##fb-contrib Eclipse quick fix plugin (fb-contrib quickfixes, for short) ## This repository extends the quick-fixes offered by the FindBugs Eclipse Plugin to cover the bugs detected by fb-contrib, Find Security Bugs and FindBugs itself.

##Installing the plugin## To install this project, open Eclipse, go to Help>Install New Software, and copy in the following link:

http://dl.bintray.com/kjlubick/fb-contrib-eclipse-quickfixes/

You must have Findbugs Eclipse Plugin version 3.0.1 (released March 6, 2015) or newer. If you don't, the Eclipse installer will try to install it for you.

Fb-contrib quickfixes has been tested on Eclipe Kepler and Luna.

##Supported quickfixes## See the FindBugs and fb-contrib bug description pages for more info

fb-contrib

• ACEM_ABSTRACT_CLASS_EMPTY_METHODS
• CSI_CHAR_SET_ISSUES_USE_STANDARD_CHARSET
• CSI_CHAR_SET_ISSUES_USE_STANDARD_CHARSET_NAME
• COM_COPIED_OVERRIDDEN_METHOD
• HCP_HTTP_REQUEST_RESOURCES_NOT_FREED_LOCAL
• JAO_JUNIT_ASSERTION_ODDITIES_USE_ASSERT_EQUALS
• LO_SUSPECT_LOG_CLASS
• LSC_LITERAL_STRING_COMPARISON
• MDM_RANDOM_SEED
• NAB_NEEDLESS_BOOLEAN_CONSTANT_CONVERSION
• NAB_NEEDLESS_BOXING_PARSE
• OCP_OVERLY_CONCRETE_PARAMETER
• SPP_CONVERSION_OF_STRING_LITERAL
• SPP_EQUALS_ON_ENUM
• SPP_USE_BIGDECIMAL_STRING_CTOR
• SPP_USE_ISEMPTY
• SPP_USE_ISNAN
• UCPM_USE_CHARACTER_PARAMETERIZED_METHOD
• UEC_USE_ENUM_COLLECTIONS
• USBR_UNNECESSARY_STORE_BEFORE_RETURN
• UVA_USE_VAR_ARGS

FindBugs

• CO_COMPARETO_INCORRECT_FLOATING
• DLS_DEAD_LOCAL_STORE_SHADOWS_FIELD
• DLS_DEAD_LOCAL_STORE
• DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE
• DMI_INVOKING_TOSTRING_ON_ARRAY
• FE_TEST_IF_EQUAL_TO_NOT_A_NUMBER
• ITA_INEFFICIENT_TO_ARRAY
• RV_RETURN_VALUE_IGNORED
• RV_RETURN_VALUE_IGNORED_BAD_PRACTICE
• SE_BAD_FIELD
• SF_DEAD_STORE_DUE_TO_SWITCH_FALLTHROUGH
• SF_SWITCH_NO_DEFAULT
• SQL_BAD_PREPARED_STATEMENT_ACCESS
• SQL_BAD_RESULTSET_ACCESS
• VA_FORMAT_STRING_BAD_CONVERSION
• VA_FORMAT_STRING_BAD_CONVERSION_FROM_ARRAY
• VA_FORMAT_STRING_BAD_CONVERSION_TO_BOOLEAN
• VA_FORMAT_STRING_USES_NEWLINE
• WMI_WRONG_MAP_ITERATOR

Find Security Bugs

• PREDICTABLE_RANDOM

##Simultaneous Quickfixes## Do you have many bugs detected with a quickfix? The base FindBugs plugin supports multiple fixes simultaneously:

