config/spotbugs-include.xml

<FindBugsFilter>
    <!-- Probable bug - an apparent coding mistake resulting in code that was
        probably not what the developer intended. We strive for a low false positive 
        rate. -->
    <Match>
        <Bug category="CORRECTNESS" />
    </Match>

    <!-- A use of untrusted input in a way that could create a remotely exploitable 
        security vulnerability. -->
    <!-- <Match>
        <Bug category="SECURITY" />
    </Match> -->

    <!-- Violations of recommended and essential coding practice. Examples include 
        hash code and equals problems, cloneable idiom, dropped exceptions, Serializable 
        problems, and misuse of finalize. We strive to make this analysis accurate, 
        although some groups may not care about some of the bad practices. -->
    <Match>
        <Bug category="BAD_PRACTICE" />
    </Match>

    <!-- code that is confusing, anomalous, or written in a way that leads itself 
        to errors. Examples include dead local stores, switch fall through, unconfirmed 
        casts, and redundant null check of value known to be null. More false positives 
        accepted. In previous versions of FindBugs, this category was known as Style. -->
    <Match>
        <Bug category="STYLE" />
    </Match>

    <!-- code that is not necessarily incorrect but may be inefficient -->
    <Match>
        <Bug category="PERFORMANCE" />
    </Match>

    <!-- code that is vulnerable to attacks from untrusted code -->
    <Match>
        <Bug category="MALICIOUS_CODE" />
    </Match>

    <!-- code flaws having to do with threads, locks, and volatiles -->
    <!-- <Match>
        <Bug category="MT_CORRECTNESS" />
    </Match> -->

    <!-- Experimental and not fully vetted bug patterns -->
    <Match>
        <Bug category="EXPERIMENTAL" />
        <Confidence value="1"/>
    </Match>

</FindBugsFilter>