Tag Archives: build-processes

Is findbugs-maven-plugin onlyAnalyze broken?

I cannot seem to get onlyAnalyze working for my multi-module project: regardless of what package (or pattern) I set, maven-findbugs-plugin either parses everything or nothing and it doesn’t evaluate sub-packages as I’d expect from passing it packagename.*.

To prove either myself or the plugin at fault (though I always assume it’s the former!), I setup a small Maven project with the following structure:


pom.xml
src/
main/java/acme/App.java
main/java/acme/moo/App.java
main/java/no_detect/App.java

which is very simple!

The POM has the following findbugs configuration:

    <build>
        <plugins>
            <plugin>
                <groupId>org.codehaus.mojo</groupId>
                <artifactId>findbugs-maven-plugin</artifactId>
                <version>2.4.0</version>
                <executions>
                    <execution>
                        <phase>verify</phase>
                        <goals><goal>findbugs</goal><goal>check</goal></goals>
                    </execution>
                </executions>
                <configuration>
                    <debug>true</debug>
                    <effort>Max</effort>
                    <threshold>Low</threshold>
                    <onlyAnalyze>acme.*</onlyAnalyze>
                </configuration>
            </plugin>
        </plugins>
    </build>

and every App.java has the following code with two obvious violations:


package acme;
import java.io.Serializable;

public class App implements Serializable
{
private static final class NotSer {
private String meh = "meh";
}

private static final NotSer ns = new NotSer();// Violation: not serializable field

public static void main( String[] args )
{
ns.meh = "hehehe";// Vilation: unused
System.out.println( "Hello World!" );
}
}

Note that no_detect.App has the same content as above, but my expectation is that it wouldn’t be
evaluated by findbugs because I have the “onlyAnalyze” option set to acme.* which I assume would
evaluate acme.App and acme.moo.App and nothing else.

I now execute a mvn clean install to clean, build, test, run findbugs, package, install, which
produces the following findbugs report (snipped for brevity) and results in a build failure which is expected
because acme.App and acme.moo.App:


<BugInstance category='BAD_PRACTICE' type='SE_NO_SERIALVERSIONID' instanceOccurrenceMax='0'>
<ShortMessage>Class is Serializable, but doesn't define serialVersionUID</ShortMessage>
<LongMessage>acme.App is Serializable; consider declaring a serialVersionUID</LongMessage>
<Details>
<p> This field is never read.&nbsp; Consider removing it from the class.</p>
</Details>
<BugPattern category='BAD_PRACTICE' abbrev='SnVI' type='SE_NO_SERIALVERSIONID'><ShortDescription>Class is Serializable, but doesn't define serialVersionUID</ShortDescription><Details>
<BugCode abbrev='UrF'><Description>Unread field</Description></BugCode><BugCode abbrev='SnVI'><Description>Serializable class with no Version ID</Description></BugCode>

To summarise: only acme.App is analysed, acme.moo.App (bad) isn’t and neither is
no_detect.App (good).

I tried with two wildcards in the onlyAnalyze option but that produces a **successful build** but
with a findbugs error (Dangling meta character '*' etc).

I tried with onlyAnalyze set to acme.*,acme.moo.* which analyzes all the expected
classes (acme.App and acme.moo.App) which means it “works” but not as I expect; i.e. I have to explicitly declare all parent-packages for the classes I want to analyze: that could get large and difficult to maintain on a multi-module project!

Must. Keep. Trying.

Ant TODO gets some love

Updated: I’ve added another item to the implemented features below…

Yonks ago I spent an afternoon hacking together a TODO task for Apache Ant; the result of which was Ant TODO.

Now, I hadn’t touched it in a while until a user emailed me asking for some help and some nifty new features. Having returned home from a weekend away with a few hours spare I decided to implement the following:

  1. allow for setting of results to an Ant property, instead of to a file or so-on
  2. support a custom delimiter string for each item
  3. call Ant TODO after JAR’ing Ant TODO (chicken, meet egg)
  4. numerous housekeeping tasks, such as a little refactoring and better test data

You can download the latest version if you like. Feel free to contribute too.

Apache Ant & FTP timeout

Having spent a considerable amount of time hacking a new temporary build system together at my new workplace, we were nearing the end of our initial aim. One feature of the development processes they run here is the continuous deployment to the test servers, which is a very good place to be. Our overall goal was to decouple ourselves from the wider development team to allow for more control and flexibility over our build tools and processes.

We’re moving from Visual Build Professional to a more industry-recognisable stack: Apache Ant, Jenkins/Hudson and deployment included within the Ant build scripts via separated targets. This latter requirement was a little cumbersome using the built-in FTP task of Ant.

After writing the FTP task calls in our target, we noticed that when testing on the target build server that the FTP was timing out. To rub salt in the wound, it transpired that the Apache Ant FTP tasks do not allow for setting the timeout. If you want such functionality, you’ll need to duplicate the FTP task itself and add a simple setDataTimeout call, or use an alternative client (or fix the bug!). Whilst brainstorming ideas, a colleague and I discovered that using timeout for Ant FTP connections might not even be necessary if you use the passive=”yes” attribute; as the task’s documentation says:

selects passive-mode (“yes”) transfers, for better through-firewall connectivity, at the price of performance. Defaults to “no”

Doing so on our build made it lightening fast and we no longer suffered from timeout issues.