java source code of FindBugsParser

analysis-model-master
- .github
  - release-drafter.yml
  - workflows
    - ci.yml
    - run-release-drafter.yml
    - coverage.yml
    - assign-pr.yml
  - auto_assign.yml
  - labels.yml
- .remarkrc
- src
  - main
    - java
      - edu
        hm
        hafner
        util
        XmlElementUtil.java
        LookaheadStream.java
        package-info.java
        IntegerParser.java
        analysis
        CSharpNamespaceDetector.java
        Severity.java
        LineRange.java
        IssueParser.java
        JavaPackageDetector.java
        IssueDifference.java
        AbstractPackageDetector.java
        PackageDetectors.java
        PackageNameResolver.java
        ParsingCanceledException.java
        ModuleResolver.java
        Categories.java
        ModuleDetector.java
        ReaderFactory.java
        FingerprintGenerator.java
        package-info.java
        SecureXmlParserFactory.java
        FilteredLog.java
        FullTextFingerprint.java
        Report.java
        ParsingException.java
        FileNameResolver.java
        DuplicationGroup.java
        SecureDigester.java
        Issue.java
        IssueBuilder.java
        FileReaderFactory.java
        LookaheadParser.java
        RegexpLineParser.java
        parser
        IarParser.java
        TiCcsParser.java
        jcreport
        Item.java
        package-info.java
        Report.java
        File.java
        JcReportParser.java
        ClangAnalyzerPlistParser.java
        AjcParser.java
        GnatParser.java
        XmlParser.java
        GoLintParser.java
        MsBuildParser.java
        RfLintParser.java
        InvalidsParser.java
        CargoCheckParser.java
        IdeaInspectionParser.java
        SphinxBuildParser.java
        AnsibleLintParser.java
        PreFastParser.java
        SonarQubeParser.java
        DiabCParser.java
        dry
        dupfinder
        Duplicate.java
        DupFinderParser.java
        Fragment.java
        package-info.java
        Range.java
        simian
        Block.java
        package-info.java
        Set.java
        SimianParser.java
        package-info.java
        cpd
        Duplication.java
        package-info.java
        SourceFile.java
        CpdParser.java
        AbstractDryParser.java
        ClangTidyParser.java
        GoVetParser.java
        gendarme
        GendarmeRuleType.java
        package-info.java
        GendarmeParser.java
        GendarmeRule.java
        IssuePropertiesParser.java
        JSLintXmlSaxParser.java
        PerlCriticParser.java
        AntJavacParser.java
        Gcc4CompilerParser.java
        ArmccCompilerParser.java
        BuckminsterParser.java
        ccm
        Metric.java
        CcmParser.java
        Ccm.java
        package-info.java
        TnsdlParser.java
        LintParser.java
        SbtScalacParser.java
        fxcop
        FxCopRule.java
        package-info.java
        FxCopParser.java
        FxCopRuleSet.java
        GnuFortranParser.java
        ScalacParser.java
        EclipseXMLParser.java
        pvsstudio
        PlogMessage.java
        AnalyzerType.java
        PVSStudioParser.java
        RuboCopParser.java
        JsonParser.java
        violations
        PitAdapter.java
        AndroidLintParserAdapter.java
        YamlLintAdapter.java
        AbstractViolationAdapter.java
        ResharperInspectCodeAdapter.java
        JsHintAdapter.java
        Flake8Adapter.java
        KlocWorkAdapter.java
        package-info.java
        CppCheckAdapter.java
        XmlLintAdapter.java
        PyDocStyleAdapter.java
        JUnitAdapter.java
        ZptLintAdapter.java
        DocFxAdapter.java
        CodeNarcAdapter.java
        MyPyAdapter.java
        JavaDocParser.java
        QacSourceCodeAnalyserParser.java
        DrMemoryParser.java
        MavenConsoleParser.java
        CMakeParser.java
        StyleCopParser.java
        PuppetLintParser.java
