I used to use FindBugs plugin in my Java projects to detect and learn about issues and potential issues in my source code.
Even FindBugs is no longer maintained we have an alternative called SpotBugs.
It requires Maven version 3.1.1 to be executed
Is not so different to use, just add the plugin like any other plugin in your pom.xml file:
<plugin> <groupId>com.github.spotbugs</groupId> <artifactId>spotbugs-maven-plugin</artifactId> <version>3.1.11</version> <executions> <execution> <goals> <goal>check</goal> <goal>gui</goal> <goal>help</goal> <goal>spotbugs</goal> </goals> <id>check</id> </execution> </executions> <configuration> <foo>bar</foo> </configuration> </plugin>
And then execute:
After checking our code we may display our bugs in a friendly manner
Example of a detected issue when we forget to close streams:Method may fail to close stream The method creates an IO stream object, does not assign it to any fields, pass it to other methods that might close it, or return it, and does not appear to close the stream on all paths out of the method. This may result in a file descriptor leak. It is generally a good idea to use a finally block to ensure that streams are closed.
<profile> <id>default</id> <properties> <spotbugs.skip>true</spotbugs.skip> </properties> <activation> <activeByDefault>true</activeByDefault> </activation> </profile>
And let’s create a profile to execute it:
<profile> <id>runSpotBugs</id> <properties> <spotbugs.skip>false</spotbugs.skip> </properties> </profile>
And execute like this:
mvn clean install -PrunSpotBugs