Markus Sprunck, Software Engineering Candies, http://www.sw-engineering-candies.com/
Findbugs is an open source tool for static code analysis of Java programs. It scans byte code for so called bug pattern to find defects and/or suspicious code. Although Findbugs needs the compiled class files it is not necessary to execute the code for the analysis. Working with Findbugs helps to prevent from shipping avoidable issues. It is also an excellent motivation for improving the skills of development teams to write better code in the first place.
Web Site: http://Findbugs.sourceforge.net/
Version Tested: Findbugs 2.0.1
System requirements: Java 1.5 or higher
License & Pricing: Open Source (Lesser GNU Public License)
Support: SourceForge Project (http://sourceforge.net/projects/Findbugs/)
What can I do with Findbugs?
Findbugs scans for possible bugs in Java software. Each finding is reported as a warning, but not all of these warnings are necessarily defects, e.g. warnings referring to possible performance issues. The terms bug or bug pattern are used in a misleading way by Findbugs. A better way would be to talk just about warnings. In the following article, the term warning will be used. All warnings are classified in four ranks: (i) scariest, (ii) scary, (iii) troubling and (iv) of concern. This is a hint to the developer about the possible impact/severity of the warnings. The current version reports 400 warnings in the nine categories:
