FindBugs – One Click Java Source Code Review

Having code review is good to identify overlooked bad practice that lead to future problem. But the cost is high and the benefit is very dependent on the skill level of the person who review the code.

FindBugs logo So what about have a software to do it for you? FindBugs is the answer. As the name imply, FindBugs is focus on identified bugs pattern.

FindBugs will inspect the Java code that don’t break you program today, but open a chance for defect in future. Besides those well known example of override equals() must also override hashCode(), an example of such code might be as simple as 3 line of codes below:

public void setBirthday(java.util.Date aBirthday){
this.birthday = aBirthday;
}

It is just a setter, how can this code cause a bug? FindBugs answer for this is: “EI2: May expose internal representation by incorporating reference to mutable object (EI_EXPOSE_REP2)”. And this is the explanation:

This code stores a reference to an externally mutable object into the internal representation of the object. If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

And the complete list of bugs pattern is having 339 items as in version 1.3.5-rc1, you may check it out here.

FindBugs also cac be integrated into Eclipse as an Eclipse plugin. Just follow the simples steps in the manual and you will get it work in your Eclipse within few minutes.


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

AddThis Social Bookmark Button

Leave a Reply