Monday, May 28, 2007

Notes from the FindBugs BOF9231 at JavaOne 2007

NOTE: These are my incomplete notes from the FindBugs BOF at JavaOne 2007. I got in late due to the crush outside so missed the start of the session.

The latest release has some new(ish) features:
  • Annotations for @NotNull, @CheckForNull, @CheckReturnValue
  • JSR 305 (Annotations for Software Defect Detection) will standardise these annotations so that they can be used in multiple tools.
  • They will be released in a javax package
  • The EG has a google group for discussions and there is already unofficial output: annotated versions of standard libraries.
Using Findbugs to Compute a Bug's History
  • Findbugs can keep track of when a bug was introduced and when it was resolved. This is recorded in histotical data (xml format)
  • Bugs can be audted by a user and annotated in the history (e.g. must fix, not bug, etc. plus a free text area for more notes)
  • This functionality is integrated with various IDEs. (IDEA, Eclipse, Netbeans)
Ways to Use FindBugs
  • Command Line Interface
  • FindBugs Tool (a Swing UI)
  • Ant
  • Maven
  • Other IDEs
Using Findbugs Well
  • Run it every night or at least every build
  • The results of audits should be remembered (i.e. once a bug is marked, don't forget it)
  • You should be able to identify which bugs are new in the build and which have been there since the last release
  • You should be able to identify bug patterns which are of concern to your project
  • Google are using it and have a paper (which I can't find at the moment) describing their experiences and how to incorporate it into a production development environment
Future of the Project
  • There are currently 1.3 developers (as of the BOF)
  • There is a need to build a better OSS community
  • The "documentation sucks"
  • Mailing Lists
    • findbugs-announce
    • findbugs-discuss
    • findbugs-core
  • There is also a google group
Update - It seems as if FundBugs may be moving to GoogleCode for its hosting

No comments: