[
https://issues.apache.org/jira/browse/SSHD-724?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15777188#comment-15777188
]
David Ostrovsky commented on SSHD-724:
--------------------------------------
Ack. On JGit and other projects infer did a great job, though.
Btw, are you aware of error prone: http://errorprone.info? Yet another Google's
static error checker.
It can be easily activated in Maven driven build, did it for Mina SSHD:
{code:none}
$ cat error_prone.patch
diff --git a/pom.xml b/pom.xml
index 965ea67..887779c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -733,15 +733,33 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
- <version>3.5.1</version>
+ <version>3.6.0</version>
<configuration>
+ <compilerId>javac-with-errorprone</compilerId>
+ <forceJavacCompilerUse>true</forceJavacCompilerUse>
<source>${javac.source}</source>
<target>${javac.target}</target>
+ <!--
<compilerArgument>-g</compilerArgument>
- <!-- see
http://www.javaworld.com/article/2073587/javac-s(dashdash)xlint-options.html -->
<compilerArgument>-Xlint:-serial</compilerArgument>
<compilerArgument>-Xlint:unchecked</compilerArgument>
+ -->
+ <showWarnings>true</showWarnings>
</configuration>
+ <dependencies>
+ <dependency>
+ <groupId>org.codehaus.plexus</groupId>
+
<artifactId>plexus-compiler-javac-errorprone</artifactId>
+ <version>2.8.1</version>
+ </dependency>
+ <!-- override plexus-compiler-javac-errorprone's
dependency on
+ Error Prone with the latest version -->
+ <dependency>
+ <groupId>com.google.errorprone</groupId>
+ <artifactId>error_prone_core</artifactId>
+ <version>2.0.15</version>
+ </dependency>
+ </dependencies>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
{code}
And running it on sshd-core (with activate warnings) produced 1 error and 12
warnings: [1].
[1] http://paste.openstack.org/show/593340
> Fix errors flagged by infer static analyzer
> -------------------------------------------
>
> Key: SSHD-724
> URL: https://issues.apache.org/jira/browse/SSHD-724
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 1.3.0
> Reporter: David Ostrovsky
> Labels: findbugs, static-analysis
> Fix For: 1.4.0
>
>
> Running infer static analyzer: [1] on latest master produces 113 errors:
> [davido@wizball sshd]$ git describe
> sshd-1.3.0-51-g4f0f4dc
> [davido@wizball sshd]$ uname -a
> Linux wizball 4.8.6-300.fc25.x86_64 #1 SMP Tue Nov 1 12:36:38 UTC 2016 x86_64
> x86_64 x86_64 GNU/Linux
> [davido@wizball sshd]$ java -version
> openjdk version "1.8.0_111"
> OpenJDK Runtime Environment (build 1.8.0_111-b16)
> OpenJDK 64-Bit Server VM (build 25.111-b16, mixed mode)
> [davido@localhost sshd]$ infer -- mvn package
> [...]
> ...too many issues to display (limit=10 exceeded), please see
> /home/davido/projects/sshd/infer-out/bugs.txt or run `inferTraceBugs` for the
> remaining issues.
> Summary of the reports
> NULL_DEREFERENCE: 82
> RESOURCE_LEAK: 31
> The full report can be found here: [2].
> [1] http://fbinfer.com
> [2] http://paste.openstack.org/show/593308
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
