Devs, I'd like to bring up static analysis for Solr and Lucene again. It's been about a year since the last conversation[1] and it might be time to revisit. There is a JIRA issue too[2], but it's also in need of some love.
ASF already provides a Sonar instance that we might be able to use[3], alternatively we can just hook up whatever static analysis tool works well with ant (this is most of them) and rely on Jenkins to provide reports. The Eclipse FindBugs plug-in works pretty well for me personally. I will plan on submitting first some patches to fix issues found as "critical" in my local instance. Then I will work on adding analysis to the build, and figuring out how to fail the build if we exceed a certain threshold. And then we can incrementally lower the threshold while fixing additional issues. Does this sound like a reasonable plan? I want to give folks a heads up before creating a bunch of issues - FindBugs currently reports just over 500 hits on trunk. Mike [1]: http://markmail.org/thread/pxf7lg7kzflnknmm [2]: https://issues.apache.org/jira/browse/LUCENE-5130 [3]: https://analysis.apache.org/
