Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

7432: Update the spotbugs maven plugin #324

Closed
wants to merge 1 commit into from

Conversation

reinhapa
Copy link
Member

@reinhapa reinhapa commented Oct 18, 2021

Signed-off-by: Patrick Reinhart patrick@reini.net


Progress

  • Commit message must refer to an issue
  • Change must be properly reviewed

Issue

  • JMC-7432: Update the spotbugs maven plugin

Reviewers

Reviewing

Using git

Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jmc pull/324/head:pull/324
$ git checkout pull/324

Update a local copy of the PR:
$ git checkout pull/324
$ git pull https://git.openjdk.java.net/jmc pull/324/head

Using Skara CLI tools

Checkout this PR locally:
$ git pr checkout 324

View PR using the GUI difftool:
$ git pr show -t 324

Using diff file

Download this PR as a diff file:
https://git.openjdk.java.net/jmc/pull/324.diff

@bridgekeeper
Copy link

bridgekeeper bot commented Oct 18, 2021

👋 Welcome back reinhapa! A progress list of the required criteria for merging this PR into master will be added to the body of your pull request. There are additional pull request commands available for use with this pull request.

@openjdk openjdk bot added the rfr label Oct 18, 2021
@mlbridge
Copy link

mlbridge bot commented Oct 18, 2021

@aptmac
Copy link
Member

aptmac commented Oct 21, 2021

It doesn't look like this as trivial an upgrade as the other dependencies, something must have been updated on the dependency side that is finding new potential bugs in the JMC code.

At the moment there are 3 issues with jmc.ui.common: https://github.com/openjdk/jmc/runs/3964924803?check_suite_focus=true#step:7:7015

The code either has to be adjusted, or if appropriate can be added to the spotbugs exclude file to filter the results when spotbugs runs: https://github.com/openjdk/jmc/blob/master/configuration/spotbugs/spotbugs-exclude.xml

@reinhapa
Copy link
Member Author

I saw it, when running it locally. It also seems to have some issues with a lot of static methods returning static class variables, that in my opinion do not seem to be a problem as those getInstance() methods on a different plugin classes.

There seem to be already an issue opened on the spotbugs project. I will still check the other issues and include potential class changes within this PR later next week.

@thegreystone
Copy link
Member

thegreystone commented Nov 24, 2021

Have you had time to take a look at the failing tests yet @reinhapa?

@reinhapa
Copy link
Member Author

Have you had time to take a look at the failing tests yet @reinhapa?

@thegreystone unfortunately not, actually swamped in work 🙁, hope it get's better this week...

@aptmac
Copy link
Member

aptmac commented Dec 7, 2021

Error:

Error:  High: Random object created and used only once in org.openjdk.jmc.console.twitter.TwitterOAuthHeaderGenerator.getNonce() [org.openjdk.jmc.console.twitter.TwitterOAuthHeaderGenerator] At TwitterOAuthHeaderGenerator.java:[line 188] DMI_RANDOM_USED_ONLY_ONCE

Bug description: https://spotbugs.readthedocs.io/en/stable/bugDescriptions.html#dmi-random-object-created-and-used-only-once-dmi-random-used-only-once

TwitterOAuthHeaderGenerator @ line 188: https://github.com/openjdk/jmc/blob/master/application/org.openjdk.jmc.console.twitter/src/main/java/org/openjdk/jmc/console/twitter/TwitterOAuthHeaderGenerator.java#L188

It looks to be complaining that we're creating a new Random object at line 186 everytime getNonce() is used.

@reinhapa
Copy link
Member Author

@aptmac I already got a working version here locally but I'm not yet happy with it... Seems that storing the Random in an instance variable does not help. The only way things pass at the moment is using a ThreadLocalRandom.current() instance...

@reinhapa reinhapa force-pushed the spotbugs branch 2 times, most recently from 21a20fb to 3b2b45d Compare December 10, 2021 19:51
Signed-off-by: Patrick Reinhart <patrick@reini.net>
@openjdk
Copy link

openjdk bot commented Dec 23, 2021

@reinhapa This change now passes all automated pre-integration checks.

ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details.

After integration, the commit message for the final commit will be:

7432: Update the spotbugs maven plugin

Reviewed-by: hirt

You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed.

At the time when this comment was updated there had been no new commits pushed to the master branch. If another commit should be pushed before you perform the /integrate command, your PR will be automatically rebased. If you prefer to avoid any potential automatic rebasing, please check the documentation for the /integrate command for further details.

➡️ To integrate this PR with the above commit message to the master branch, type /integrate in a new comment.

@openjdk openjdk bot added the ready label Dec 23, 2021
@reinhapa
Copy link
Member Author

/integrate

@openjdk
Copy link

openjdk bot commented Dec 23, 2021

Going to push as commit ae37757.

@openjdk openjdk bot added the integrated label Dec 23, 2021
@openjdk openjdk bot closed this Dec 23, 2021
@openjdk
Copy link

openjdk bot commented Dec 23, 2021

@reinhapa Pushed as commit ae37757.

💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored.

@reinhapa reinhapa deleted the spotbugs branch December 23, 2021 16:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Development

Successfully merging this pull request may close these issues.

3 participants