Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt

This plugin generates the trend report for FindBugs, an open source program which uses static analysis to look for bugs in Java code. 

Section
borderfalse
Column
width50%
Note
titleInstallation Requirements

This plug-in requires the utility plug-in "analysis-core" (called "Static Analysis Utilities" in the update manager). Please ensure that the latest version of this plug-in is also installed.

Description

Image Removed

(lightbulb) This plug-in is supported by the Static Analysis Collector plug-in that collects different analysis results and shows the results in aggregated trend graphs. Additionally, health reporting and build stability is also based on the aggregated results.

The FindBugs plug-in

...

The following features are provided by this plug-in:

  • Configuration of the files to scan after a build.
  • Build summary showing the new and fixed warnings of a build
  • Several trend reports showing the number of warnings per build
  • Overview of the found warnings per module, package, category, or type
    • Parsing of Maven pom.xml or Ant build.xml configuration files to obtain the module or project name
    • Parsing of Java or C# files to obtain the package or name space name
  • Detail reports of the found warnings optionally filtered by severity (or new and fixed)
    • Short messages is read from the report file
    • Detailed description is read from the FindBugs library or from the third-party plug-ins Find Security Bugs or fb-contrib
  • Colored HTML display of the corresponding source file and warning lines:
    • Direct link to the warning line
    • Highlighting of single lines as well as line ranges
    • Highlighting of multiple line ranges per warning (different color for primary range)
    • Tool tip describing the warning message
  • Failure threshold to mark a build as unstable
  • Configurable project health support
  • Support for the findbugs ant task and the maven-findbugs-plugin 1.1.1 and newer
  • Works with the freestyle and native m2 build option (activated on goal findbugs:findbugs or site)
  • Remote API to export the build quality and found warnings
  • Several tokens to simplify post processing of the results
  • Localization available for: DE, JA (Please help to localize findbugs for your locale!)

The current release is available in the download section. This plug-in is developed and maintained by Ullrich Hafner. Please use the mailing lists or issue tracker to ask questions, create feature request or bug reports, since I don't read the comment section on this page regularly.

Changelog

Release 4.72

Release 4.71

  • Compute author and commit information using the Git blame command. Show report of warnings by user on the job page and in the dashboard view. ( Image RemovedJENKINS-6748 - Analysis of Checkstyle Warnings per User RESOLVED )

Release 4.70

  • Added a new symbol for pipelines: findbugs

Release 4.65

Release 4.64

Release 4.63

  • Don't alter SAX environment variable anymore (JENKINS-27548)
  • Fixed resolving of files with relative paths in workspace (JENKINS-32150)

Release 4.62

  • Added support for the Pipeline plug-in (previously Workflow. Thanks to Antonio Muñiz and Manuel Recena for their PRs)
  • Fixed links in detail page of trend reports (JENKINS-29900)

Release 4.60

  • Update to FindBugs messages 3.0.1 (Thanks to amaembo for the pull request)

Release 4.59

  • Make links in trend graphs relative (JENKINS-21723)
  • Don't use logger when non-project files could not be found (JENKINS-21102)
  • Update of warning messages of findbugs-security detectors (thanks to Philippe Arteau for the pull request)

Release 4.58

  • Reverted XML escaping of messages (JENKINS-25511, JENKINS-17309)
  • Added option to use previous build as reference build when calculating new and fixed warnings (JENKINS-13458, thanks to Tom Saunders for the pull request)

Release 4.57 - new runtime requirement: at least Java 6

Release 4.56

  • Tried to fix some class loading problems with dom4j (JENKINS-21256)

Release 4.51

  • Added a view column that shows the number of warnings in a job

Release 4.50

  • Make dependency to ant-plugin optional

Release 4.49

  • Fixed detection of warnings category in custom rules (thanks to Jesse Glick for the patch!)
  • Added some more fields that are exposed via the REST API (JENKINS-17767, thanks to Mihail Menev, Johann Vierthaler for the patch!)
  • Added Traditional Chinese translations (thanks to Pei-Tang Huang!)
  • Added system configuration option to disable console logging of all static analysis plug-ins (JENKINS-15246, thanks to Sebastian Seidl for the patch!)
  • Added system configuration option to fail a build when one of the static analysis plug-ins fails parsing its input (JENKINS-17663, thanks to Mihail Menev and Johann Vierthaler for the patch)
  • Fixed broken encoding handling in maven jobs (JENKINS-17657, thanks to André Lehmann!)

