Skip to content

Add configurable bug_categories input for SpotBugs scanning #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
Copilot wants to merge 2 commits into
base: main
Choose a base branch
from
+10 −1
Draft

Add configurable bug_categories input for SpotBugs scanning #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
23b8c65
Initial plan
Copilot Dec 16, 2025
ad86ba6
Add bug_categories input parameter to support additional SpotBugs cat…
Copilot Dec 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,9 @@ Then, set up this Action as a step in your Actions workflow, e.g. for a typical
* `path_prefix`: Add this path prefix to the start of file locations. Required: `false`
* `base_path`: The base path to use for installing the tools. Default: `/home/runner/work/`
* `ram`: The RAM to use in MB. Default: `768`
* `bug_categories`: The bug categories to report (comma-separated). Default: `SECURITY`
* Available categories: `SECURITY`, `BAD_PRACTICE`, `CORRECTNESS`, `PERFORMANCE`, `STYLE`, `MT_CORRECTNESS`, `I18N`, `MALICIOUS_CODE`, `EXPERIMENTAL`, `NOISE`
* Examples: `SECURITY`, `SECURITY,MALICIOUS_CODE`, `CORRECTNESS,PERFORMANCE,SECURITY`

## Full sample workflow

Expand Down
7 changes: 6 additions & 1 deletion action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,10 @@ inputs:
description: 'The amount of RAM to use for SpotBugs (in MB)'
required: false
default: '768'
bug_categories:
description: 'The bug categories to report (comma-separated). Available categories: SECURITY, BAD_PRACTICE, CORRECTNESS, PERFORMANCE, STYLE, MT_CORRECTNESS, I18N, MALICIOUS_CODE, EXPERIMENTAL, NOISE'
required: false
default: 'SECURITY'

# Allows for a custom runner home directory to be specified for self-hosted runners
base_path:
Expand Down Expand Up @@ -128,14 +132,15 @@ runs:
INPUT_SPOTBUGS_TARGET: ${{ inputs.spotbugs_target }}
INPUT_SPOTBUGS_GLOB: ${{ inputs.spotbugs_filename_glob }}
INPUT_RAM: ${{ inputs.ram }}
INPUT_BUG_CATEGORIES: ${{ inputs.bug_categories }}
SPOTBUGS_HOME: ${{ inputs.base_path }}/spotbugs+/spotbugs-${{ inputs.spotbugs_version }}
FINDSECBUGS_HOME: ${{ inputs.base_path }}/findsecbugs+/
SPOTBUGS_WORKING: ${{ inputs.base_path }}/spotbugs_working+/
run: |
mkdir -p "${SPOTBUGS_WORKING}"
cd "${SPOTBUGS_WORKING}"
SPOTBUGS_FILES=$(find "${GITHUB_WORKSPACE}/${INPUT_SPOTBUGS_TARGET}" -type f -name "${INPUT_SPOTBUGS_GLOB}" -exec echo -n {} \+)
"${SPOTBUGS_HOME}/bin/spotbugs" -maxHeap "${INPUT_RAM}" -textui -quiet -effort:max -low -bugCategories SECURITY -pluginList "${FINDSECBUGS_HOME}/findsecbugs-plugin-${INPUT_FINDSECBUGS_VERSION}.jar" -sarif=spotbugs.sarif ${SPOTBUGS_FILES}
"${SPOTBUGS_HOME}/bin/spotbugs" -maxHeap "${INPUT_RAM}" -textui -quiet -effort:max -low -bugCategories "${INPUT_BUG_CATEGORIES}" -pluginList "${FINDSECBUGS_HOME}/findsecbugs-plugin-${INPUT_FINDSECBUGS_VERSION}.jar" -sarif=spotbugs.sarif ${SPOTBUGS_FILES}
shell: bash

- name: Adjust file paths
Expand Down
1 change: 1 addition & 0 deletions starter-workflow.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,3 +53,4 @@ jobs:
# java_distribution: 'microsoft'
# java_version: '11'
# base_path: "/home/runner/work/"
# bug_categories: 'SECURITY' # or 'SECURITY,MALICIOUS_CODE' or 'CORRECTNESS,PERFORMANCE,SECURITY'