FindBugs is a static analysis tool that finds coding mistakes in Java programs. It is widely popular, with more than a million downloads. In a student involving hundreds of engineers at Google, the issues identified by FindBugs were evaluated as should fix or must fix issues 81% of the time. However, many projects and developers use FindBugs on an ad-hoc basis, with individual developers running FindBugs sporadically. Some projects use FindBugs as part of their continuous build system, but find themselves unsure of the return on their investment and wondering if there might be a more effective way to use FindBugs. When first applying FindBugs is a large project and seeing hundreds or thousands of issues, others simply give up on using FindBugs. I’ll briefly review FindBugs, and describe techniques for cost-effective integration of FindBugs into the software development process for medium to huge software projects, with a focus on new features available in FindBugs 2.0. Topics include how to customize FindBugs to prioritize and filter issues important to your project, how to store bug data in a cloud so that everyone working on the project shares information about when the issue was first seen and whether people think the issue is important to fix, and ways to use annotations to help FindBugs detect even more errors in your code.
Presentation