[ https://issues.apache.org/jira/browse/SSHD-724?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15777188#comment-15777188 ]
David Ostrovsky commented on SSHD-724: -------------------------------------- Ack. On JGit and other projects infer did a great job, though. Btw, are you aware of error prone: http://errorprone.info? Yet another Google's static error checker. It can be easily activated in Maven driven build, did it for Mina SSHD: {code:none} $ cat error_prone.patch diff --git a/pom.xml b/pom.xml index 965ea67..887779c 100644 --- a/pom.xml +++ b/pom.xml @@ -733,15 +733,33 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> - <version>3.5.1</version> + <version>3.6.0</version> <configuration> + <compilerId>javac-with-errorprone</compilerId> + <forceJavacCompilerUse>true</forceJavacCompilerUse> <source>${javac.source}</source> <target>${javac.target}</target> + <!-- <compilerArgument>-g</compilerArgument> - <!-- see http://www.javaworld.com/article/2073587/javac-s(dashdash)xlint-options.html --> <compilerArgument>-Xlint:-serial</compilerArgument> <compilerArgument>-Xlint:unchecked</compilerArgument> + --> + <showWarnings>true</showWarnings> </configuration> + <dependencies> + <dependency> + <groupId>org.codehaus.plexus</groupId> + <artifactId>plexus-compiler-javac-errorprone</artifactId> + <version>2.8.1</version> + </dependency> + <!-- override plexus-compiler-javac-errorprone's dependency on + Error Prone with the latest version --> + <dependency> + <groupId>com.google.errorprone</groupId> + <artifactId>error_prone_core</artifactId> + <version>2.0.15</version> + </dependency> + </dependencies> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> {code} And running it on sshd-core (with activate warnings) produced 1 error and 12 warnings: [1]. [1] http://paste.openstack.org/show/593340 > Fix errors flagged by infer static analyzer > ------------------------------------------- > > Key: SSHD-724 > URL: https://issues.apache.org/jira/browse/SSHD-724 > Project: MINA SSHD > Issue Type: Improvement > Affects Versions: 1.3.0 > Reporter: David Ostrovsky > Labels: findbugs, static-analysis > Fix For: 1.4.0 > > > Running infer static analyzer: [1] on latest master produces 113 errors: > [davido@wizball sshd]$ git describe > sshd-1.3.0-51-g4f0f4dc > [davido@wizball sshd]$ uname -a > Linux wizball 4.8.6-300.fc25.x86_64 #1 SMP Tue Nov 1 12:36:38 UTC 2016 x86_64 > x86_64 x86_64 GNU/Linux > [davido@wizball sshd]$ java -version > openjdk version "1.8.0_111" > OpenJDK Runtime Environment (build 1.8.0_111-b16) > OpenJDK 64-Bit Server VM (build 25.111-b16, mixed mode) > [davido@localhost sshd]$ infer -- mvn package > [...] > ...too many issues to display (limit=10 exceeded), please see > /home/davido/projects/sshd/infer-out/bugs.txt or run `inferTraceBugs` for the > remaining issues. > Summary of the reports > NULL_DEREFERENCE: 82 > RESOURCE_LEAK: 31 > The full report can be found here: [2]. > [1] http://fbinfer.com > [2] http://paste.openstack.org/show/593308 -- This message was sent by Atlassian JIRA (v6.3.4#6332)