##Setting up the project for development##

1. Download/install Eclipse Luna (4.4) or newer. The Eclipse for RCP and RAP Developers will work fine.
2. Install findbugs-eclipse-plugin-3.0.1 from the main FindBugs page. You may also just install fb-contrib-eclipse-quickfixes and have the findbugs plugin be auto-installed.
3. Clone findbugs : git clone https://code.google.com/p/findbugs/ GitHub for Windows or GitHub for Mac are good clients if you don't already have one. There are a lot of folders and projects associated with the root project, but you only need the findbugs. You may optionally include the findBugsEclipsePlugin project.
4. Open Eclipse. File>Import and then choose "Existing projects into workspace", and find the findbugs project (not the root project) you just cloned. You may have to run the build.xml in findbugs and findBugsEclipsePlugin to get the lib jars copied over, if you imported that project as well.
5. Clone and import fb-contrib into Eclipse. Follow the readme to get it setup to build.
6. Build fb-contrib by running the ant script build.xml.
7. Copy fb-contrib-6.1.0.jar (or later) to [Eclipse folder]\plugins\edu.umd.cs.findbugs.plugin.eclipse_3.0.1.20140817-dd3f35c\plugin where [Eclipse folder] is wherever you installed/extracted Eclipse to.
8. Fork/Clone this git repo. Import this project into Eclipse. You should have now imported 3 or 4 projects, fb-contrib, fb-contrib-eclipse-quick-fixes, findbugs and [optionally] findBugsEclipsePlugin. There should be no compile errors.

###Deploying fb-contrib quickfixes from Eclipse###

1. There are two default Run Configurations for Eclipse. If you don't see the included Launch Configurations under the green Run button, you may need to refresh the projects, or browse Run Configurations. Launch 3.x was tested on Indigo and Launch 4.x was tested on Kepler and Luna. Don't run either yet.

2. Make sure the desired Run Configuration is setup such that both findbugs plugins are selected under Target Platform. If you installed the compiled fb-contrib-eclipse-plugin, make sure only the version under Workspace is selected, else you may wonder why your features don't show up.

3. You will be able to run either Fb-Contrib-Eclipse configuration.

###Building the project as an update site to deploy###

1. Make a copy of local.properties.example and name it local.properties. In that file, point 'build.eclipse.dir' to a clean Eclipse (Luna) installation that you want to use to build the plugin. You may also update test.eclipse.dir to point to a clean Eclipse installation that you want to use to test, which can be an older version if you want. I build with Luna and test on Kepler on my local machine. Travis CI uses Luna for both stages.

2. Run build.xml as an Ant Build, which should build and create a p2 update site under ./output-site.

###Running unit tests from Ant### Execute the test-headless target in build.xml. Assuming your local.properties are setup (as above), it should fire up an instance of Eclipse and run the tests.

###Troubleshooting dev environment setup### Execute failed: java.io.IOException: Cannot run program "git": Assuming you have installed git, you may have to add git to your External Tools Configurations

###Development notes### This project comes with a preconfigured Eclipse formatter setting. These are the same settings used in the FindBugs Eclipse project. Try not to mix feature additions with formatting corrections - make a standalone "Formatting" commit.

Additionally, the launch configuration will use the workspace version of fb-contrib, but the installed version of the FindBugs Eclipse Plugin. You can easily make a launch configuration that uses the version from your workspace if you want.

Unit tests are encouraged. Write some buggy code (preferably sticking to one family of bugs), place it in classesToFix and a fixed version in fixedClasses. Then, add a test case to TestContributedQuickFix.java - look at the other test cases for examples of how to use the high-level assertion TestHarness.

To run the tests, you'll need to find rt.jar from your JAVA_HOME/lib and copy it to testResources. For Java 1.7, name it rt17.jar, for Java 1.8, rt18.jar, and so on. This allows the test code to compile.

Not sure where to start? How about this tutorial on making a quickfix and its follow up tutorial?

##License## FindBugs, the FindBugs Eclipse plugin, fb-contrib, Find Security Bugs, are all released under the LGPL license. This project relies on the compiled, released versions of each of those libraries. These libraries, and their source code, can be found by following the links provided.

Some small pieces of the testing framework are redistributed (having been modified) under the Eclipse Public License. Those source files have links to the originals.

This project, where not otherwise specified, is released under the MIT license. It's a very loose license, allowing liberal reuse/modification.