Release 4.48

Release 4.47

Release 4.46

  • Upgraded bug pattern messages to FindBugs 2.0.2
  • Added messages of FindBugs Security Bugs Plug-in
  • Show more details in the fixed warnings view (JENKINS-15959)
  • Aggregate the maven parent module results in failed builds when the failure is caused by a threshold being hit (JENKINS-15324, JENKINS-12342)
  • Optimized http requests for static resources in the analysis plugins (JENKINS-16571)
  • Fixed missing build overview in maven jobs (JENKINS-16518)
  • Always use Xerces when parsing XML files (JENKINS-15613)
  • Read pom.xml to obtain path of output files in maven jobs (JENKINS-16250)
  • Show error message as file content if the source files could not be transferred to the master (JENKINS-16222)

Release 4.45

Release 4.44

Release 4.43

Release 4.42

  • Reduce memory footprint of plug-in (thanks to Kohsuke for the patches)
  • Upgrade to YUI 2.9 (support for new bread crumbs and context menus: JENKINS-13532, thanks to OHTAKE Tomohiro for the patch)

Release 4.41

  • Show all values of difference graph

Release 4.40

  • Added hyperlinks to build summary if threshold is exceeded (JENKINS-12424)

Release 4.39

  • Added option to filter projects with zero warnings in the warnings dashboard portlet (JENKINS-12984)
  • Center the affected source line in source view (JENKINS-13491)
  • Fixed incompatibility of detail tabs with new bread crumb view (JENKINS-13532)

Release 4.38

  • Added a new portlet that shows the warning totals as a line graph

Release 4.37

  • Fixed another problem when trying to detect the correct findbugs xml file with maven 2 jobs (JENKINS-13090)

Release 4.36

Release 4.35

  • Fixed detection of findbugs results input file

Release 4.34

  • Show build result threshold evaluation information in build summary (JENKINS-12424)
  • Fixed plug-in configuration if used in conjunction with flexible-publisher plug-in (JENKINS-12182, JENKINS-8185)

Release 4.33

Release 4.32

  • Fixed initialization problem when configuring the plug-in for maven jobs. (JENKINS-12075)

Release 4.31

  • Fixed NPE while configuring a graph with no builds yet (JENKINS-12045)
  • Group warnings by relative path if the associated language has no package or namespace concept (JENKINS-11846)
  • Allow skipping of calculating "new" issues (JENKINS-11761)
  • Fixed display of 'Use delta for new warnings' option (JENKINS-11758)
  • Ignore 'new warnings' threshold in the first build (JENKINS-11718)

Release 4.30

  • Fixed enlarge link for trend graphs (JENKINS-11324)
  • Fixed visibility of 'enable trend graph' link
  • Fixed reading of results if analysis is invoked during 'mvn site' (JENKINS-10820)

Release 4.29

  • Ignore failed builds when evaluating the build history in trend graphs and new warnings calculation (JENKINS-10682)
  • Added OSGi bundle detection when grouping warnings by module (JENKINS-10681)
  • Use the path as a replacement for the package grouping for all warnings that are not from Java or C# files (issue 2)

Release 4.28

  • Added new tokens for token macro plug-in (JENKINS-10027): now tokens FINDBUGS_NEW, FINDBUGS_FIXED, FINDBUGS_COUNT and FINDBUGS_RESULT are available.

Release 4.27

Release 4.26

Release 4.25

  • Fixed display of trend graphs for maven jobs (report)

Release 4.24

  • Fixed health reporting and build failure/unstable thresholds for maven project type (JENKINS-4912, JENKINS-3514)
  • Fixed broken detail views when using a reverse proxy (JENKINS-3410, thanks to Benjamin Cabé for the fix)
  • Show the reference build that is used to compute new and fixed warnings (when build thresholds are set)
  • Improved logging statements when build is executed on a slave

Release 4.23

  • Added configuration option to enable automatic project and module name detection by reading all Ant project.xml and Maven pom.xml files (JENKINS-8915, JENKINS-9090)
  • Added preliminary support for the Token Macro Plugin: FINDBUGS_COUNT expands to the number of FindBugs warnings and FINDBUGS_RESULT expands to the plug-in build result (stable, unstable, failed)

