Episode 12: Using FindBugs in Anger

Guest: Bill Pugh

Host: Daniel Steinberg

Bill Pugh, a computer science professor at the University of
Maryland, is on a quest. As an academic, it is sometimes too easy
to lose touch with the issues that face software developers in the
trenches. He doesn't want to fall victim to this risk. Then again,
folks who know Pugh's work would never suggest that he has.

Pugh is the author of a program called FindBugs, a static analysis
tool for detecting errors in Java programs. It has famously found
several interesting bugs in the JDK standard libraries. This past,
summer, Pugh worked at Google to help integrate FindBugs into its
development environment and improve its code base.

FindBugs is a great example of "accidental research"... Work on
techniques for compressing Java class files produced utilities for
doing static analysis of source code, which ultimately found a new
application in detecting standard classes of errors that we
programmers make in our code.

You don't have to be Google to benefit from FindBugs or Pugh's
expertise. Along with his colleague David Hovemeyer, he will teach
a tutorial at ooPSLA titled

Using FindBugs in Anger.
In this tutorial, you'll learn how to incorporate FindBugs into your
software development process, with an emphasis on solving issues that
arise on projects with large code bases and multiple developers.
Topics include differential analysis, for studying changes in the
code base since the last build or release; persistent auditing; and
annotations.

In this podcast, Pugh joins Daniel Steinberg of DimSumThinking to
chat about static analysis tools, his own FindBugs tool for Java,
and how to use such tools most effectively in improving the quality
of your code base.