-
Notifications
You must be signed in to change notification settings - Fork 133
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Generating too much logs for findsec bug rules #78
Comments
@abhimankhutia This is a FindBugs bug that is probably a race condition in the engine itself. I remember seeing it once. If you are able to reproduce with FindBugs CLI, this will confirm that the problem is in the core of FB. |
No response. Unable to reproduce. |
Hello, In our logs we have the following lines (filtered on the keyword iteration) : After reading the code in https://github.com/spotbugs/spotbugs/blob/release-3.1/spotbugs/src/main/java/edu/umd/cs/findbugs/ba/Dataflow.java There may be another bug concerning the 'too many iterations', but I cannot give the code. Is it possible to fix at least the log problem ? Thanks in advance |
@Piloon Please report your bug as is on https://github.com/spotbugs/spotbugs/ |
I am getting huge DEBUG messages in log console when any find-sec-bug rule is enabled.
Am using SonarQube 5.6.1 with sonar-findbugs-plugin-3.4.3. Scans are triggered using sonarqube-scanner [without -e or -X] option. Our project is huge and scans are generating nearly 6 gb of logs.
Find-Sec rule enabled - Security - TrustManager that accept any certificates
Looks like debug option passed to sonarqube-scanner cli are not mapped to define findbug or find-sec-bug logging and default flag for DEBUG is considered true -
Eg. Log entries -
I am getting Dataflow dump for almost every class getting scanned.
Can you please let me know how to disable these logging through sonarqube-scanner cli ?
The text was updated successfully, but these errors were encountered: