Over a million developers have joined DZone.

Filtering FindBugs Reports by Rank

· Java Zone

Easily build powerful user management, authentication, and authorization into your web and mobile applications. Download this Forrester report on the new landscape of Customer Identity and Access Management, brought to you in partnership with Stormpath.

I’ve been messing with the FindBugs Ant task today to incorporate it into my company’s automated build for a JEE application. One task I wanted to do was filter the bug report by rank. There is an easy way to do this, which is documented here. However, the documentation is not clear on exactly how FindBugs uses the rank value. After some experimentation, I was able to deduce that the value in the rank tag is used differently depending on whether the XML filter file is specified as an “includeFilter” or “excludeFilter” in the FindBugs Ant task. When specifying rank in an “includeFilter”, the FindBugs report is filtered to contain only bugs with the rank value and above. When specifying rank in an “excludeFilter”, the  report is filtered to contain only bugs below the given rank.

So, for example, if you want only bugs of ranks 10 to 20 to show in your report you must include the attribute “includeFilter” in your findbugs task

...
includeFilter="./findbugsFilter.xml"
...

Your findbugsFilter.xml would need to include a single reference to the Rank tag like this

<Match>
  <Rank value="10"/>
</Match>

On the other hand, if you want to see only bugs with ranks 1, 2 and 3, you must specify your filter as an “excludeFilter”

...
excludeFilter="./findbugsFilter.xml"
...

Your match tag should look like this

<Match>
  <Rank value="4"/>
</Match>

FindBugs appears to only use one  instance of the Rank tag.

I tried several ways to produce a filtered range of bugs in different, but useful ways such as ranks 4 – 9. However, there just doesn’t seem to be a logical way to do this. If you specify the Rank tag more than once or in an “includeFilter” and “excludeFilter” you get unexpected results. It appears that you can only rely on one Rank tag in one filter file.

I perused the code for the FindBugs Ant task for version 2.0.1 rc1 and did find an undocumented (at least not here) attribute “maxRank”. The comment from the source code defines this attribute to mean “maximum rank issue to be reported”. You can use it like this:

<findbugs home="${env.FINDBUGS.HOME}"
                     output="xml:withMessages"
                     outputFile="${findbugs.report.dir}/findbugs.xml" 
                     reportLevel="medium"
                     maxRank="9"
                     debug="false">
...
</findbugs>

Defining that attribute will effectively filter the bugs so that only bugs with ranks 1 through 9 visible in the generated report.

 

I thought this part of the Ant task was particularly confusing and not documented sufficiently, even though it’s quite a useful feature. If I’ve made any mistakes in my assessment of filtering by bug rank, please leave a comment with a correction.

The Java Zone is brought to you by Stormpath—a complete, pre-built User Management API. Want to learn how to use JWTs to protect microservices from CSRF and more? Check out this on-demand webinar with our Java Developer Evangelist, Micah Silverman.

Topics:

Published at DZone with permission of Nick Watts, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

SEE AN EXAMPLE
Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.
Subscribe

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}