diff --git a/README.md b/README.md
index b428364c..521e2263 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
# SonarQube Spotbugs Plugin
[](https://travis-ci.org/spotbugs/sonar-findbugs)
-
+
[](https://sonarcloud.io/component_measures?id=com.github.spotbugs:sonar-findbugs-plugin&metric=coverage)
## Description / Features
@@ -46,4 +46,5 @@ Findbugs Plugin version|Embedded SpotBugs/Findbugs version|Embedded Findsecbugs
3.6 | 3.1.0 RC4 (SpotBugs) | 1.6.0 | 7.0.0 | 1.8|5.6.7|4.15.0.12310
3.7 | 3.1.2 (SpotBugs) | 1.7.1 | 7.2.1sb | 1.8|6.7.1|5.1.0.13090
3.8 | 3.1.6 (SpotBugs) | 1.8.0 | 7.4.3sb | 1.8|6.7.1|5.1.0.13090
-3.9-SNAPSHOT | 3.1.8 (SpotBugs) | 1.8.0 | 7.4.3sb | 1.8|6.7.1|5.2.0.13398
+3.9 | 3.1.8 (SpotBugs) | 1.8.0 | 7.4.3sb | 1.8|6.7.1|5.2.0.13398
+3.10-SNAPSHOT | 3.1.8 (SpotBugs) | 1.8.0 | 7.4.3sb | 1.8|6.7.1|5.2.0.13398
diff --git a/RELEASE_PROCEDURE.md b/RELEASE_PROCEDURE.md
index 612a0ac3..1eba0a34 100644
--- a/RELEASE_PROCEDURE.md
+++ b/RELEASE_PROCEDURE.md
@@ -8,7 +8,9 @@ When you release fixed version of SonarQube SpotBugs Plugin, please follow these
git checkout -b master-release
```
-* change version number in `pom.xml` to stable version (e.g. `1.2.3`), then commit changes
+* Make sure profile XMLs are updated. See [`generate_progiles/README.md`](generate_progiles/README.md) for detail.
+
+* change version number in `pom.xml` to stable version (e.g. `1.2.3`), then commit changes
```
mvn versions:set -DnewVersion=1.2.3
diff --git a/generate_profiles/BuildXmlFiles.groovy b/generate_profiles/BuildXmlFiles.groovy
index 52286c15..66f566b7 100644
--- a/generate_profiles/BuildXmlFiles.groovy
+++ b/generate_profiles/BuildXmlFiles.groovy
@@ -3,13 +3,13 @@ import FsbClassifier;
import static FsbClassifier.*;
@Grapes([
- @Grab(group='com.github.spotbugs', module='spotbugs', version='3.1.6'),
+ @Grab(group='com.github.spotbugs', module='spotbugs', version='3.1.8'),
@Grab(group='com.mebigfatguy.fb-contrib', module='fb-contrib', version='7.4.3.sb'),
@Grab(group='com.h3xstream.findsecbugs' , module='findsecbugs-plugin', version='1.8.0')]
)
-FB = new Plugin(groupId: 'com.github.spotbugs', artifactId: 'spotbugs', version: '3.1.6')
+FB = new Plugin(groupId: 'com.github.spotbugs', artifactId: 'spotbugs', version: '3.1.8')
CONTRIB = new Plugin(groupId: 'com.mebigfatguy.fb-contrib', artifactId: 'fb-contrib', version: '7.4.3.sb')
FSB = new Plugin(groupId: 'com.h3xstream.findsecbugs', artifactId: 'findsecbugs-plugin', version: '1.8.0')
@@ -263,4 +263,4 @@ totalCount += writeProfile("findbugs-security-jsp", securityJspRules)
//unclassifiedBugs = getAllPatternsFromPlugin(FSB) - (informationnalPatterns + cryptoBugs + majorBugs + majorBugsAuditOnly + criticalBugs + findBugsPatterns + exclusions + criticalJspBugs + majorJspBugs)
//unclassifiedBugs.each {b -> println(b)}
-println "Total bugs patterns "+totalCount
\ No newline at end of file
+println "Total bugs patterns "+totalCount
diff --git a/pom.xml b/pom.xml
index 2fb1958f..bb4ec82d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,7 +4,7 @@
com.github.spotbugs
sonar-findbugs-plugin
- 3.9.0-SNAPSHOT
+ 3.10.0-SNAPSHOT
sonar-plugin
SonarQube SpotBugs Plugin
diff --git a/src/main/java/org/sonar/plugins/findbugs/rules/FindbugsRulesDefinition.java b/src/main/java/org/sonar/plugins/findbugs/rules/FindbugsRulesDefinition.java
index c7c8b176..26a29597 100644
--- a/src/main/java/org/sonar/plugins/findbugs/rules/FindbugsRulesDefinition.java
+++ b/src/main/java/org/sonar/plugins/findbugs/rules/FindbugsRulesDefinition.java
@@ -29,7 +29,7 @@ public final class FindbugsRulesDefinition implements RulesDefinition {
public static final String REPOSITORY_KEY = "findbugs";
public static final String REPOSITORY_NAME = "FindBugs";
- public static final int RULE_COUNT = 452;
+ public static final int RULE_COUNT = 442;
public static final int DEACTIVED_RULE_COUNT = 6;
@Override
diff --git a/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-and-fb-contrib.xml b/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-and-fb-contrib.xml
index 3bd53274..6a30a21f 100644
--- a/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-and-fb-contrib.xml
+++ b/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-and-fb-contrib.xml
@@ -1112,39 +1112,9 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-only.xml b/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-only.xml
index 01b3860a..3eb95f3d 100644
--- a/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-only.xml
+++ b/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-only.xml
@@ -1112,39 +1112,9 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-security-minimal.xml b/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-security-minimal.xml
index eae7470e..f2786a8f 100644
--- a/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-security-minimal.xml
+++ b/src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-security-minimal.xml
@@ -245,9 +245,6 @@
-
-
-
diff --git a/src/main/resources/org/sonar/plugins/findbugs/rules-findbugs.xml b/src/main/resources/org/sonar/plugins/findbugs/rules-findbugs.xml
index 69571d56..63dd000c 100644
--- a/src/main/resources/org/sonar/plugins/findbugs/rules-findbugs.xml
+++ b/src/main/resources/org/sonar/plugins/findbugs/rules-findbugs.xml
@@ -3416,7 +3416,7 @@ use <code>0xff & b</code>.
INT_BAD_COMPARISON_WITH_INT_VALUE
<p> This code compares an int value with a long constant that is outside
the range of values that can be represented as an int value.
-This comparison is vacuous and possibly to be incorrect.
+This comparison is vacuous and possibly incorrect.
</p>
correctness
bug
@@ -4405,21 +4405,6 @@ If the object is, indeed, non-serializable, an error will result.
</p>
style
-
- Correctness - No previous argument for format string
- VA_FORMAT_STRING_NO_PREVIOUS_ARGUMENT
- <p>
-The format string specifies a relative index to request that the argument for the previous format specifier
-be reused. However, there is no previous argument.
-For example,
-</p>
-<p><code>formatter.format("%<s %s", "a", "b")</code>
-</p>
-<p>would throw a MissingFormatArgumentException when executed.
-</p>
- correctness
- bug
-
Bad practice - Format string should use %n rather than \n
VA_FORMAT_STRING_USES_NEWLINE
@@ -4429,117 +4414,6 @@ This format string includes a newline character (\n). In format strings, it is g
</p>
bad-practice
-
- Correctness - The type of a supplied argument doesn't match format specifier
- VA_FORMAT_STRING_BAD_CONVERSION
- <p>
-One of the arguments is incompatible with the corresponding format string specifier.
-As a result, this will generate a runtime exception when executed.
-For example, <code>String.format("%d", "1")</code> will generate an exception, since
-the String "1" is incompatible with the format specifier %d.
-</p>
- correctness
- bug
-
-
- Style - Non-Boolean argument formatted using %b format specifier
- VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN
- <p>
-An argument not of type Boolean is being formatted with a %b format specifier. This won't throw an
-exception; instead, it will print true for any non-null value, and false for null.
-This feature of format strings is strange, and may not be what you intended.
-</p>
- style
-
-
- Correctness - Array formatted in useless way using format string
- VA_FORMAT_STRING_BAD_CONVERSION_FROM_ARRAY
- <p>
-One of the arguments being formatted with a format string is an array. This will be formatted
-using a fairly useless format, such as [I@304282, which doesn't actually show the contents
-of the array.
-Consider wrapping the array using <code>Arrays.asList(...)</code> before handling it off to a formatted.
-</p>
- correctness
- bug
-
-
- Correctness - Number of format-string arguments does not correspond to number of placeholders
- VA_FORMAT_STRING_ARG_MISMATCH
- <p>
-A format-string method with a variable number of arguments is called,
-but the number of arguments passed does not match with the number of
-% placeholders in the format string. This is probably not what the
-author intended.
-</p>
- correctness
- bug
-
-
- Correctness - MessageFormat supplied where printf style format expected
- VA_FORMAT_STRING_EXPECTED_MESSAGE_FORMAT_SUPPLIED
- <p>
-A method is called that expects a Java printf format string and a list of arguments.
