Spotbugs exclude filter in gradle project

Question

I am new to gradle and am trying to configure Spotbugs. I've added the plugin to the build.gradle and the spotbugs issues showed up. However I want to exclude the Findbugs EI_EXPOSE_REP and EI_EXPOSE_REP2 rules, because they show up for all my getter and setters. I have the following snippet in build.gradle:

apply plugin: 'java'
apply plugin: 'com.github.spotbugs'
apply plugin: 'findbugs'

spotbugs {
    toolVersion = '5.0.0'
}

tasks.withType(SpotBugsTask) {
    reports {
        xml.enabled = false
        html.enabled = true
    }
}

findbugs {
    excludeFilter = file("$rootProject.projectDir/config/findbugs/excludeFilter.xml")
    toolVersion = "3.0.1"
    effort = "max"
}

The excludeFilter.xml contains the following:

<?xml version="1.0" encoding="UTF-8"?>
<FindBugsFilter>
    <Match>
        <Bug pattern="EI_EXPOSE_REP"/>
    </Match>
    <Match>
        <Bug pattern="EI_EXPOSE_REP2"/>
    </Match>
</FindBugsFilter>

I also tried adding the exclude like this:

tasks.withType(FindBugs) {
    excludeFilter = file("$rootProject.projectDir/config/findbugs/excludeFilter.xml")
}

But it didn't work out, so probably I am missing something.

Answer 1

Try to add the exclude filter to the spotbugs configuration instead of findbugs: so you should probably try:

spotbugs {
    toolVersion = '5.0.0'
    excludeFilter.set(file("${spotbugsConfigDir}/excludeFilter.xml"))
}

Answer 2

The following lines add the SpotBugs 5.0.14 plugin to a Gradle project:

buildscript {
  repositories {
    mavenCentral()
    maven {
      url "https://plugins.gradle.org/m2/"
    }
  }

  dependencies {
    classpath "com.github.spotbugs.snom:spotbugs-gradle-plugin:5.0.14"
  }
}

plugins {
  id 'application'
  id "com.github.spotbugs" version "5.0.14"
}

spotbugs {
  excludeFilter.set(
      file("${projectDir}/bug-filter.xml")
  )
}

Create the file bug-filter.xml in the project's root directory. See the Filter file documentation (or PDF version) for details on the available options. Insert the following short snippet into the file to ignore EI and EI2 errors across all classes:

<?xml version="1.0" encoding="UTF-8"?>
<FindBugsFilter>
  <Match>
    <Or>
      <Bug code="EI, EI2" />
    </Or>
  </Match>
</FindBugsFilter>

The Bug descriptions page lists bug codes and patterns.

The FindBugsFilter root-level element name is a holdover.

---

As a side-note, too many accessors tend to indicate code isn't reaping the benefits of object-oriented programming.

Answer 3

Extension to @Dave Jarvis's answer above

---

Specifying following in build.gradle worked for me

spotbugs {
  ignoreFailures.set(false)
  excludeFilter = file('spotbugs-exclude.xml')
}

Other variations that I've seen are

• excludeFilter = project.file('spotbugs-exclude.xml')
• excludeFilter.set(file('spotbugs-exclude.xml'))

I had put the file in root-level of my project so I specified just the name of file; otherwise we can put something like file('${project.projectDir}/configuration/spotBugs/excludeFilter.xml') for specifying complete filepath

---

Do note that exclusion for unit-tests might possibly have to be configured separately in a spotbugsTest { .. } block of it's own (although we can still specify the same XML file)

spotbugs {
  ignoreFailures.set(true)
  excludeFilter = file('spotbugs-exclude-src.xml')
}

spotbugsTest {
  ignoreFailures.set(false)
  excludeFilter = file('spotbugs-exclude-tst.xml')
}

For format of spotbugs-exclude.xml file see FindBugs/FilterFiles