specified
so that the saved bug data will have accurate references to the BCEL source code.
-</p></div><div class="sect1" title="3. Executing the task"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1301"></a>3. Executing the task</h2></div></div></div><p>
+</p></div><div class="sect1" title="3. Executing the task"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1314"></a>3. Executing the task</h2></div></div></div><p>
Here is an example of invoking <span class="application">Ant</span> from the command line, using the <code class="literal">findbugs</code>
target defined above.
@@ -83,7 +83,7 @@
In this case, because we saved the bug results in an XML file, we can
use the <span class="application">FindBugs</span> GUI to view the results; see <a class="xref" href="running.html" title="Chapter 4. Running FindBugs™">Chapter 4, <i>Running <span class="application">FindBugs</span>™</i></a>.
-</p></div><div class="sect1" title="4. Parameters"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1326"></a>4. Parameters</h2></div></div></div><p>This section describes the parameters that may be specified when
+</p></div><div class="sect1" title="4. Parameters"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1339"></a>4. Parameters</h2></div></div></div><p>This section describes the parameters that may be specified when
using the <span class="application">FindBugs</span> task.
</p><div class="variablelist"><dl><dt><span class="term"><code class="literal">class</code></span></dt><dd><p>
@@ -92,8 +92,8 @@
archive file (jar, zip, etc.), directory, or class file to be analyzed. Multiple <code class="literal">class</code>
elements may be specified as children of a single <code class="literal">findbugs</code> element.
</p><p>In addition to or instead of specifying a <code class="literal">class</code> element,
- the <span class="application">FindBugs</span> task can contain one or more <code class="literal">fileset</code> element(s) that
- specify files to be analyzed.
+ the <span class="application">FindBugs</span> task can contain one or more <code class="literal">fileset</code> element(s) that
+ specify files to be analyzed.
For example, you might use a fileset to specify that all of the jar files in a directory
should be analyzed.
</p></dd><dt><span class="term"><code class="literal">auxClasspath</code></span></dt><dd><p>
@@ -117,7 +117,7 @@
</p></dd><dt><span class="term"><code class="literal">reportLevel</code></span></dt><dd><p>
An optional attribute. It specifies
the confidence/priority threshold for reporting issues. If set to "low", confidence is not used to filter bugs.
- If set to "medium" (the default), low confidence issues are supressed.
+ If set to "medium" (the default), low confidence issues are supressed.
If set to "high", only high confidence bugs are reported.
</p></dd><dt><span class="term"><code class="literal">output</code></span></dt><dd><p>
Optional attribute.
@@ -202,7 +202,13 @@
Optional attribute which specifies the name of a property
that will be set to "true" if any warnings are reported by
<span class="application">FindBugs</span> on the analyzed program.
- </p></dd></dl></div><p>
+ </p></dd><dt><span class="term"><code class="literal">userPreferencesFile</code></span></dt><dd><p>
+ Optional attribute. Set the path of the user preferences file to use, which might override some of the options abobe.
+ Specifying <code class="literal">userPreferencesFile</code> as first argument would mean some later
+ options will override them, as last argument would mean they will override some previous options).
+ This rationale behind this option is to reuse FindBugs Eclipse project settings for command
+ line execution.
+ </p></dd></dl></div><p>
</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="gui.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="eclipse.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 5. Using the <span class="application">FindBugs</span> GUI </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/manual/building.html b/doc/manual/building.html
index 6e54628..ed3fcb2 100644
--- a/doc/manual/building.html
+++ b/doc/manual/building.html
@@ -7,7 +7,7 @@
</p><div class="sect1" title="1. Prerequisites"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e173"></a>1. Prerequisites</h2></div></div></div><p>
To compile <span class="application">FindBugs</span> from source, you will need the following:
</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>
- The <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1-source.zip?download" target="_top"><span class="application">FindBugs</span> source distribution</a>
+ The <a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3-source.zip?download" target="_top"><span class="application">FindBugs</span> source distribution</a>
</p></li><li class="listitem"><p>
<a class="ulink" href="http://java.sun.com/j2se/" target="_top">JDK 1.5.0 or later</a>
</p></li><li class="listitem"><p>
@@ -36,7 +36,7 @@
a working directory. A typical command to do this is:
</p><pre class="screen">
-<code class="prompt">$ </code><span class="command"><strong>unzip findbugs-2.0.1-source.zip</strong></span>
+<code class="prompt">$ </code><span class="command"><strong>unzip findbugs-2.0.3-source.zip</strong></span>
</pre><p>
</p></div><div class="sect1" title="3. Modifying local.properties"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e275"></a>3. Modifying <code class="filename">local.properties</code></h2></div></div></div><p>
diff --git a/doc/manual/eclipse.html b/doc/manual/eclipse.html
index 96cc187..52ac8e9 100644
--- a/doc/manual/eclipse.html
+++ b/doc/manual/eclipse.html
@@ -1,15 +1,15 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Chapter 7. Using the FindBugs™ Eclipse plugin</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="anttask.html" title="Chapter 6. Using the FindBugs™ Ant task"><link rel="next" href="filter.html" title="Chapter 8. Filter Files"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="anttask.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="filter.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 7. Using the FindBugs™ Eclipse plugin"><div class="titlepage"><div><div><h2 class="title"><a name="eclipse"></a>Chapter 7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="eclipse.html#d0e1639">1. Requirements</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1647">2. Installation</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1694">3. Using the Plugin</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1725">4. Extending the Eclipse Plugin (since 2.0.0)</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1779">5. Troubleshooting</a></span></dt></dl></div><p>
+ <title>Chapter 7. Using the FindBugs™ Eclipse plugin</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="anttask.html" title="Chapter 6. Using the FindBugs™ Ant task"><link rel="next" href="filter.html" title="Chapter 8. Filter Files"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="anttask.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="filter.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 7. Using the FindBugs™ Eclipse plugin"><div class="titlepage"><div><div><h2 class="title"><a name="eclipse"></a>Chapter 7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="eclipse.html#d0e1662">1. Requirements</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1670">2. Installation</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1717">3. Using the Plugin</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1748">4. Extending the Eclipse Plugin (since 2.0.0)</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1802">5. Troubleshooting</a></span></dt></dl></div><p>
The FindBugs Eclipse plugin allows <span class="application">FindBugs</span> to be used within
the <a class="ulink" href="http://www.eclipse.org/" target="_top">Eclipse</a> IDE.