        MentorParser.java
        DScannerParser.java
        Pep8Parser.java
        package-info.java
        checkstyle
        CheckStyle.java
        Error.java
        package-info.java
        File.java
        CheckStyleParser.java
        GhsMultiParser.java
        Armcc5CompilerParser.java
        EclipseParser.java
        JsonBaseParser.java
        CoolfluxChessccParser.java
        MetrowerksCwLinkerParser.java
        SunCParser.java
        IarCstatParser.java
        YuiCompressorParser.java
        JavacParser.java
        TaskingVxCompilerParser.java
        CadenceIncisiveParser.java
        XlcLinkerParser.java
        SonarQubeDiffParser.java
        SonarQubeIssuesParser.java
        PhpParser.java
        IntelParser.java
        CodeAnalysisParser.java
        NagFortranParser.java
        GradleErrorProneParser.java
        XlcCompilerParser.java
        ProtoLintParser.java
        FindBugsParser.java
        ErrorProneParser.java
        AcuCobolParser.java
        P4Parser.java
        FlexSdkParser.java
        GccParser.java
        ClangParser.java
        RobocopyParser.java
        Gcc4LinkerParser.java
        JsonLogParser.java
        TaglistParser.java
        PyLintParser.java
        MetrowerksCwCompilerParser.java
        EclipseMavenParser.java
        CppLintParser.java
        ErlcParser.java
        pmd
        PmdParser.java
        Pmd.java
        Violation.java
        package-info.java
        File.java
        PmdError.java
        LineRangeList.java
  - test
    - resources
      - logging.properties
      - archunit_ignore_patterns.txt
      - edu
        hm
        hafner
        analysis
        dry.ser
        settings-1.gradle
        build.xml
        ActionBinding.cs
        eclipse-withinfo.xml
        normalized.txt
        pom.xml
        encoded-with-UTF8.xml
        Class1.cs
        settings-4.gradle
        ActionBinding-Original-Formatting.cs
        settings-2.gradle
        report.ser
        encoded-without-encoding.xml
        settings-3.gradle
        ath-colored.log
        relative.txt
        no-name-pom.xml
        MANIFEST-NAME.MF
        fingerprint-two.txt
        l10n.properties
        context.txt
        child
        child.txt
        issue.ser
        fingerprint-one.txt
        complicated-package-declaration.txt
        MavenJavaTest.txt.java
        encoded-with-ISO8859-1.xml
        settings-5.gradle
        MANIFEST.MF
        parser
        IdeaInspectionExample.xml
        issue56235.xml
        gcc.txt
        issue20544.txt
        issue24611.txt
        javadoc-category.txt
        puppet-lint.txt
        issue14888.txt
        issue17792.txt
        eclipse.txt
        jcreport
        testCorrect.xml
        jcoderz-report.xml
        testCorrupt.xml
        testReportProps.xml
        NagFortran.txt
        clang-analyzer-bad.txt
        ansibleLint.txt
        issue26441.txt
        issue9926.txt
        hpi.txt
        issue54506.txt
        issue21377.txt
        issue55846.log
        issues.json
        issue5870.txt
        issues-invalid.json
        issue18081.txt
        project.ser.xml
        MetrowerksCWLinker.txt
        issue5402.txt
        armcc5.txt
        maven-console.txt
        apple-llvm-clang.txt
        maven-enforcer2.log
        issue37975.txt
        eclipse-withjavadoc.xml
        issue4712.txt
        issue4010.txt
        issue4700.txt
        gnat.txt
        issue13969.txt
        dry
        dupfinder
        with-sourcecode.xml
        without-sourcecode.xml
        otherfile.xml
        simian
        simian-2.3.31.xml
        otherfile.xml
        onefile.xml
        twosets.xml
        fourfile.xml
        twofile.xml
        cpd
        issue12516.xml
        one-cpd.xml
        cpd.xml
        issue22356.xml
        otherfile.xml
        pmd-cpd.xml
        flexsdk.txt
        issue58159-2.txt
        NagFortranWarning.txt
        stylecop.xml
