You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "Tim Nguyen (JIRA)" <ji...@apache.org> on 2018/12/01 05:17:00 UTC
[jira] [Commented] (KAFKA-7390) Enable the find-sec-bugs spotBugs
plugin for Gradle
[ https://issues.apache.org/jira/browse/KAFKA-7390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16705640#comment-16705640 ]
Tim Nguyen commented on KAFKA-7390:
-----------------------------------
[~omkreddy] just a quick update, it seems like the find-sec-bugs plugin is consuming a lot of memory to do the static analysis to find bugs on my local. I tried to let it have 8GB in free memory and still hit either GC overhead issues or java heap space issues.
Here is my fork commit: [https://github.com/timmy2702/kafka/commit/2b3db41688738db1eadc14a6542fb5e3d796361e]
I'm not sure whether we should move along with this plugin or not as described in the task since Jenkins will probably fail due to memory issues
> Enable the find-sec-bugs spotBugs plugin for Gradle
> ---------------------------------------------------
>
> Key: KAFKA-7390
> URL: https://issues.apache.org/jira/browse/KAFKA-7390
> Project: Kafka
> Issue Type: Improvement
> Reporter: Ismael Juma
> Assignee: Tim Nguyen
> Priority: Major
> Labels: newbie
>
> Once we switch to spotBugs (KAFKA-5887), we should try the find-sec-bugs plugin that helps find security issues:
>
> https://spotbugs.readthedocs.io/en/latest/gradle.html#introduce-spotbugs-plugin
> http://find-sec-bugs.github.io/
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)