The FindBugs Eclipse plugin was generously contributed by Peter Friese.
Phil Crosby and Andrei Loskutov contributed major improvements
to the plugin.
-</p><div class="sect1" title="1. Requirements"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1639"></a>1. Requirements</h2></div></div></div><p>
+</p><div class="sect1" title="1. Requirements"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1662"></a>1. Requirements</h2></div></div></div><p>
To use the <span class="application">FindBugs</span> Plugin for Eclipse, you need Eclipse 3.3 or later,
and JRE/JDK 1.5 or later.
-</p></div><div class="sect1" title="2. Installation"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1647"></a>2. Installation</h2></div></div></div><p>
+</p></div><div class="sect1" title="2. Installation"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1670"></a>2. Installation</h2></div></div></div><p>
We provide update sites that allow you to automatically install FindBugs into Eclipse and also query and install updates.
There are three different update sites</p><div class="variablelist" title="FindBugs Eclipse update sites"><p class="title"><b>FindBugs Eclipse update sites</b></p><dl><dt><span class="term"><a class="ulink" href="http://findbugs.cs.umd.edu/eclipse/" target="_top">http://findbugs.cs.umd.edu/eclipse/</a></span></dt><dd><p>
Only provides official releases of FindBugs.
@@ -19,16 +19,16 @@
Provides the daily build of FindBugs. No testing other than that it compiles.
</p></dd></dl></div><p>You can also manually
download the plugin from the following link:
-<a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download" target="_top">http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download</a>.
+<a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download" target="_top">http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download</a>.
Extract it in Eclipse's "plugins" subdirectory.
-(So <eclipse_install_dir>/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712/findbugs.png
+(So <eclipse_install_dir>/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122/findbugs.png
should be the path to the <span class="application">FindBugs</span> logo.)
</p><p>
Once the plugin is extracted, start Eclipse and choose
<span class="guimenu">Help</span> → <span class="guimenuitem">About Eclipse Platform</span> → <span class="guimenuitem">Plug-in Details</span>.
You should find a plugin called "FindBugs Plug-in" provided by "FindBugs Project".
-</p></div><div class="sect1" title="3. Using the Plugin"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1694"></a>3. Using the Plugin</h2></div></div></div><p>
+</p></div><div class="sect1" title="3. Using the Plugin"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1717"></a>3. Using the Plugin</h2></div></div></div><p>
To get started, right click on a Java project in Package Explorer,
and select the option labeled "Find Bugs".
<span class="application">FindBugs</span> will run, and problem markers (displayed in source
@@ -59,7 +59,7 @@
</p></li><li class="listitem"><p>
Select detectors. The table allows you to select which detectors
you want to enable for your project.
- </p></li></ul></div></div><div class="sect1" title="4. Extending the Eclipse Plugin (since 2.0.0)"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1725"></a>4. Extending the Eclipse Plugin (since 2.0.0)</h2></div></div></div><p>
+ </p></li></ul></div></div><div class="sect1" title="4. Extending the Eclipse Plugin (since 2.0.0)"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1748"></a>4. Extending the Eclipse Plugin (since 2.0.0)</h2></div></div></div><p>
Eclipse plugin supports contribution of custom <span class="application">FindBugs</span> detectors (see also
<a class="ulink" href="http://code.google.com/p/findbugs/source/browse/trunk/findbugs/src/doc/AddingDetectors.txt" target="_top">AddingDetectors.txt</a>
for more information). There are two ways to contribute custom plugins to the Eclipse:
@@ -92,7 +92,7 @@
classpath at runtime with required third party libraries (see
<a class="ulink" href="http://code.google.com/p/findbugs/source/browse/trunk/findbugs/src/doc/AddingDetectors.txt" target="_top">AddingDetectors.txt</a>
for more information).
- </p></li></ul></div></div><div class="sect1" title="5. Troubleshooting"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1779"></a>5. Troubleshooting</h2></div></div></div><p>
+ </p></li></ul></div></div><div class="sect1" title="5. Troubleshooting"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1802"></a>5. Troubleshooting</h2></div></div></div><p>
This section lists common problems with the plugin and (if known) how to resolve them.
</p><div class="itemizedlist"><ul class="itemizedlist" type="disc"><li class="listitem"><p>
If you see OutOfMemory error dialogs after starting <span class="application">FindBugs</span> analysis in Eclipse,
diff --git a/doc/manual/filter.html b/doc/manual/filter.html
index 750fe9c..98b264f 100644
--- a/doc/manual/filter.html
+++ b/doc/manual/filter.html
@@ -1,6 +1,6 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Chapter 8. Filter Files</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="eclipse.html" title="Chapter 7. Using the FindBugs™ Eclipse plugin"><link rel="next" href="analysisprops.html" title="Chapter 9. Analysis Properties"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 8. Filter Files</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="eclipse.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="analysisprops.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 8. Filter Files"><div class="titlepage"><div><div><h2 class="title"><a name="filter"></a>Chapter 8. Filter Files</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="filter.html#d0e1815">1. Introduction to Filter Files</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1865">2. Types of Match clauses</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2113">3. Java element name matching</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2138">4. Caveats</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2168">5. Examples</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2226">6. Complete Example</a></span></dt></dl></div><p>
+ <title>Chapter 8. Filter Files</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="eclipse.html" title="Chapter 7. Using the FindBugs™ Eclipse plugin"><link rel="next" href="analysisprops.html" title="Chapter 9. Analysis Properties"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 8. Filter Files</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="eclipse.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="analysisprops.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 8. Filter Files"><div class="titlepage"><div><div><h2 class="title"><a name="filter"></a>Chapter 8. Filter Files</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="filter.html#d0e1838">1. Introduction to Filter Files</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1888">2. Types of Match clauses</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2136">3. Java element name matching</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2161">4. Caveats</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2191">5. Examples</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2249">6. Complete Example</a></span></dt></dl></div><p>
Filter files may be used to include or exclude bug reports for particular classes
and methods. This chapter explains how to use filter files.