        sonarqube-differential-multimodule.json
        issue8630.txt
        yui.txt
        issue4274.txt
        javadoc.txt
        issue7718.txt
        javac.txt
        NagFortranError.txt
        issue56612.log
        issue56030.log
        issue11799.txt
        issue11675.txt
        gendarme
        Gendarme.xml
        Gendarme_unix.xml
        maven-goals.log
        issue14043.txt
        eclipse-withinfo.xml
        issue4098.txt
        issue17309.txt
        buckminster.txt
        armcc.txt
        QACSourceCodeAnalyser.txt
        issue6971.txt
        xlc-linker.txt
        issue56193.log
        issue57365.txt
        kotlin-gradle.txt
        issue56020.ninja.log
        all.txt
        issue2383.txt
        json-issues-lineBreak.log
        issue34141.txt
        taglist.xml
        issue4932.txt
        gcc4.txt
        GnuFortranInternalError.txt
        issues-no-issues.json
        rubocop.log
        MetrowerksCWCompiler.txt
        maven-line-number.log
        issue18290.txt
        error-prone.log
        issues-broken.json
        pep8Test.txt
        java-eclipse-ant.log
        javac-timestamps.txt
        issue17792-nofilename.txt
        GnuFortranWarning.txt
        GnuFortranInvalid.txt
        javac-errorprone.txt
        error-prone-maven.log
        issue12280.txt
        perforce.txt
        dscanner-report.json
        maven-enforcer.log
        issue14333.txt
        sunc.txt
        errorprone-maven.log
        issue20154.txt
        sonarqube-differential.json
        issue16826.txt
        CargoCheck.json
        sonarqube-api-multimodule.json
        golint.txt
        pvsstudio
        TestReport.plog
        iar-nowrap.log
        eclipse-maven-withjavadoc.log
        gradle.java.log
        issue8823.txt
        issue8347.txt
        invalids.txt
        deprecations.txt
        coolfluxchesscc.txt
        NagFortranRuntimeError.txt
        issue6563.txt
        iar-ewarm-6.3.txt
        issue7775.txt
        violations
        issue55733-multiple-tags-with-same-id.xml
        flake8-issue53786
        flake8.log
        TEST-org.jenkinsci.plugins.jvctb.perform.JvctbPerformerTest.xml
        pydocstyle.txt
        zptlint.log
        cppcheck.xml
        pit.xml
        codeNarc.xml
        docfx.json
        yamllint.txt
        ResharperInspectCode.xml
        junit.xml
        jshint.xml
        issue55345.json
        mypy.txt
        xmllint.txt
        issue55733.xml
        klocwork.xml
        android-lint.xml
        flake8.txt
        NagFortranQuestionable.txt
        issue42823.txt
        issue38215.txt
        issue10566.txt
        maven-multimodule.log
        iar-cstat.txt
        scalac.txt
        fxcop.xml
        findbugs
        issue12314.xml
        issue7312.xml
        findbugs-nomessage.xml
        findbugs-native.xml
        findbugs-3rd-party-category.xml
        spotbugsXml.xml
        rflint.txt
        issue18084.txt
        php.txt
        tasking-vx.txt
        issue4707.txt
        issue4260.txt
        issue22386.txt
        issue21240.txt
        issue56020.makefile.log
        xmlParserDefault.xml
        NagFortranObsolescent.txt
        issue5605.txt
        issue56450.txt
        NagFortranFatalError.txt
        codeanalysis.txt
        issue4731.txt
        cpplint.txt
        ticcs.txt
        pynamodb_ccm_results_sample.xml
        checkstyle
        all-severities.xml
        issue19122.xml
        checkstyle.xml
        scalastyle-output.xml
        issue25511.xml
        issue27664.txt
        javac-parallel-pipeline.txt
        issue58159.txt
        issue31936.txt
        json-issues.log
        issue60033.txt
        issue27914.txt
        pyLint.txt
        msbuild.txt
        tnsdl.txt
        NagFortranPanic.txt
        MSBuildANSIColor.txt
        sbtScalac.txt
        issue2316.txt
        eclipse-withjavadoc.log
        taskname.txt
        issue59118.txt
        issue6709.txt
