https://github.com/rife2/bld-spotbugs
bld extension to perform static code analysis with SpotBugs
https://github.com/rife2/bld-spotbugs
bld build-system build-tool build-tool-plugin code-analysis findbugs java spotbugs static
Last synced: 2 months ago
JSON representation
bld extension to perform static code analysis with SpotBugs
- Host: GitHub
- URL: https://github.com/rife2/bld-spotbugs
- Owner: rife2
- License: apache-2.0
- Created: 2025-11-07T19:20:59.000Z (7 months ago)
- Default Branch: main
- Last Pushed: 2026-03-28T00:28:48.000Z (3 months ago)
- Last Synced: 2026-03-28T04:58:09.192Z (3 months ago)
- Topics: bld, build-system, build-tool, build-tool-plugin, code-analysis, findbugs, java, spotbugs, static
- Language: Java
- Homepage:
- Size: 15.7 MB
- Stars: 0
- Watchers: 0
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Contributing: CONTRIBUTING.md
- License: LICENSE.txt
Awesome Lists containing this project
README
# [bld](https://rife2.com/bld) Extension to Perform Static Code Analysis with [SpotBugs](https://spotbugs.github.io/)
[](https://opensource.org/licenses/Apache-2.0)
[](https://www.oracle.com/java/technologies/javase/jdk17-archive-downloads.html)
[](https://rife2.com/bld)
[](https://repo.rife2.com/#/releases/com/uwyn/rife2/bld-spotbugs)
[](https://repo.rife2.com/#/snapshots/com/uwyn/rife2/bld-spotbugs)
[](https://github.com/rife2/bld-spotbugs/actions/workflows/bld.yml)
To install the latest version, add the following to the `lib/bld/bld-wrapper.properties` file:
```properties
bld.extension-pmd=com.uwyn.rife2:bld-spotbugs
```
For more information, please refer to the [extensions](https://github.com/rife2/bld/wiki/Extensions) documentation.
To install a binary distribution of SpotBugs please refer to its
[installation instruction](https://spotbugs.readthedocs.io/en/latest/installing.html).
## Check Source with SpotBugs
To check for bugs in the main source code, add the following to your build file:
```java
@BuildCommand(summary = "Runs SpotBugs on this project")
public void spotbugs() throws Exception {
new SpotBugsOperation()
.fromProject(this)
.home("/path/to/spotbugs/")
.execute();
}
```
```console
./bld compile spotbugs
```
The output will look something like:
```console
[spotbugs] auxclasspath[build/main, lib/compile/foo-2.3.0.jar, ...]
[spotbugs] sourcepath[src/main/java, src/main/resources]
[spotbugs] analyze[build/main]
[spotbugs] Found 5 potential bugs in 2 classes
[spotbugs] file:///dev/example/src/main/java/com/example/Example.java:39
DCN_NULLPOINTER_EXCEPTION (https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#dcn-nullpointer-exception)
Method: hasSpace, Class: com.example.Example, Priority: 2, Rank: 17, Category: STYLE
--> NullPointerException caught
[spotbugs] file:///dev/example/src/main/java/com/example/Sample.java:27
EI_EXPOSE_REP (https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#ei-expose-rep)
Method: getList, Field: mutableList, Class: com.example.Sample, Priority: 2, Rank: 18, Category: MALICIOUS_CODE
--> May expose internal representation by returning reference to mutable object
...
```
To also check the test source code, add the following to your build file:
```java
@BuildCommand(summary = "Runs SpotBugs on this project")
public void spotbugs() throws Exception {
new SpotBugsOperation()
.fromProject(this, true) // check src/main and src/test
.spotBugsJar("/path/to/spotbugs/lib/spotbugs.jar")
.execute();
}
```
```console
./bld compile spotbugs
```
Please check the [SpotBugsOperation documentation](https://rife2.github.io/bld-spotbugs/rife/bld/extension/SpotBugsOperation.html#method-summary) for all available configuration options.