TechBookReport logo

Keywords: Java code quality, static analysis, Eclipse plug-in

Title: FindBugs

Licence: Lesser GPL

Platform: Java (1.4.0 or later)

Verdict: Recommended


FindBugs is an open-source static analysis package for Java code, and is used for identifying bugs, unsafe code and dubious programming practices. It's available as a standalone jar, as an Eclipse plug-in or via Java web start, though this review focuses primarily on the Eclipse version.

Installation is very straightforward from within Eclipse. Simply point the Software Updates wizard to and let it do its stuff. Once installed using FindBugs is incredibly straightforward. Select a project, in the Package Explorer for example, right-click and choose Find Bugs from the menu, the same process can be used to select an individual class.

FindBugs will analyse the class or package and produce a list of problems, which are displayed in the normal Problems window. Unlike normal compiler errors, the problems flagged by FindBugs are identified with a two or three-character code, along with some descriptive text. Clicking on one of these problems high-lights the offending line in the source editor, and right-clicking gives a Show Bug Details option, which opens a window that gives a one or two sentence description of the problem.

Because the issues flagged by FindBugs are at a higher level that those picked up Eclipse's internal compiler, there's not a quick-fix option that eradicates the problem in a couple of mouse-clicks. At times the issues it identifies come down to class design rather than simple coding issues. FindBugs works by looking at common bug patterns - in other words Java idioms that are associated with defects. The listing of these bug idioms is included on the FindBugs web site (

FindBugs is fully configurable, and it is possible to select which types of errors to include/exclude, and to set a severity level for reporting them. In Eclipse it's possible to do this via the Project properties, where the Find Bugs option gives a full listing of all of the bugs it looks for along with a check-box to select/deselect them. It's also possible to control whether it runs automatically in the background or whether it has to be kicked off manually. In use the plug-in soon feels like a natural part of Java development.

The Java web start version, which can be found here:, features a simple Swing GUI for creating projects. A project in this context is just a collection of jar files, source directories and classpaths. Once a project has been defined Find Bugs can be kicked off and the code analysed. A tabbed display is used to show bugs organised by class, by package, by bug type and bug category. Clicking on a bug in any view brings up the source code as well as more details of the bug.

The extra help in picking up design issues can be a real boon. Trying it out on your own code can be a salutary experience. Recommended.

Hit the 'back' key in your browser to return to subject index page

Return to home page

Contents © TechBookReport 2006. Published June 5 2006