[英]Maven Codehaus findbugs plugin “onlyAnalyze” option not working as expected
Update for the impatient: it's simple, use package.-
for sub-package scanning instead of package.*
, as-per martoe's answer below! 不耐烦的更新:它很简单,使用package.-
用于子包扫描而不是package.*
,as-per martoe的答案如下!
I cannot seem to get onlyAnalyze
working for my multi-module project: regardless of what package (or pattern) I set, maven-findbugs-plugin doesn't evaluate sub-packages as I'd expect from passing it packagename.*. 我似乎无法onlyAnalyze
为我的多模块项目工作:无论我设置什么包(或模式),maven-findbugs-plugin都不会评估子包,因为我希望传递packagename。*。
To prove either myself or the plugin at fault (though I always assume it's the former!), I setup a small Maven project with the following structure: 为了证明自己或插件有问题(虽然我总是认为它是前者!),我设置了一个具有以下结构的小型Maven项目:
pom.xml
src/
main/java/acme/App.java
main/java/acme/moo/App.java
main/java/no_detect/App.java
which is very simple! 这很简单!
The POM has the following findbugs configuration: POM具有以下findbugs配置:
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>findbugs-maven-plugin</artifactId>
<version>2.4.0</version>
<executions>
<execution>
<phase>verify</phase>
<goals><goal>findbugs</goal><goal>check</goal></goals>
</execution>
</executions>
<configuration>
<debug>true</debug>
<effort>Max</effort>
<threshold>Low</threshold>
<onlyAnalyze>acme.*</onlyAnalyze>
</configuration>
</plugin>
</plugins>
</build>
and every App.java has the following code with two obvious violations: 每个App.java都有以下代码,有两个明显的违规:
package acme;
import java.io.Serializable;
public class App implements Serializable
{
private static final class NotSer {
private String meh = "meh";
}
private static final NotSer ns = new NotSer();// Violation: not serializable field
public static void main( String[] args )
{
ns.meh = "hehehe";// Vilation: unused
System.out.println( "Hello World!" );
}
}
Note that no_detect.App
has the same content as above, but my expectation is that it wouldn't be evaluated by findbugs because I have the "onlyAnalyze" option set to acme.*
which I assume would evaluate acme.App
and acme.moo.App
and nothing else. 请注意, no_detect.App
具有与上面相同的内容,但我的期望是它不会被findbugs评估,因为我将“onlyAnalyze”选项设置为acme.*
我假设它将评估acme.App
和acme.moo.App
而已。
I now execute a mvn clean install
to clean, build, test, run findbugs, package, install, which produces the following findbugs report (snipped for brevity) and results in a build failure which is expected because acme.App
and acme.moo.App
: 我现在执行一个mvn clean install
来清理,构建,测试,运行findbugs,package,install,这会产生以下findbugs报告(为了简洁而剪断)并导致构建失败,这是因为acme.App
和acme.moo.App
:
<BugInstance category='BAD_PRACTICE' type='SE_NO_SERIALVERSIONID' instanceOccurrenceMax='0'>
<ShortMessage>Class is Serializable, but doesn't define serialVersionUID</ShortMessage>
<LongMessage>acme.App is Serializable; consider declaring a serialVersionUID</LongMessage>
<Details>
<p> This field is never read.&nbsp; Consider removing it from the class.</p>
</Details>
<BugPattern category='BAD_PRACTICE' abbrev='SnVI' type='SE_NO_SERIALVERSIONID'><ShortDescription>Class is Serializable, but doesn't define serialVersionUID</ShortDescription><Details>
<BugCode abbrev='UrF'><Description>Unread field</Description></BugCode><BugCode abbrev='SnVI'><Description>Serializable class with no Version ID</Description></BugCode>
To summarise: only acme.App
is analysed, acme.moo.App
isn't (bad) and neither is no_detect.App
(good). 总结:仅acme.App
分析, acme.moo.App
不是(坏)既不是no_detect.App
(好)。
I tried with two wildcards in the onlyAnalyze
option but that produces a successful build but with a findbugs error ( Dangling meta character '*'
etc). 我尝试在onlyAnalyze
选项中使用两个通配符但是这会产生一个成功的构建,但是有一个findbugs错误( Dangling meta character '*'
等)。
I tried with onlyAnalyze
set to acme.*,acme.moo.*
which analyzes all the expected classes ( acme.App
and acme.moo.App
) which means it "works" but not as I expect; 我尝试将onlyAnalyze
设置为acme.*,acme.moo.*
,它分析了所有预期的类( acme.App
和acme.moo.App
),这意味着它“有效”,但并不像我期望的那样; ie I have to explicitly declare all parent-packages for the classes I want to analyze: that could get large and difficult to maintain on a multi-module project! 即我必须为我想要分析的类显式声明所有父包:在多模块项目中可能会变得很大并且难以维护!
Do I have to define every package I want analyzed, or can I declare a wildcard/regex pattern that will do what I want? 我是否必须定义我想要分析的每个包,或者我可以声明一个可以做我想要的通配符/正则表达式模式吗?
I'd rather not use the inclusion/exclusion XML because that requires far more setup and reasoning that I don't currently have time for... 我宁愿不使用包含/排除XML,因为这需要更多的设置和推理,我目前没有时间...
引用Findbugs手册 :“替换。*与.-同时分析所有子包”
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.