Add some useful FindBugs plugins (#2447)

* https://find-sec-bugs.github.io/ * http://fb-contrib.sourceforge.net/
2026-03-13 09:32:21 +08:00 · 2016-07-04 15:39:45 +02:00
parent 27a07d6fca
commit d70a99ad75
2 changed files with 29 additions and 0 deletions
--- a/config/findbugs-exclude.xml
+++ b/config/findbugs-exclude.xml
@@ -0,0 +1,14 @@
+<FindBugsFilter>
+    <Match>
+        <Or>
+            <Bug pattern="EXS_EXCEPTION_SOFTENING_NO_CONSTRAINTS"/>
+            <Bug pattern="CRLF_INJECTION_LOGS"/>
+            <Bug pattern="CD_CIRCULAR_DEPENDENCY"/>
+            <Bug pattern="NAB_NEEDLESS_BOOLEAN_CONSTANT_CONVERSION"/>
+        </Or>
+    </Match>
+    <Match>
+        <!-- Generated by Protobuf -->
+        <Class name="org.graylog2.plugin.journal.JournalMessages"/>
+    </Match>
+</FindBugsFilter>
--- a/pom.xml
+++ b/pom.xml
@@ -958,6 +958,21 @@
                    <groupId>org.codehaus.mojo</groupId>
                    <artifactId>findbugs-maven-plugin</artifactId>
                    <version>3.0.3</version>
+                    <configuration>
+                        <excludeFilterFile>config/findbugs-exclude.xml</excludeFilterFile>
+                        <plugins>
+                            <plugin>
+                                <groupId>com.h3xstream.findsecbugs</groupId>
+                                <artifactId>findsecbugs-plugin</artifactId>
+                                <version>1.4.6</version>
+                            </plugin>
+                            <plugin>
+                                <groupId>com.mebigfatguy.fb-contrib</groupId>
+                                <artifactId>fb-contrib</artifactId>
+                                <version>6.6.1</version>
+                            </plugin>
+                        </plugins>
+                    </configuration>
                </plugin>
                <plugin>
                    <groupId>org.codehaus.mojo</groupId>