Release 4.22

  • Added configuration option to enable automatic project and module name detection by reading all Ant project.xml and Maven pom.xml files (JENKINS-8915, JENKINS-9090)

Release 4.21

  • Fixed missing dependency to Hudson/Jenkins 1.395 (JENKINS-8509)

Release 4.20

  • Jenkins update to links and documentation
  • Show progress text while dashboard portlet graphs are created

Release 4.19

  • Added support for multi-configuration projects (JENKINS-6772)

Release 4.18

  • Fixed sorting of date labels of dashboard trend graphs (JENKINS-8476)
  • Fixed evaluation of builds that will be considered in the dashboard trend graph (JENKINS-8283)
  • Don't show FindBugs cloud information if the project is not registered in the cloud (JENKINS-8236)
  • Fixed wrong computation of the number of bugs that are new this week (JENKINS-8235)

Release 4.16

Release 4.15

Release 4.14

Release 4.13

  • Now uses Bug Rank to compute issue priority, a more accurate and modern method of determining seriousness of a bug
  • Added build status thresholds for each warning priority (JENKINS-3561)
  • Fixed warnings parsing if the SAX parser system property has been set to an illegal value (JENKINS-7312)
  • Added support for FindBugs Cloud
    • Bug details contain Cloud review info
    • Bugs marked as "Not a bug" are hidden from Hudson

Release 4.12

  • Fixed computation of module names for maven projects (JENKINS-6768)
  • Don't report an error message if a maven module does not contain a report file (JENKINS-6895)
  • Fixed ant links (JENKINS-6862)

Release 4.11

Release 4.10

  • Reduced number of false positives when computing new and fixed warnings (JENKINS-6669)

Release 4.9

Release 4.8

  • Fixed broken links to project page and overview image (JENKINS-6417)

Release 4.7

  • Added trend graph portlets for the dashboard view
  • Added option to start the plug-in even for failed builds (JENKINS-6117)
  • Added 'enlarge' link for trend graphs that shows a detail page with the graph
  • Fixed ordering of warnings in detail views (JENKINS-6132)
  • Fixed warning distribution graph in files detail view (JENKINS-6139)

Release 4.5

Release 4.4

  • New warnings computation is now based on the current build and the reference build (i.e., the last successful build, see JENKINS-5147)
  • Visualized plug-in build status (based on the healthiness thresholds)
  • Added high scores for successful builds
  • Don't show project action if there are no warnings (JENKINS-5473)
  • Don't show trend graph configuration on job creation (JENKINS-5294)
  • Improved remote API, now the warning keys are also exposed (JENKINS-5195)

Release 4.3

  • Fixed class loading problems due to a duplicate Apache bcel library in the classpath (JENKINS-5134)

Release 4.2

Release 4.1

  • Fixed trend report link if there are no results available yet (JENKINS-5156)
  • Fixed preview of trend reports
  • Added dependency to Hudson 1.337 due to a class loader bug in previous versions (JENKINS-4993)

Release 4.0

  • Extracted common code of the static code analysis plug-ins into a new utility plug-in "analysis-core"
  • Several bug fixes and small improvements

Release 1.x - 3.x ChangeLog

How To Use

1.    Install plugin, Manage Hudson> manage plugins >Available
2.    Restart app server/ Hudson
3.    Update pom.xml, add in a plugin in the reporting section

<project>

....

<reporting>

  <plugins>
     <plugin>
           <groupId>org.codehaus.mojo</groupId>
           <artifactId>findbugs-maven-plugin</artifactId>
           <version>2.5.2</version>
           <configuration>
              <findbugsXmlOutput>true</findbugsXmlOutput>
              <findbugsXmlWithMessages>true</findbugsXmlWithMessages>
              <xmlOutput>true</xmlOutput>
           </configuration>
        </plugin>

        ....

   </plugins>

  ....

</reporting>

...

</project>

4. In job configure go to build > goals and options, and add "findbugs:findbugs"

5. In the job definition you should now also have a "Publish FindBugs analysis results" checkbox under Build Settings, turn it on.
 

reached end-of-life. It is not supported anymore - all functionality has been integrated into the Warning Plugin.