[ https://issues.apache.org/jira/browse/OOZIE-2933?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16048542#comment-16048542 ]
Robert Kanter commented on OOZIE-2933: -------------------------------------- Thanks for doing this [~Jan Hentschel], I hadn't realized that findbugs is so old. A few minor things: # Looks like there's an 3.1.0 RC3 now, released not long ago; we may as well use that one. https://github.com/spotbugs/spotbugs/releases # Please file a followup JIRA to update to 3.1.0 GA release once it's out. It's best to not use RCs, but in this case I think it's okay. In any case, we should try to update again once it's GA. # The spotbugs website mentioned this "find-sec-bugs" plugin, which looks for security bugs in Java web apps, which is essentially what Oozie is. It would be great if we could add this plugin while we're here. http://find-sec-bugs.github.io/ Feel free to file this as a followup JIRA if you don't feel like working on it now though. By the way, we typically only use ReviewBoard for large/complicated changes or if someone asks. For simpler fixes, we don't usually bother. > Switch from Findbugs to Spotbugs > -------------------------------- > > Key: OOZIE-2933 > URL: https://issues.apache.org/jira/browse/OOZIE-2933 > Project: Oozie > Issue Type: Improvement > Components: build > Reporter: Jan Hentschel > Assignee: Jan Hentschel > Priority: Minor > Attachments: OOZIE-2933-1.patch, oozie-findbugs-pre-commit.txt > > > Because Findbugs hadn't a new release in some time other projects such as > Hadoop and HBase already switched to Spotbugs. This ticket proposes to switch > the current Findbugs implementation to Spotbugs, similar to the changes made > to Hadoop and HBase. -- This message was sent by Atlassian JIRA (v6.4.14#64029)