@@ -8,7 +8,7 @@
Filters are currently only supported by the Command Line interface.
Eventually, filter support will be added to the GUI.
</p></td></tr></table></div><p>
-</p><div class="sect1" title="1. Introduction to Filter Files"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1815"></a>1. Introduction to Filter Files</h2></div></div></div><p>
+</p><div class="sect1" title="1. Introduction to Filter Files"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1838"></a>1. Introduction to Filter Files</h2></div></div></div><p>
Conceptually, a filter matches bug instances against a set of criteria.
By defining a filter, you can select bug instances for special treatment;
for example, to exclude or include them in a report.
@@ -31,7 +31,7 @@
</p><p>
<code class="literal">Match</code> elements contain children, which are conjuncts of the predicate.
In other words, each of the children must be true for the predicate to be true.
-</p></div><div class="sect1" title="2. Types of Match clauses"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1865"></a>2. Types of Match clauses</h2></div></div></div><div class="variablelist"><dl><dt><span class="term"><code class="literal"><Bug></code></span></dt><dd><p>
+</p></div><div class="sect1" title="2. Types of Match clauses"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1888"></a>2. Types of Match clauses</h2></div></div></div><div class="variablelist"><dl><dt><span class="term"><code class="literal"><Bug></code></span></dt><dd><p>
This element specifies a particular bug pattern or patterns to match.
The <code class="literal">pattern</code> attribute is a comma-separated list of
bug pattern types. You can find the bug pattern types for particular
@@ -114,7 +114,7 @@
This element inverts the included child <code class="literal">Match</code>. I.e., you can put a
<code class="literal">Bug</code> element in a <code class="literal">Not</code> clause in order to match any bug
excluding the given one.
- </p></dd></dl></div></div><div class="sect1" title="3. Java element name matching"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2113"></a>3. Java element name matching</h2></div></div></div><p>
+ </p></dd></dl></div></div><div class="sect1" title="3. Java element name matching"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2136"></a>3. Java element name matching</h2></div></div></div><p>
If the <code class="literal">name</code> attribute of <code class="literal">Class</code>, <code class="literal">Method</code> or
<code class="literal">Field</code> starts with the ~ character the rest of attribute content is interpreted as
a Java regular expression that is matched against the names of the Java element in question.
@@ -124,7 +124,7 @@
</p><p>
See <a class="ulink" href="http://java.sun.com/j2se/1.5.0/docs/api/java/util/regex/Pattern.html" target="_top"><code class="literal">java.util.regex.Pattern</code></a>
documentation for pattern syntax.
-</p></div><div class="sect1" title="4. Caveats"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2138"></a>4. Caveats</h2></div></div></div><p>
+</p></div><div class="sect1" title="4. Caveats"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2161"></a>4. Caveats</h2></div></div></div><p>
<code class="literal">Match</code> clauses can only match information that is actually contained in the
bug instances. Every bug instance has a class, so in general, excluding
bugs by class will work.
@@ -158,7 +158,7 @@
Many kinds of bugs report what method they occur in. For those bug instances,
you can put <code class="literal">Method</code> clauses in the <code class="literal">Match</code> element and they should work
as expected.
-</p></div><div class="sect1" title="5. Examples"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2168"></a>5. Examples</h2></div></div></div><p>
+</p></div><div class="sect1" title="5. Examples"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2191"></a>5. Examples</h2></div></div></div><p>
1. Match all bug reports for a class.
</p><pre class="programlisting">
@@ -314,7 +314,7 @@
</Match>
</pre><p>
-</p></div><div class="sect1" title="6. Complete Example"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2226"></a>6. Complete Example</h2></div></div></div><pre class="programlisting">
+</p></div><div class="sect1" title="6. Complete Example"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e2249"></a>6. Complete Example</h2></div></div></div><pre class="programlisting">
<FindBugsFilter>
<Match>
diff --git a/doc/manual/gui.html b/doc/manual/gui.html
index 44f874f..122b074 100644
--- a/doc/manual/gui.html
+++ b/doc/manual/gui.html
@@ -1,8 +1,8 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
- <title>Chapter 5. Using the FindBugs GUI</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="running.html" title="Chapter 4. Running FindBugs™"><link rel="next" href="anttask.html" title="Chapter 6. Using the FindBugs™ Ant task"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 5. Using the <span class="application">FindBugs</span> GUI</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="running.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="anttask.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 5. Using the FindBugs GUI"><div class="titlepage"><div><div><h2 class="title"><a name="gui"></a>Chapter 5. Using the <span class="application">FindBugs</span> GUI</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="gui.html#d0e1079">1. Creating a Project</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1121">2. Running the Analysis</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1126">3. Browsing Results</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1141">4. Saving and Opening</a></span></dt></dl></div><p>
+ <title>Chapter 5. Using the FindBugs GUI</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="running.html" title="Chapter 4. Running FindBugs™"><link rel="next" href="anttask.html" title="Chapter 6. Using the FindBugs™ Ant task"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 5. Using the <span class="application">FindBugs</span> GUI</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="running.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="anttask.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 5. Using the FindBugs GUI"><div class="titlepage"><div><div><h2 class="title"><a name="gui"></a>Chapter 5. Using the <span class="application">FindBugs</span> GUI</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="gui.html#d0e1092">1. Creating a Project</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1134">2. Running the Analysis</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1139">3. Browsing Results</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1154">4. Saving and Opening</a></span></dt></dl></div><p>
This chapter describes how to use the <span class="application">FindBugs</span> graphical user interface (GUI).
- </p><div class="sect1" title="1. Creating a Project"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1079"></a>1. Creating a Project</h2></div></div></div><p>
+ </p><div class="sect1" title="1. Creating a Project"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1092"></a>1. Creating a Project</h2></div></div></div><p>
After you have started <span class="application">FindBugs</span> using the <span class="command"><strong>findbugs</strong></span> command,
choose the <span class="guimenu">File</span> → <span class="guimenuitem">New Project</span>
menu item. You will see a dialog which looks like this:
@@ -28,14 +28,14 @@
pattern detectors in <span class="application">FindBugs</span> make use of class hierarchy information,
so you will get more accurate results if the entire class hierarchy is
available which <span class="application">FindBugs</span> performs its analysis.
-</p></div><div class="sect1" title="2. Running the Analysis"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1121"></a>2. Running the Analysis</h2></div></div></div><p>
+</p></div><div class="sect1" title="2. Running the Analysis"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1134"></a>2. Running the Analysis</h2></div></div></div><p>
Once you have added all of the archives, directories, and source directories,
click the "Analyze" button to analyze the classes contained in the
Jar files. Note that for a very large program on an older computer,
this may take quite a while (tens of minutes). A recent computer with
ample memory will typically be able to analyze a large program in only a
few minutes.
-</p></div><div class="sect1" title="3. Browsing Results"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1126"></a>3. Browsing Results</h2></div></div></div><p>
+</p></div><div class="sect1" title="3. Browsing Results"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1139"></a>3. Browsing Results</h2></div></div></div><p>
When the analysis completes, you will see a screen like the following:
</p><div class="mediaobject"><img src="example-details.png"></div><p>
</p><p>
@@ -54,7 +54,7 @@
into the text box just below the hierarchical view. You can type any
information which you would like to record. When you load and save bug
results files, the annotations are preserved.
-</p></div><div class="sect1" title="4. Saving and Opening"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1141"></a>4. Saving and Opening</h2></div></div></div><p>
+</p></div><div class="sect1" title="4. Saving and Opening"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e1154"></a>4. Saving and Opening</h2></div></div></div><p>
You may use the <span class="guimenu">File</span> → <span class="guimenuitem">Save as...</span>
menu option to save your work. To save your work, including the jar
file lists you specified and all bug results, choose
diff --git a/doc/manual/index.html b/doc/manual/index.html
index 4884c6c..42924a6 100644
--- a/doc/manual/index.html
+++ b/doc/manual/index.html
@@ -7,4 +7,4 @@
or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA.
</p><p>
The name FindBugs and the FindBugs logo are trademarked by the University of Maryland.
-</p></div></div><div><p class="pubdate">19:56:04 EDT, 12 July, 2012</p></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="chapter"><a href="introduction.html">1. Introduction</a></span></dt><dd><dl><dt><span class="sect1"><a href="introduction.html#d0e67">1. Requirements</a></span></dt></dl></dd><dt><span class="chapter"><a href="installing.html">2. Installing <span class="application">FindBugs</span>™</a></span></dt><dd><dl><dt><span class="sect1"><a href="installing.html#d0e98">1. Extracting the Distribution</a></span></dt></dl></dd><dt><span class="chapter"><a href="building.html">3. Building <span class="application">FindBugs</span>™ from Source</a></span></dt><dd><dl><dt><span class="sect1"><a href="building.html#d0e173">1. Prerequisites</a></span></dt><dt><span class="sect1"><a href="building.html#d0e262">2. Extracting the Source Distribution</a></span></dt><dt><span class="sect1"><a href="building.html#d0e275">3. Modifying <code class="filename">local.properties</code></a></span></dt><dt><span class="sect1"><a href="building.html#d0e333">4. Running <span class="application">Ant</span></a></span></dt><dt><span class="sect1"><a href="building.html#d0e427">5. Running <span class="application">FindBugs</span>™ from a source directory</a></span></dt></dl></dd><dt><span class="chapter"><a href="running.html">4. Running <span class="application">FindBugs</span>™</a></span></dt><dd><dl><dt><span class="sect1"><a href="running.html#d0e465">1. Quick Start</a></span></dt><dt><span class="sect1"><a href="running.html#d0e503">2. Executing <span class="application">FindBugs</span></a></span></dt><dt><span class="sect1"><a href="running.html#commandLineOptions">3. Command-line Options</a></span></dt></dl></dd><dt><span class="chapter"><a href="gui.html">5. Using the <span class="application">FindBugs</span> GUI</a></span></dt><dd><dl><dt><span class="sect1"><a href="gui.html#d0e1079">1. Creating a Project</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1121">2. Running the Analysis</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1126">3. Browsing Results</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1141">4. Saving and Opening</a></span></dt></dl></dd><dt><span class="chapter"><a href="anttask.html">6. Using the <span class="application">FindBugs</span>™ <span class="application">Ant</span> task</a></span></dt><dd><dl><dt><span class="sect1"><a href="anttask.html#d0e1192">1. Installing the <span class="application">Ant</span> task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1230">2. Modifying build.xml</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1301">3. Executing the task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1326">4. Parameters</a></span></dt></dl></dd><dt><span class="chapter"><a href="eclipse.html">7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</a></span></dt><dd><dl><dt><span class="sect1"><a href="eclipse.html#d0e1639">1. Requirements</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1647">2. Installation</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1694">3. Using the Plugin</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1725">4. Extending the Eclipse Plugin (since 2.0.0)</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1779">5. Troubleshooting</a></span></dt></dl></dd><dt><span class="chapter"><a href="filter.html">8. Filter Files</a></span></dt><dd><dl><dt><span class="sect1"><a href="filter.html#d0e1815">1. Introduction to Filter Files</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1865">2. Types of Match clauses</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2113">3. Java element name matching</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2138">4. Caveats</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2168">5. Examples</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2226">6. Complete