sonar-findbugs icon indicating copy to clipboard operation
sonar-findbugs copied to clipboard

Published 20 hours ago verified publisher icon spotbugs

Missing Classes for findbugs analysis: makeConcatWithConstants, toPredicate and get

Open Meinolf-S opened this issue 3 years ago • 7 comments

Issue Description

When using Sonarqube 7.9.5 (LTS) or 8.8.0 joing the latest configured findbug 4.0.3 plugin we get the following messages in the log output:

The following classes needed for analysis were missing: makeConcatWithConstants toPredicate get

The messages only appear when install findbugs 4.0.3 in sonarqube (the same also for older versions of findbugs)

Environment

Component Version
Maven 3.6.3
Java Adopt jdk-11.0.9.101-hotspot
Sonarqube 7.9.5 (LTS) also 8.8.0
sonar-maven-plugin 3.9.0.2155
Findbugs 4.0.3 Plugin in Sonarqube
FindSecBugs 1.11.0

Code (If needed)

The project code is a Spring Boot Java project joining Angular + Rest.

Meinolf-S avatar May 02 '21 12:05 Meinolf-S

Hello, This seems to be an issue in Spotbugs (which is used internally by the SonarQube Spotbugs plugin). A similar issue was reported in the Spotbugs project: https://github.com/spotbugs/spotbugs/issues/1680

gtoison avatar Sep 03 '21 09:09 gtoison

This is a due to https://github.com/spotbugs/spotbugs/issues/527, I guess.

victorwss avatar Sep 15 '21 11:09 victorwss

Also reported here (so an issue in FindSecBugs?) https://github.com/find-sec-bugs/find-sec-bugs/issues/692

gtoison avatar Feb 23 '23 20:02 gtoison

I don't have find-sec-bugs and neither I have spotbugs installed on the Sonar instance. I've got the following error:

...
The following classes needed for analysis were missing:
  makeConcatWithConstants
  apply
  hashCode
  toString
  equals
  test
  accept
  validate
  authenticate
  run
  get
  toPredicate
  create
  compare
  applyAsLong
  customize
  
  ...
  BUILD FAILED in 8m 3s

jdk 17 sonar Community EditionVersion 9.9 (build 65466) findbugs,false,sonar-findbugs-plugin-4.0.5.jar|b4c5a9c47d16e36d8c5bd9c8b1b5f819

YevheniiPokhvalii avatar Sep 04 '23 18:09 YevheniiPokhvalii

Findbugs was renamed Spotbugs but the sonar plugin remained "sonar-findbugs-plugin" for compatibility, so you do have Spotbugs installed, that plugin also comes with its own plugins (find-sec-bugs and fb-contrib).

gtoison avatar Sep 05 '23 05:09 gtoison

Findbugs was renamed Spotbugs but the sonar plugin remained "sonar-findbugs-plugin" for compatibility, so you do have Spotbugs installed, that plugin also comes with its own plugins (find-sec-bugs and fb-contrib).

I see. I checked that our previous Sonar setup did not use that plugin. The Sonar version was Community EditionVersion 9.8 (build 63668) and there was no findbugs nor spotbugs so it's highly likely that this plugin is causing the issue in our new Sonar.

Since I don't have full access to new Sonar server, is it possible to turn off this plugin somehow via sonar-project.properties or during a sonarqube execution? Am I right that this behavior can cause a build error?

YevheniiPokhvalii avatar Sep 05 '23 08:09 YevheniiPokhvalii

This message is a simple warning, it wouldn't cause a build error

gtoison avatar Sep 05 '23 10:09 gtoison