javamavencontinuous-integrationstatic-analysisspotbugs

How to run Spotbugs via Maven?


This is my pom.xml:

<project xmlns="http://maven.apache.org/POM/4.0.0" 
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://maven.apache.org/POM/4.0.0   
 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion> 

     <groupId>de.stackoverflow.test</groupId>
     <artifactId>HelloWorld</artifactId>
     <version>1.0-SNAPSHOT</version>
     <packaging>jar</packaging> 
     <name>HelloWorld</name> 

     <dependencies>   
             <dependency>
                <groupId>com.github.spotbugs</groupId>
                <artifactId>spotbugs-annotations</artifactId>
                <version>3.1.0-RC5</version>
                <optional>true</optional>
            </dependency>
     </dependencies>

     <build>        
        <plugins>
           <plugin>
           <groupId>com.github.hazendaz.spotbugs</groupId>
           <artifactId>spotbugs-maven-plugin</artifactId>
           <version>3.0.6</version>
           <dependencies>

           <dependency>
           <groupId>com.github.spotbugs</groupId>
           <artifactId>spotbugs</artifactId>
           <version>3.1.0-RC5</version>
           </dependency>
           </dependencies>
           </plugin>
        </plugins>
     </build>

mvn compile, mvn package and mvn site run without any problems. Build Success.

The project consists of a single HelloWorld.java with some bugs in it.

mvn site does not show me any bugs or errors. How do I get SpotBugs to scan my code?


Solution

  • Use spotbugs-maven-plugin version 3.1.0-RC6, then you can find problem by mvn spotbugs:spotbugs. You may refer official document in readthedocs.