Add plugin support to Spotbugs (#233)

Adds support for using plugins with SpotBugs, see [documentation for common plugins](https://spotbugs.readthedocs.io/en/stable/links.html#spotbugs-plugins). This can for example be used to activate the [Find Security Bugs](https://find-sec-bugs.github.io/) plugin. ``` spotbugs_config( name = "spotbugs-custom-config", effort = "default", fail_on_warning = True, plugin_list = [ "@maven//:com_h3xstream_findsecbugs_findsecbugs_plugin", ], visibility = ["//visibility:public"], ) ```
bazel-contrib · Jan 12, 2024 · 284258f · 284258f
1 parent 11f98e2
commit 284258f
Show file tree

Hide file tree

Showing 6 changed files with 791 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -140,7 +140,7 @@ Use PMD to lint the `srcs`.
 ## spotbugs_config
 
 <pre>
-spotbugs_config(<a href="#spotbugs_config-name">name</a>, <a href="#spotbugs_config-effort">effort</a>, <a href="#spotbugs_config-exclude_filter">exclude_filter</a>, <a href="#spotbugs_config-fail_on_warning">fail_on_warning</a>, <a href="#spotbugs_config-spotbugs_binary">spotbugs_binary</a>)
+spotbugs_config(<a href="#spotbugs_config-name">name</a>, <a href="#spotbugs_config-effort">effort</a>, <a href="#spotbugs_config-exclude_filter">exclude_filter</a>, <a href="#spotbugs_config-fail_on_warning">fail_on_warning</a>, <a href="#spotbugs_config-plugin_list">plugin_list</a>, <a href="#spotbugs_config-spotbugs_binary">spotbugs_binary</a>)
 </pre>
 
 Configuration used for spotbugs, typically by the `//lint` rules.
@@ -154,6 +154,7 @@ Configuration used for spotbugs, typically by the `//lint` rules.
 | <a id="spotbugs_config-effort"></a>effort |  Effort can be min, less, default, more or max. Defaults to default   | String | optional | <code>"default"</code> |
 | <a id="spotbugs_config-exclude_filter"></a>exclude_filter |  Report all bug instances except those matching the filter specified by this filter file   | <a href="https://bazel.build/concepts/labels">Label</a> | optional | <code>None</code> |
 | <a id="spotbugs_config-fail_on_warning"></a>fail_on_warning |  Whether to fail on warning, or just create a report. Defaults to True   | Boolean | optional | <code>True</code> |
+| <a id="spotbugs_config-plugin_list"></a>plugin_list |  Specify a list of plugin Jar files to load   | <a href="https://bazel.build/concepts/labels">List of labels</a> | optional | <code>[]</code> |
 | <a id="spotbugs_config-spotbugs_binary"></a>spotbugs_binary |  The spotbugs binary to run.   | <a href="https://bazel.build/concepts/labels">Label</a> | optional | <code>@contrib_rules_jvm//java:spotbugs_cli</code> |
 
 

diff --git a/examples/tests_and_lints/BUILD.bazel b/examples/tests_and_lints/BUILD.bazel
@@ -0,0 +1,11 @@
+load("@contrib_rules_jvm//java:defs.bzl", "spotbugs_config")
+
+spotbugs_config(
+    name = "spotbugs-custom-config",
+    effort = "default",
+    fail_on_warning = True,
+    plugin_list = [
+        "@maven//:com_h3xstream_findsecbugs_findsecbugs_plugin",
+    ],
+    visibility = ["//visibility:public"],
+)
diff --git a/examples/tests_and_lints/MODULE.bazel b/examples/tests_and_lints/MODULE.bazel
@@ -3,6 +3,10 @@ module(
     version = "0.0.0",
 )
 
+bazel_dep(
+    name = "apple_rules_lint",
+    version = "0.3.2",
+)
 bazel_dep(
     name = "contrib_rules_jvm",
     version = "0.0.0",
@@ -17,6 +21,12 @@ bazel_dep(
     version = "5.3",
 )
 
+linter = use_extension("@apple_rules_lint//lint:extensions.bzl", "linter")
+linter.configure(
+    name = "java-spotbugs",
+    config = ":spotbugs-custom-config",
+)
+
 maven = use_extension("@rules_jvm_external//:extensions.bzl", "maven")
 maven.install(
     name = "maven",
@@ -25,6 +35,8 @@ maven.install(
         "org.junit.jupiter:junit-jupiter-engine:5.8.2",
         "org.junit.platform:junit-platform-launcher:1.8.2",
         "org.junit.platform:junit-platform-reporting:1.8.2",
+        "com.github.spotbugs:spotbugs:4.7.3",
+        "com.h3xstream.findsecbugs:findsecbugs-plugin:1.12.0",
     ],
     lock_file = "//:maven_install.json",
 )