This page describes the major changes in FindBugs 2. We are well aware that the documentation on the new features in FindBugs 2.0 have not kept up with the implementation. We will be working to improve the documentation, but don't want to hold up the release any longer to improve the documentation.
Anyone currently using FindBugs 1.3.9 should find FindBugs 2.0 to largely be a drop-in replacement that offers better accuracy and performance.
Also check out http://code.google.com/p/findbugs/w/list for more information about some recent features/changes in FindBugs.
The major new features in FindBugs 2 are as follows:
Cloud storage of issue evaluations
For many years, you could store evaluations of FindBugs issues within the XML containing the analysis results. However, this approach did not work well for a team of distributed developers. Instead, we now provide a cloud based mechanism for storing this information. We are providing a free communal cloud (hostied by Google appengine) for storing evaluations of FindBugs issues. You can set up your own private cloud for storing issues, but at the moment this checking out a copy of FindBugs, making some modifications and building the cloud storage plugin from source. We hope to make it easier to have your own private cloud in FindBugs 2.0.1.
We have analyzed several large open source projects, and provide Java web start links to allow you to view the results. We'd be happy to work with projects to make the results available from a continuous build:
FindBugs update checks
FindBugs now checks to see if a new version of FindBugs or a plugin has been released. We make use of this check to collect statistics on the operating system, java version, locale and FindBugs entry point (e.g., ant, command line, GUI). More information is available, including information about how to disable update checks if your organization has a policy against allowing the collection of such information. No information about the code being analyzed is reported.
FindBugs 2.0 makes it much easier to customize FindBugs with plugins.
FindBugs looks for plugins in two places: your personal home directory, and in FindBugs home (plugins installed in your home directory take precedence). In both places, it looks in two places: the plugin directory, which contains plugins that are enabled by default, and the optionalPlugin directory, which contains plugins that are disabled by default but can be enabled for a particular project.
The FindBugs project includes several plugins:
In our own testing, we've seen an overall improvement of 9% in FindBugs performance from 1.3.9 to 2.0.0, with the majority of benchmarks seeing improvements. A few users have reported significant performance regressions and we are asking for more information from anyone seeing significant performance regressions.
New Bug patterns