Example</a></span></dt></dl></dd><dt><span class="chapter"><a href="analysisprops.html">9. Analysis Properties</a></span></dt><dt><span class="chapter"><a href="annotations.html">10. Annotations</a></span></dt><dt><span class="chapter"><a href="rejarForAnalysis.html">11. Using rejarForAnalysis</a></span></dt><dt><span class="chapter"><a href="datamining.html">12. Data mining of bugs with <span class="application">FindBugs</span>™</a></span></dt><dd><dl><dt><span class="sect1"><a href="datamining.html#commands">1. Commands</a></span></dt><dt><span class="sect1"><a href="datamining.html#examples">2. Examples</a></span></dt><dt><span class="sect1"><a href="datamining.html#antexample">3. Ant example</a></span></dt></dl></dd><dt><span class="chapter"><a href="license.html">13. License</a></span></dt><dt><span class="chapter"><a href="acknowledgments.html">14. Acknowledgments</a></span></dt><dd><dl><dt><span class="sect1"><a href="acknowledgments.html#d0e3606">1. Contributors</a></span></dt><dt><span class="sect1"><a href="acknowledgments.html#d0e3729">2. Software Used</a></span></dt></dl></dd></dl></div><div class="list-of-tables"><p><b>List of Tables</b></p><dl><dt>9.1. <a href="analysisprops.html#analysisproptable">Configurable Analysis Properties</a></dt><dt>12.1. <a href="datamining.html#computeBugHistoryTable">Options for computeBugHistory command</a></dt><dt>12.2. <a href="datamining.html#filterOptionsTable">Options for filterBugs command</a></dt><dt>12.3. <a href="datamining.html#mineBugHistoryOptionsTable">Options for mineBugHistory command</a></dt><dt>12.4. <a href="datamining.html#mineBugHistoryColumns">Columns in mineBugHistory output</a></dt><dt>12.5. <a href="datamining.html#defectDensityColumns">Columns in defectDensity output</a></dt><dt>12.6. <a href="datamining.html#convertXmlToTextTable">Options for convertXmlToText command</a></dt><dt>12.7. <a href="datamining.html#setBugDatabaseInfoOptions">setBugDatabaseInfo Options</a></dt><dt>12.8. <a href="datamining.html#listBugDatabaseInfoColumns">listBugDatabaseInfo Columns</a></dt></dl></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="introduction.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"> </td><td width="40%" align="right" valign="top"> Chapter 1. Introduction</td></tr></table></div></body></html>
\ No newline at end of file
+</p></div></div><div><p class="pubdate">17:16:15 EST, 22 November, 2013</p></div></div><hr></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="chapter"><a href="introduction.html">1. Introduction</a></span></dt><dd><dl><dt><span class="sect1"><a href="introduction.html#d0e67">1. Requirements</a></span></dt></dl></dd><dt><span class="chapter"><a href="installing.html">2. Installing <span class="application">FindBugs</span>™</a></span></dt><dd><dl><dt><span class="sect1"><a href="installing.html#d0e98">1. Extracting the Distribution</a></span></dt></dl></dd><dt><span class="chapter"><a href="building.html">3. Building <span class="application">FindBugs</span>™ from Source</a></span></dt><dd><dl><dt><span class="sect1"><a href="building.html#d0e173">1. Prerequisites</a></span></dt><dt><span class="sect1"><a href="building.html#d0e262">2. Extracting the Source Distribution</a></span></dt><dt><span class="sect1"><a href="building.html#d0e275">3. Modifying <code class="filename">local.properties</code></a></span></dt><dt><span class="sect1"><a href="building.html#d0e333">4. Running <span class="application">Ant</span></a></span></dt><dt><span class="sect1"><a href="building.html#d0e427">5. Running <span class="application">FindBugs</span>™ from a source directory</a></span></dt></dl></dd><dt><span class="chapter"><a href="running.html">4. Running <span class="application">FindBugs</span>™</a></span></dt><dd><dl><dt><span class="sect1"><a href="running.html#d0e465">1. Quick Start</a></span></dt><dt><span class="sect1"><a href="running.html#d0e503">2. Executing <span class="application">FindBugs</span></a></span></dt><dt><span class="sect1"><a href="running.html#commandLineOptions">3. Command-line Options</a></span></dt></dl></dd><dt><span class="chapter"><a href="gui.html">5. Using the <span class="application">FindBugs</span> GUI</a></span></dt><dd><dl><dt><span class="sect1"><a href="gui.html#d0e1092">1. Creating a Project</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1134">2. Running the Analysis</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1139">3. Browsing Results</a></span></dt><dt><span class="sect1"><a href="gui.html#d0e1154">4. Saving and Opening</a></span></dt></dl></dd><dt><span class="chapter"><a href="anttask.html">6. Using the <span class="application">FindBugs</span>™ <span class="application">Ant</span> task</a></span></dt><dd><dl><dt><span class="sect1"><a href="anttask.html#d0e1205">1. Installing the <span class="application">Ant</span> task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1243">2. Modifying build.xml</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1314">3. Executing the task</a></span></dt><dt><span class="sect1"><a href="anttask.html#d0e1339">4. Parameters</a></span></dt></dl></dd><dt><span class="chapter"><a href="eclipse.html">7. Using the <span class="application">FindBugs</span>™ Eclipse plugin</a></span></dt><dd><dl><dt><span class="sect1"><a href="eclipse.html#d0e1662">1. Requirements</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1670">2. Installation</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1717">3. Using the Plugin</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1748">4. Extending the Eclipse Plugin (since 2.0.0)</a></span></dt><dt><span class="sect1"><a href="eclipse.html#d0e1802">5. Troubleshooting</a></span></dt></dl></dd><dt><span class="chapter"><a href="filter.html">8. Filter Files</a></span></dt><dd><dl><dt><span class="sect1"><a href="filter.html#d0e1838">1. Introduction to Filter Files</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e1888">2. Types of Match clauses</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2136">3. Java element name matching</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2161">4. Caveats</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2191">5. Examples</a></span></dt><dt><span class="sect1"><a href="filter.html#d0e2249">6. Complete Example</a></span></dt></dl></dd><dt><span class="chapter"><a href="analysisprops.html">9. Analysis Properties</a></span></dt><dt><span class="chapter"><a href="annotations.html">10. Annotations</a></span></dt><dt><span class="chapter"><a href="rejarForAnalysis.html">11. Using rejarForAnalysis</a></span></dt><dt><span class="chapter"><a href="datamining.html">12. Data mining of bugs with <span class="application">FindBugs</span>™</a></span></dt><dd><dl><dt><span class="sect1"><a href="datamining.html#commands">1. Commands</a></span></dt><dt><span class="sect1"><a href="datamining.html#examples">2. Examples</a></span></dt><dt><span class="sect1"><a