[jira] [Commented] (OOZIE-3395) Findbugs is no longer maintained

Fri, 22 Feb 2019 00:34:25 -0800 


    [ 
https://issues.apache.org/jira/browse/OOZIE-3395?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16774902#comment-16774902
 ] 

Julia Kinga Marton commented on OOZIE-3395:
-------------------------------------------

Thanks [~asalamon74] for the review. I have fixed your new findings as well.

Locally it produced the same output as before (intentionally I have introduced 
some new bugs):
{code}
-1 There are [2] new bugs found below threshold in total that must be fixed.
    +1 There are no new bugs found in [client].
    +1 There are no new bugs found in [core].
    +1 There are no new bugs found in [docs].
    +1 There are no new bugs found in [examples].
    +1 There are no new bugs found in [fluent-job/fluent-job-api].
    +1 There are no new bugs found in [server].
    +1 There are no new bugs found in [sharelib/distcp].
    +1 There are no new bugs found in [sharelib/git].
    +1 There are no new bugs found in [sharelib/hcatalog].
    +1 There are no new bugs found in [sharelib/hive].
    +1 There are no new bugs found in [sharelib/hive2].
    +1 There are no new bugs found in [sharelib/oozie].
    +1 There are no new bugs found in [sharelib/pig].
    -1 There are [2] new bugs found below threshold in [sharelib/spark] that 
must be fixed.
    You can find the SpotBugs diff here (look for the red and orange ones): 
sharelib/spark/findbugs-new.html
    The most important SpotBugs errors are:
    At SparkOptionsSplitter.java:[line 141]: The regular expression 
"([a-zA-Z0-9.]+=)?".*".*"" is vulnerable to a denial of service attack (ReDOS)
    At SparkOptionsSplitter.java:[line 140]: The regular expression 
"([a-zA-Z0-9.]+=)?".+"" is vulnerable to a denial of service attack (ReDOS)
    +1 There are no new bugs found in [sharelib/sqoop].
    +1 There are no new bugs found in [sharelib/streaming].
    +1 There are no new bugs found in [tools].
    +1 There are no new bugs found in [webapp].
{code}
 

> Findbugs is no longer maintained
> --------------------------------
>
>                 Key: OOZIE-3395
>                 URL: https://issues.apache.org/jira/browse/OOZIE-3395
>             Project: Oozie
>          Issue Type: Task
>            Reporter: Attila Sasvari
>            Assignee: Julia Kinga Marton
>            Priority: Minor
>         Attachments: OOZIE-3395-001.patch, OOZIE-3395-002.patch, 
> OOZIE-3395-003.patch
>
>
> https://gleclaire.github.io/findbugs-maven-plugin/
> {quote}
> Status: Since Findbugs is no longer maintained, please use Spotbugs which has 
> a Maven plugin.
> {quote}
> The plugin author recommends to migrate to Spotbugs: 
> https://spotbugs.github.io/
> It might  worth to investigate this plugin.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to