spotbugs

SpotBugs is FindBugs' successor. A tool for static analysis to look for bugs in Java code.

3517
592
Java

SpotBugs

Build Status
Documentation Status
Coverage Status
Maven Central
Javadocs

SpotBugs is the spiritual successor of FindBugs, carrying on from the point where it left off with support of its community.

SpotBugs is licensed under the GNU LESSER GENERAL PUBLIC LICENSE.

More information at the official website. A lot of things can still be found at the old FindBugs website.

Build

SpotBugs is built using Gradle. The recommended way to obtain it is to simply run the gradlew (or gradlew.bat) wrapper, which will automatically download and run the correct version as needed (using the settings in gradle/wrapper/gradle-wrapper.properties).

Building SpotBugs requires JDK 21 to run all the tests (using SpotBugs requires JDK 11 or above, but it can analyze code compiled with older versions).

To see a list of build options, run gradle tasks (or gradlew tasks). The build task will perform a full build and test.

To build the SpotBugs plugin for Eclipse, you’ll need to create the file eclipsePlugin/local.properties, containing a property eclipseRoot.dir that points to an Eclipse installation’s root directory (see .github/workflows/release.yml for an example), then run the build.
To prepare Eclipse environment only, run ./gradlew eclipse. See also detailed steps.

Using SpotBugs

SpotBugs can be used standalone and through several integrations, including:

Questions?

You can contact us using GitHub Discussions.