-However, the format string doesn't contain any format specifiers (e.g., %s) but
-does contain message format elements (e.g., {0}). It is likely
-that the code is supplying a MessageFormat string when a printf-style format string
-is required. At runtime, all of the arguments will be ignored
-and the format string will be returned exactly as provided without any formatting.
-</p>
- correctness
- bug
-
-
- Correctness - More arguments are passed than are actually used in the format string
- VA_FORMAT_STRING_EXTRA_ARGUMENTS_PASSED
- <p>
-A format-string method with a variable number of arguments is called,
-but more arguments are passed than are actually used by the format string.
-This won't cause a runtime exception, but the code may be silently omitting
-information that was intended to be included in the formatted string.
-</p>
- correctness
- bug
-
-
- Correctness - Illegal format string
- VA_FORMAT_STRING_ILLEGAL
- <p>
-The format string is syntactically invalid,
-and a runtime exception will occur when
-this statement is executed.
-</p>
- correctness
- bug
-
-
- Correctness - Format string references missing argument
- VA_FORMAT_STRING_MISSING_ARGUMENT
- <p>
-Not enough arguments are passed to satisfy a placeholder in the format string.
-A runtime exception will occur when
-this statement is executed.
-</p>
- correctness
- bug
-
-
- Correctness - Format string placeholder incompatible with passed argument
- VA_FORMAT_STRING_BAD_ARGUMENT
- <p>
-The format string placeholder is incompatible with the corresponding
-argument. For example,
-<code>
- System.out.println("%d\n", "hello");
-</code>
-<p>The %d placeholder requires a numeric argument, but a string value is
-passed instead.
-A runtime exception will occur when
-this statement is executed.
-</p>
- correctness
- bug
-
Correctness - Primitive array passed to function expecting a variable number of object arguments
VA_PRIMITIVE_ARRAY_PASSED_TO_OBJECT_VARARG
diff --git a/src/test/java/org/sonar/plugins/findbugs/FindbugsProfileImporterTest.java b/src/test/java/org/sonar/plugins/findbugs/FindbugsProfileImporterTest.java
index e45c83b6..90430863 100644
--- a/src/test/java/org/sonar/plugins/findbugs/FindbugsProfileImporterTest.java
+++ b/src/test/java/org/sonar/plugins/findbugs/FindbugsProfileImporterTest.java
@@ -91,7 +91,7 @@ public void shouldImportCategories() {
RulesProfile profile = importer.importProfile(new InputStreamReader(input), ValidationMessages.create());
List results = profile.getActiveRules();
- assertThat(results).hasSize(159);
+ assertThat(results).hasSize(150);
assertThat(profile.getActiveRule(FindbugsRulesDefinition.REPOSITORY_KEY, "BC_IMPOSSIBLE_DOWNCAST")).isNotNull();
}
@@ -148,7 +148,7 @@ public void testImportingXmlFileWithUnknownCategory() {
RulesProfile profile = importer.importProfile(new InputStreamReader(uncorrectFindbugsXml), messages);
List results = profile.getActiveRules();
- assertThat(results).hasSize(159);
+ assertThat(results).hasSize(150);
assertThat(messages.getErrors()).isEmpty();
assertThat(messages.getWarnings()).hasSize(1);
}
diff --git a/src/test/java/org/sonar/plugins/findbugs/profiles/FindbugsSecurityMinimalProfileTest.java b/src/test/java/org/sonar/plugins/findbugs/profiles/FindbugsSecurityMinimalProfileTest.java
index 4e133efd..9274781b 100644
--- a/src/test/java/org/sonar/plugins/findbugs/profiles/FindbugsSecurityMinimalProfileTest.java
+++ b/src/test/java/org/sonar/plugins/findbugs/profiles/FindbugsSecurityMinimalProfileTest.java
@@ -45,6 +45,6 @@ public void shouldCreateProfile() {
// The standard FindBugs include only 9. Fb-Contrib and FindSecurityBugs include other rules
assertThat(profile.getActiveRulesByRepository(FindbugsRulesDefinition.REPOSITORY_KEY)).hasSize(8);
// 62 rules total - 20 informational = 42 major or critical
- assertThat(profile.getActiveRulesByRepository(FindSecurityBugsRulesDefinition.REPOSITORY_KEY)).hasSize(84);
+ assertThat(profile.getActiveRulesByRepository(FindSecurityBugsRulesDefinition.REPOSITORY_KEY)).hasSize(83);
}
}