Glenn, Thanks for this interesting report.
I noted that the problems reported here are harder to fix. They often touch upon design issues. See my efforts on the warnings for clone, https://issues.apache.org/bugzilla/show_bug.cgi?id=49754. Probably, when a codebase has no findbugs problems, it has a clean OO design. But for a code base with a long history and many authors, that is hardly feasible. Moreover, where would we find the time and budget to do all this work? I also noted that findbugs is too big for my simple machine. I do not develop FOP as a profession, so I do not have a larger machine for this purpose alone. There goes findbugs into the same corner as maven: for professionals only. Simon On Sun, Aug 15, 2010 at 04:40:47AM +0800, Glenn Adams wrote: > First, I wish to express my pleasure that checkstyle (5.1 at least) now > reports zero warnings/errors, and that only four deprecation warnings are > present at compile time. This is a significant improvement in code > cleanliness, and I hope that all committers will take the time to run > checkstyle and resolve new warnings before performing new commits. > > However, as I mentioned in a previous messge, there remain a fairly large > number of warnings/errors reported by findbugs: 922 of them to be exact. I > don't plan to take any action myself on these at the present time, since > I've managed to stir up the pot (and emotions) quite adequately with my > prior patch. However, if others wish to start addressing these issues, > perhaps incrementally over time, then we can move the code base even closer > to a zero warning state, or at least a state where we've audited all the > warnings adequately. To this end, I am attaching the current findbugs report > as a matter of interest. Because findbugs reports more potentially serious > semantic problems in the code, it is also likely that more potential real > bugs will be uncovered and addressed. -- Simon Pepping home page: http://www.leverkruid.eu