href="datamining.html#antexample">3. Ant example</a></span></dt></dl></dd><dt><span class="chapter"><a href="license.html">13. License</a></span></dt><dt><span class="chapter"><a href="acknowledgments.html">14. Acknowledgments</a></span></dt><dd><dl><dt><span class="sect1"><a href="acknowledgments.html#d0e3629">1. Contributors</a></span></dt><dt><span class="sect1"><a href="acknowledgments.html#d0e3752">2. Software Used</a></span></dt></dl></dd></dl></div><div class="list-of-tables"><p><b>List of Tables</b></p><dl><dt>9.1. <a href="analysisprops.html#analysisproptable">Configurable Analysis Properties</a></dt><dt>12.1. <a href="datamining.html#computeBugHistoryTable">Options for computeBugHistory command</a></dt><dt>12.2. <a href="datamining.html#filterOptionsTable">Options for filterBugs command</a></dt><dt>12.3. <a href="datamining.html#mineBugHistoryOptionsTable">Options for mineBugHistory command</a></dt><dt>12.4. <a href="datamining.html#mineBugHistoryColumns">Columns in mineBugHistory output</a></dt><dt>12.5. <a href="datamining.html#defectDensityColumns">Columns in defectDensity output</a></dt><dt>12.6. <a href="datamining.html#convertXmlToTextTable">Options for convertXmlToText command</a></dt><dt>12.7. <a href="datamining.html#setBugDatabaseInfoOptions">setBugDatabaseInfo Options</a></dt><dt>12.8. <a href="datamining.html#listBugDatabaseInfoColumns">listBugDatabaseInfo Columns</a></dt></dl></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="introduction.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top"> </td><td width="20%" align="center"> </td><td width="40%" align="right" valign="top"> Chapter 1. Introduction</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/manual/installing.html b/doc/manual/installing.html
index 9fb078c..b14a6eb 100644
--- a/doc/manual/installing.html
+++ b/doc/manual/installing.html
@@ -5,25 +5,25 @@
</p><div class="sect1" title="1. Extracting the Distribution"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a name="d0e98"></a>1. Extracting the Distribution</h2></div></div></div><p>
The easiest way to install <span class="application">FindBugs</span> is to download a binary distribution.
Binary distributions are available in
-<a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.tar.gz?download" target="_top">gzipped tar format</a> and
-<a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.zip?download" target="_top">zip format</a>.
+<a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.tar.gz?download" target="_top">gzipped tar format</a> and
+<a class="ulink" href="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.zip?download" target="_top">zip format</a>.
Once you have downloaded a binary distribution, extract it into a directory of your choice.
</p><p>
Extracting a gzipped tar format distribution:
</p><pre class="screen">
-<code class="prompt">$ </code><span class="command"><strong>gunzip -c findbugs-2.0.1.tar.gz | tar xvf -</strong></span>
+<code class="prompt">$ </code><span class="command"><strong>gunzip -c findbugs-2.0.3.tar.gz | tar xvf -</strong></span>
</pre><p>
</p><p>
Extracting a zip format distribution:
</p><pre class="screen">
-<code class="prompt">C:\Software></code><span class="command"><strong>unzip findbugs-2.0.1.zip</strong></span>
+<code class="prompt">C:\Software></code><span class="command"><strong>unzip findbugs-2.0.3.zip</strong></span>
</pre><p>
</p><p>
Usually, extracting a binary distribution will create a directory ending in
-<code class="filename">findbugs-2.0.1</code>. For example, if you extracted
+<code class="filename">findbugs-2.0.3</code>. For example, if you extracted
the binary distribution from the <code class="filename">C:\Software</code>
directory, then the <span class="application">FindBugs</span> software will be extracted into the directory
-<code class="filename">C:\Software\findbugs-2.0.1</code>.
+<code class="filename">C:\Software\findbugs-2.0.3</code>.
This directory is the <span class="application">FindBugs</span> home directory. We'll refer to it as
<em class="replaceable"><code>$FINDBUGS_HOME</code></em> (or <em class="replaceable"><code>%FINDBUGS_HOME%</code></em> for Windows) throughout this manual.
</p></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="introduction.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="building.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 1. Introduction </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 3. Building <span class="application">FindBugs</span>™ from Source</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/manual/introduction.html b/doc/manual/introduction.html
index 8bad50a..a65b499 100644
--- a/doc/manual/introduction.html
+++ b/doc/manual/introduction.html
@@ -1,7 +1,7 @@
<html><head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<title>Chapter 1. Introduction</title><meta name="generator" content="DocBook XSL Stylesheets V1.76.1"><link rel="home" href="index.html" title="FindBugs™ Manual"><link rel="up" href="index.html" title="FindBugs™ Manual"><link rel="prev" href="index.html" title="FindBugs™ Manual"><link rel="next" href="installing.html" title="Chapter 2. Installing FindBugs™"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="3" align="center">Chapter 1. Introduction</th></tr><tr><td width="20%" align="left"><a accesskey="p" href="index.html">Prev</a> </td><th width="60%" align="center"> </th><td width="20%" align="right"> <a accesskey="n" href="installing.html">Next</a></td></tr></table><hr></div><div class="chapter" title="Chapter 1. Introduction"><div class="titlepage"><div><div><h2 class="title"><a name="introduction"></a>Chapter 1. Introduction</h2></div></div></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="sect1"><a href="introduction.html#d0e67">1. Requirements</a></span></dt></dl></div><p> <span class="application">FindBugs</span>™ is a program to find bugs in Java programs. It looks for instances
-of "bug patterns" --- code instances that are likely to be errors.</p><p> This document describes version 2.0.1 of <span class="application">FindBugs</span>.We
+of "bug patterns" --- code instances that are likely to be errors.</p><p> This document describes version 2.0.3 of <span class="application">FindBugs</span>.We
are very interested in getting your feedback on <span class="application">FindBugs</span>. Please visit
the <a class="ulink" href="http://findbugs.sourceforge.net" target="_top"><span class="application">FindBugs</span> web page</a> for
the latest information on <span class="application">FindBugs</span>, contact information, and support resources such
diff --git a/doc/manual/running.html b/doc/manual/running.html
index 7b9f790..cf83c85 100644
--- a/doc/manual/running.html
+++ b/doc/manual/running.html
@@ -200,4 +200,10 @@
Set the auxiliary classpath for analysis. This classpath should include all
jar files and directories containing classes that are part of the program
being analyzed but you do not want to have analyzed for bugs.
