Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Are there any plans to add Spotbugs to the Maven code analysis tools? #10900

Open
sangonzal opened this issue Jul 16, 2019 · 19 comments
Open

Are there any plans to add Spotbugs to the Maven code analysis tools? #10900

sangonzal opened this issue Jul 16, 2019 · 19 comments
Assignees
@KonstantinTyukalov
Labels
enhancement question Task: Maven

Comments

@sangonzal
Copy link

Question:

Task Name: Maven
Environment: Azure Pipelines, hosted agent

The Maven task has the option of enabling Findbugs static analysis tool. Findbugs seems to be no longer be maintained and instead it is recommended to use Spotbugs.

Are there any plans to add Spotbugs to the Maven code analysis tools?
@ghost ghost added route triage labels Jul 16, 2019
@sangonzal sangonzal changed the title Are there any plans to Spotbugs to the Maven code analysis tools? Are there any plans to add Spotbugs to the Maven code analysis tools? Jul 16, 2019
@sangonzal
Copy link
Author

Any updates on this?

@github-actions
Copy link

This issue is stale because it has been open for a year with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Aug 20, 2020
@in-fke
Copy link

in-fke commented May 6, 2021

If this was done for Gradle, can we also do it for Maven?
#14625

@anatolybolshakov
Copy link
Contributor

Hi @in-fke yes, we are planning to add support for Maven task too - reopened this issue to track it.

@github-actions
Copy link

github-actions bot commented Nov 2, 2021

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Nov 2, 2021
@in-fke
Copy link

in-fke commented Nov 2, 2021

@anatolybolshakov can you remove the "stale" label again?

@anatolybolshakov
Copy link
Contributor

@in-fke sure, removed it since still actual.

@in-fke
Copy link

in-fke commented Nov 2, 2021

Thank you!

@Crydust
Copy link

Crydust commented Feb 10, 2022

Any updates on this?

@KonstantinTyukalov KonstantinTyukalov self-assigned this Feb 16, 2022
@KonstantinTyukalov
Copy link
Contributor

Hi! Thanks for the information you provided. We are currently working on resolving this issue.

@KonstantinTyukalov KonstantinTyukalov mentioned this issue Feb 24, 2022
Closed
5 tasks
@KonstantinTyukalov KonstantinTyukalov mentioned this issue Mar 14, 2022
Merged
5 tasks
@KonstantinTyukalov KonstantinTyukalov added the awaiting deployment Related changes are waiting for deployment to be completed label May 24, 2022
@KonstantinTyukalov
Copy link
Contributor

Hi everyone!
Quick update: The related changes for the Maven task ver.3 will be available in the next ADO release.
We will update the ticket once these changes will be fully rollout to all Azure DevOps users.

Later we are planning to add support of multi-module for the spotbugs plugin.

Thanks!

@in-fke
Copy link

in-fke commented May 24, 2022

Thanks for the update, "multi-module" would of course be essential, since most Maven Pipeline are probably multi-module.

@KonstantinTyukalov KonstantinTyukalov removed the awaiting deployment Related changes are waiting for deployment to be completed label Jul 12, 2022
@github-actions
Copy link

github-actions bot commented Jan 8, 2023

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Jan 8, 2023
@in-fke
Copy link

in-fke commented Jan 9, 2023

Quick update: The related changes for the Maven task ver.3 will be available in the next ADO release.

Could you update this issue regarding this? I guess it should not be stale then.

@github-actions github-actions bot removed the stale label Jan 9, 2023
@in-fke
Copy link

in-fke commented Apr 27, 2023

May 2022 @KonstantinTyukalov wrote:

Later we are planning to add support of multi-module for the spotbugs plugin.

any update on this? Maybe it is already solved?

@in-fke
Copy link

in-fke commented May 2, 2023

This is frustrating, I tried it on a multi-module Maven Project and the SpotBugs Analysis is picking some random Maven Project that was not even part of the Multi-Module build (e.g. omitted due to profiles, or just not contained in the tag).

https://github.com/microsoft/azure-pipelines-tasks/blob/master/Tasks/MavenV4/spotbugsTool/publishSpotbugsReport.ts

So apparently:

  1. multi-module Maven Project not supported
  2. tries to copy spotbugsXml.xml from a Maven Project that was not even part of the build
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  01:23 h
[INFO] Finished at: 2023-05-02T13:31:12Z
[INFO] ------------------------------------------------------------------------
cp: no such file or directory: /home/vsts/work/1/s/<path-to-maven-project-that-was-not-part-of-the-build>/target/spotbugsXml.xml
##[error]cp failed
cp: no such file or directory: /home/vsts/work/1/s/<path-to-maven-project-that-was-not-part-of-the-build>/target/spotbugsXml.xml
Code analysis failed.

But this raises a more general question: do we even get a decent Pipeline Web UI output like from Unit Tests?
Or is this just to publish pipeline artifacts with raw spotbugsXml.xml files?

@github-actions
Copy link

This issue is stale because it has been open for 180 days with no activity. Remove the stale label or comment on the issue otherwise this will be closed in 5 days

@github-actions github-actions bot added the stale label Oct 29, 2023
@in-fke
Copy link

in-fke commented Oct 30, 2023

But this raises a more general question: do we even get a decent Pipeline Web UI output like from Unit Tests?
Or is this just to publish pipeline artifacts with raw spotbugsXml.xml files?

Yes, Bot, this issue is still relevant.

@github-actions github-actions bot removed the stale label Oct 30, 2023
@chrfis
Copy link

chrfis commented Mar 21, 2024

+1 for the bot, facing same issue currently when migrating from findbugs to spotbugs...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@KonstantinTyukalov KonstantinTyukalov

Labels
enhancement question Task: Maven
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@Crydust @bryanmacfarlane @anatolybolshakov @chrfis @sangonzal @KonstantinTyukalov @in-fke