[commons-fileupload] branch master updated: FILEUPLOAD-323 - Implement spotbugs

Fri, 30 Apr 2021 02:56:42 -0700 

This is an automated email from the ASF dual-hosted git repository.

jochen pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-fileupload.git


The following commit(s) were added to refs/heads/master by this push:
     new 92386e2  FILEUPLOAD-323 - Implement spotbugs
     new 849ae27  Merge pull request #75 from 
arturobernalg/feature/FILEUPLOAD-323
92386e2 is described below

commit 92386e20c4f0bed4a2e2781390d63a0685f1760b
Author: Arturo Bernal <arturobern...@gmail.com>
AuthorDate: Thu Apr 29 21:33:43 2021 +0200

    FILEUPLOAD-323 - Implement spotbugs
---
 .github/workflows/maven.yml |  2 +-
 pom.xml                     | 19 +++++++++++++-
 spotbugs-exclude-filter.xml | 61 +++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 80 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 048732b..44c5f95 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -44,4 +44,4 @@ jobs:
         distribution: 'adopt'
         java-version: ${{ matrix.java }}
     - name: Build with Maven
-      run: mvn -V package --file pom.xml --no-transfer-progress
+      run: mvn -V package --file pom.xml --no-transfer-progress spotbugs:check
diff --git a/pom.xml b/pom.xml
index 43e2215..2a4816f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -232,6 +232,8 @@
     
<commons.distSvnStagingUrl>scm:svn:https://dist.apache.org/repos/dist/dev/commons/${commons.componentid}</commons.distSvnStagingUrl>
     <commons.releaseManagerName>Rob Tompkins</commons.releaseManagerName>
     
<commons.releaseManagerKey>B6E73D84EA4FCC47166087253FAAD2CD5ECBB314</commons.releaseManagerKey>
+    <spotbugs.plugin.version>4.2.3</spotbugs.plugin.version>
+    <spotbugs.impl.version>4.2.3</spotbugs.impl.version>
   </properties>
 
   <dependencies>
@@ -357,7 +359,7 @@
         </plugin>
       </plugins>
     </pluginManagement>
-    <defaultGoal>clean verify apache-rat:check clirr:check 
javadoc:javadoc</defaultGoal>
+    <defaultGoal>clean verify apache-rat:check clirr:check javadoc:javadoc 
spotbugs:check</defaultGoal>
   </build>
 
   <reporting>
@@ -458,6 +460,21 @@
               </execution>
             </executions>
           </plugin>
+          <plugin>
+            <groupId>com.github.spotbugs</groupId>
+            <artifactId>spotbugs-maven-plugin</artifactId>
+            <version>${spotbugs.plugin.version}</version>
+            <dependencies>
+              <dependency>
+                <groupId>com.github.spotbugs</groupId>
+                <artifactId>spotbugs</artifactId>
+                <version>${spotbugs.impl.version}</version>
+              </dependency>
+            </dependencies>
+            <configuration>
+              
<excludeFilterFile>${basedir}/spotbugs-exclude-filter.xml</excludeFilterFile>
+            </configuration>
+          </plugin>
         </plugins>
       </build>
     </profile>
diff --git a/spotbugs-exclude-filter.xml b/spotbugs-exclude-filter.xml
new file mode 100644
index 0000000..e680028
--- /dev/null
+++ b/spotbugs-exclude-filter.xml
@@ -0,0 +1,61 @@
+<?xml version="1.0"?>
+<!--
+   Licensed to the Apache Software Foundation (ASF) under one or more
+   contributor license agreements.  See the NOTICE file distributed with
+   this work for additional information regarding copyright ownership.
+   The ASF licenses this file to You under the Apache License, Version 2.0
+   (the "License"); you may not use this file except in compliance with
+   the License.  You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+-->
+
+<!--
+  This file contains some false positive bugs detected by spotbugs. Their
+  false positive nature has been analyzed individually and they have been
+  put here to instruct findbugs it must ignore them.
+-->
+<FindBugsFilter>
+    <!-- Reason: Initial commit. Need to refine -->
+    <Match>
+        <Class name="org.apache.commons.fileupload2.MultipartStream" />
+        <Method name="readHeaders" />
+        <Bug pattern="DM_DEFAULT_ENCODING" />
+    </Match>
+    <Match>
+        <Class name="org.apache.commons.fileupload2.MultipartStream" />
+        <Bug pattern="MS_PKGPROTECT" />
+    </Match>
+    <Match>
+        <Class name="org.apache.commons.fileupload2.ParameterParser" />
+        <Method name="parse" />
+        <Bug pattern="EI_EXPOSE_REP2" />
+    </Match>
+    <Match>
+        <Class name="org.apache.commons.fileupload2.disk.DiskFileItem" />
+        <Bug pattern="DM_DEFAULT_ENCODING" />
+    </Match>
+    <Match>
+        <Class name="org.apache.commons.fileupload2.disk.DiskFileItem" />
+        <Bug pattern="EI_EXPOSE_REP" />
+    </Match>
+    <Match>
+        <Class name="org.apache.commons.fileupload2.disk.DiskFileItem" />
+        <Bug pattern="RV_RETURN_VALUE_IGNORED_BAD_PRACTICE" />
+    </Match>
+    <Match>
+        <Class 
name="org.apache.commons.fileupload2.jaksrvlt.JakSrvltFileUpload" />
+        <Bug pattern="NM_WRONG_PACKAGE" />
+    </Match>
+    <Match>
+        <Class name="org.apache.commons.fileupload2.util.Streams" />
+        <Method name="asString" />
+        <Bug pattern="DM_DEFAULT_ENCODING" />
+    </Match>
+</FindBugsFilter>

Reply via email to