+ </p></dd><dt><span class="term"><span class="command"><strong>-userPrefs</strong></span> <em class="replaceable"><code>edu.umd.cs.findbugs.core.prefs</code></em></span></dt><dd><p>
+ Set the path of the user preferences file to use, which might override some of the options abobe.
+ Specifying <code class="literal">userPrefs</code> as first argument would mean some later
+ options will override them, as last argument would mean they will override some previous options).
+ This rationale behind this option is to reuse FindBugs Eclipse project settings for command
+ line execution.
</p></dd></dl></div></div></div></div><div class="navfooter"><hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="building.html">Prev</a> </td><td width="20%" align="center"> </td><td width="40%" align="right"> <a accesskey="n" href="gui.html">Next</a></td></tr><tr><td width="40%" align="left" valign="top">Chapter 3. Building <span class="application">FindBugs</span>™ from Source </td><td width="20%" align="center"><a accesskey="h" href="index.html">Home</a></td><td width="40%" align="right" valign="top"> Chapter 5. Using the <span class="application">FindBugs</span> GUI</td></tr></table></div></body></html>
\ No newline at end of file
diff --git a/doc/manual_ja.xml b/doc/manual_ja.xml
index 22e1e20..966b6b4 100644
--- a/doc/manual_ja.xml
+++ b/doc/manual_ja.xml
@@ -40,9 +40,9 @@
<para>名称「FindBugs」および FindBugs のロゴは、メリーランド大学の登録商標です。</para>
</legalnotice>
-<edition>2.0.1</edition>
+<edition>2.0.3</edition>
-<pubdate>19:56:04 EDT, 12 July, 2012</pubdate>
+<pubdate>17:16:15 EST, 22 November, 2013</pubdate>
</bookinfo>
@@ -57,7 +57,7 @@
<para>&FindBugs;™ は、Java プログラムの中のバグを見つけるプログラムです。このプログラムは、「バグ パターン」の実例を探します。「バグ パターン」とは、エラーとなる可能性の高いコードの事例です。</para>
-<para>この文書は、&FindBugs; バージョン 2.0.1 について説明してます。私たちは、 &FindBugs; に対するフィードバックを心待ちにしています。どうぞ、 <ulink url="http://findbugs.sourceforge.net">&FindBugs; Web ページ</ulink> にアクセスしてください。&FindBugs; についての最新情報、連絡先および &FindBugs; メーリングリストなどのサポート情報を入手することができます。</para>
+<para>この文書は、&FindBugs; バージョン 2.0.3 について説明してます。私たちは、 &FindBugs; に対するフィードバックを心待ちにしています。どうぞ、 <ulink url="http://findbugs.sourceforge.net">&FindBugs; Web ページ</ulink> にアクセスしてください。&FindBugs; についての最新情報、連絡先および &FindBugs; メーリングリストなどのサポート情報を入手することができます。</para>
<sect1>
<title>必要条件</title>
@@ -82,19 +82,19 @@
<sect1>
<title>配布物の展開</title>
-<para>&FindBugs; をインストールする最も簡単な方法は、バイナリ配布物をダウンロードすることです。 バイナリ配布物は、 <ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.tar.gz?download">gzipped tar 形式</ulink> および <ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1.zip?download">zip 形式</ulink> がそれぞれ入手可能です。バイナリ配布物をダウンロードしてきたら、それを任意のディレクトリーに展開します。</para>
+<para>&FindBugs; をインストールする最も簡単な方法は、バイナリ配布物をダウンロードすることです。 バイナリ配布物は、 <ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.tar.gz?download">gzipped tar 形式</ulink> および <ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3.zip?download">zip 形式</ulink> がそれぞれ入手可能です。バイナリ配布物をダウンロードしてきたら、それを任意のディレクトリーに展開します。</para>
<para>gzipped tar 形式配布物の展開方法例:<screen>
-<prompt>$ </prompt><command>gunzip -c findbugs-2.0.1.tar.gz | tar xvf -</command>
+<prompt>$ </prompt><command>gunzip -c findbugs-2.0.3.tar.gz | tar xvf -</command>
</screen>
</para>
<para>zip 形式配布物の展開方法例:<screen>
-<prompt>C:\Software></prompt><command>unzip findbugs-2.0.1.zip</command>
+<prompt>C:\Software></prompt><command>unzip findbugs-2.0.3.zip</command>
</screen>
</para>
-<para>バイナリ配布物の展開すると、通常は <filename class="directory">findbugs-2.0.1</filename> ディレクトリーが作成されます。例えば、ディレクトリー <filename class="directory">C:\Software</filename> でバイナリ配布物を展開すると、ディレクトリー <filename class="directory">C:\Software\findbugs-2.0.1</filename> に &FindBugs; は展開されます。このディレクトリーが &FindBugs; のホームディレクトリーになります。このマニュアルでは、このホームディレクトリーを &FBHome; (Windowsでは &FBHomeWin;) を用いて参照します。</para>
+<para>バイナリ配布物の展開すると、通常は <filename class="directory">findbugs-2.0.3</filename> ディレクトリーが作成されます。例えば、ディレクトリー <filename class="directory">C:\Software</filename> でバイナリ配布物を展開すると、ディレクトリー <filename class="directory">C:\Software\findbugs-2.0.3</filename> に &FindBugs; は展開されます。このディレクトリーが &FindBugs; のホームディレクトリーになります。このマニュアルでは、このホームディレクトリーを &FBHome; (Windowsでは &FBHomeWin;) を用いて参照します。</para>
</sect1>
</chapter>
@@ -115,7 +115,7 @@
<para>ソースから &FindBugs; をコンパイルするためには、以下のものが必要です。<itemizedlist>
<listitem>
- <para><ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.1-source.zip?download">&FindBugs; のソース配布物</ulink>
+ <para><ulink url="http://prdownloads.sourceforge.net/findbugs/findbugs-2.0.3-source.zip?download">&FindBugs; のソース配布物</ulink>
</para>
</listitem>
<listitem>
@@ -155,7 +155,7 @@
<sect1>
<title>ソース配布物の展開</title>
<para>ソース配布物をダウンロードした後に、それを作業用ディレクトリーに展開する必要があります。通常は、次のようなコマンドで展開を行います:<screen>
-<prompt>$ </prompt><command>unzip findbugs-2.0.1-source.zip</command>
+<prompt>$ </prompt><command>unzip findbugs-2.0.3-source.zip</command>
</screen>
</para>
@@ -1035,7 +1035,7 @@
</varlistentry>
</variablelist>
-<para>また、次に示すリンクから手動でプラグインをダウンロードすることもできます : <ulink url="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download">http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712.zip?download</ulink>. 展開して Eclipse の「plugins」サブディレクトリーに入れてください。(そうすると、 <eclipse インストールディレクトリー >/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.1.20120712/findbugs.png が &FindBugs; のロゴファイルへのパスになるはずです。)</para>
+<para>また、次に示すリンクから手動でプラグインをダウンロードすることもできます : <ulink url="http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download">http://prdownloads.sourceforge.net/findbugs/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122.zip?download</ulink>. 展開して Eclipse の「plugins」サブディレクトリーに入れてください。(そうすると、 <eclipse インストールディレクトリー >/plugins/edu.umd.cs.findbugs.plugin.eclipse_2.0.3.20131122/findbugs.png が &FindBugs; のロゴファイルへのパスになるはずです。)</para>
<para>プラグインの展開ができたら、 Eclipse を起動して <menuchoice> <guimenu>Help</guimenu> <guimenuitem>About Eclipse Platform</guimenuitem> <guimenuitem>Plug-in Details</guimenuitem> </menuchoice> を選択してください。「FindBugs Project」から提供された「FindBugs Plug-in」というプラグインがあることを確認してください。</para>
</sect1>
diff --git a/lib/annotations.jar b/lib/annotations.jar
index 8a0204f..3641ad6 100644
--- a/lib/annotations.jar
+++ b/lib/annotations.jar
Binary files differ
diff --git a/lib/commons-lang-2.6.jar b/lib/commons-lang-2.6.jar
new file mode 100644
index 0000000..98467d3
--- /dev/null
+++ b/lib/commons-lang-2.6.jar
Binary files differ
diff --git a/lib/findbugs-ant.jar b/lib/findbugs-ant.jar
index 2128ba8..239aaeb 100644
--- a/lib/findbugs-ant.jar
+++ b/lib/findbugs-ant.jar
Binary files differ
diff --git a/lib/findbugs.jar b/lib/findbugs.jar
index 3201a26..4434bd4 100644
--- a/lib/findbugs.jar
+++ b/lib/findbugs.jar
Binary files differ
diff --git a/lib/jFormatString.jar b/lib/jFormatString.jar
index 62f6c02..bdcb846 100644
--- a/lib/jFormatString.jar
+++ b/lib/jFormatString.jar
Binary files differ
diff --git a/lib/jaxen-1.1.6.jar b/lib/jaxen-1.1.6.jar
new file mode 100644
index 0000000..52f47a4
--- /dev/null
+++ b/lib/jaxen-1.1.6.jar
Binary files differ
diff --git a/lib/jsr305.jar b/lib/jsr305.jar
index 43807b0..cc39b73 100644
--- a/lib/jsr305.jar
+++ b/lib/jsr305.jar
Binary files differ
diff --git a/lib/yjp-controller-api-redist.jar b/lib/yjp-controller-api-redist.jar
index 490695f..1614469 100644
--- a/lib/yjp-controller-api-redist.jar
+++ b/lib/yjp-controller-api-redist.jar
Binary files differ
diff --git a/optionalPlugin/bugCollectionCloud.jar b/optionalPlugin/bugCollectionCloud.jar
index 8fcd676..19e5fcb 100644
--- a/optionalPlugin/bugCollectionCloud.jar
+++ b/optionalPlugin/bugCollectionCloud.jar
Binary files differ
diff --git a/optionalPlugin/noUpdateChecks.jar b/optionalPlugin/noUpdateChecks.jar
index 47d05fd..33aaf7a 100644
--- a/optionalPlugin/noUpdateChecks.jar
+++ b/optionalPlugin/noUpdateChecks.jar
Binary files differ
diff --git a/optionalPlugin/poweruser.jar b/optionalPlugin/poweruser.jar
index 70a8892..84e89dc 100644
--- a/optionalPlugin/poweruser.jar
+++ b/optionalPlugin/poweruser.jar
Binary files differ
diff --git a/plugin/findbugsCommunalCloud.jar b/plugin/findbugsCommunalCloud.jar
index 066c264..6a2b7b9 100644
--- a/plugin/findbugsCommunalCloud.jar
+++ b/plugin/findbugsCommunalCloud.jar
Binary files differ
diff --git a/plugin/webCloudClient.jar b/plugin/webCloudClient.jar
index efe44ee..ec92caf 100644
--- a/plugin/webCloudClient.jar
+++ b/plugin/webCloudClient.jar
Binary files differ