        issue55750.txt
        sonarqube-api.json
        CadenceIncisive.txt
        issue7178.txt
        ant-javac.txt
        issue36817.txt
        NagFortranExtension.txt
        kernel.log
        ClangTidy.txt
        issue48647.txt
        json-issues-empty.txt
        intelc.txt
        gcc4ld.txt
        jslint
        multi.xml
        single.xml
        jslint.xml
        csslint.xml
        perlcritic.txt
        issue51485.txt
        NagFortranDeletedFeatureUsed.txt
        issue14172.xml
        issue32298.txt
        issue27681.txt
        issue4576.txt
        PREfast.xml
        GnuFortranFatalError.txt
        eclipse-withinfo.txt
        issue12822.txt
        issue3582.txt
        ant-javac-japanese.txt
        xmlParserException.xml
        ajc.txt
        issue55840.windows.txt
        maven-ansi.txt
        timestamps.log
        issue5606.txt
        robocopy.txt
        acu.txt
        maven.txt
        govet.txt
        GnuFortran.txt
        issue5445.txt
        clang-analyzer-test.txt
        issue3897.txt
        issue57379.txt
        dscanner-incomplete-report.json
        drmemory.txt
        kotlin-maven-plugin.txt
        ghsmulti.txt
        NagFortranInfo.txt
        xmlParserCustomPath.xml
        gnuMakeGcc.txt
        issue5868.txt
        xmlParserIncompatibleValues.xml
        project.ser
        issue38557.txt
        issue6427.txt
        issue55840.linux.txt
        diabc.txt
        modelsim.log
        cmake.txt
        issue55221.txt
        xlc.txt
        sphinxbuild.txt
        erlc.txt
        stylecop
        stylecop-v4.3.xml
        onefile.xml
        issue55368.txt
        json-issues-duplicate.log
        GnuFortranError.txt
        issue2133.txt
        pmd
        empty.xml
        issue54736.xml
        lines-columns.xml
        issue12801.xml
        equals-test.xml
        otherfile.xml
        4-pmd-warnings.xml
        warning-message-with-dot.xml
        javac-errors.txt
        cpplint-message-with-colon.txt
        issue7077.txt
        issue11926.txt
        pylint_parseable.txt
        doxygen.txt
        Program.cs
        MavenJavaTest.txt
      - python_src
        pypackage
        pymodule.py
        __init__.py
      - design.puml
    - java
      - edu
        hm
        hafner
        util
        IntegerParserTest.java
        LookaheadStreamTest.java
        ArchitectureTest.java
        PackageArchitectureTest.java
        analysis
        ReportTest.java
        FullTextFingerprintTest.java
        DuplicationGroupTest.java
        IssueTest.java
        FileReaderFactoryTest.java
        IssueBuilderTest.java
        IssueFilterTest.java
        CSharpNamespaceDetectorTest.java
        FingerprintGeneratorTest.java
        PackageDetectorsTest.java
        ModuleResolverTest.java
        JavaPackageDetectorTest.java
        LineRangeListTest.java
        FilteredLogTest.java
        ReportPrinterTest.java
        FileNameResolverTest.java
        IssueDifferenceTest.java
        AbstractParserTest.java
        PackageNameResolverTest.java
        SecureXmlParserFactoryTest.java
        SeverityTest.java
        parser
        FindBugsParserTest.java
        MavenConsoleParserTest.java
        P4ParserTest.java
        CheckStyleParserTest.java
        GnatParserTest.java
        PreFastParserTest.java
        SunCParserTest.java
        FlexSdkParserTest.java
        CcmParserTest.java
        EclipseXMLParserTest.java
        TaglistParserTest.java
        RfLintParserTest.java
        PhpParserTest.java
        PmdParserTest.java
        Gcc4LinkerParserTest.java
        XlcParserTest.java
        dry
        dupfinder
        DupFinderParserTest.java
        simian
        SimianParserTest.java
        cpd
        CpdParserTest.java
        DrMemoryParserTest.java
        NagFortranParserTest.java
        JavaDocParserTest.java
        JsonLogParserTest.java
        MentorParserTest.java
        SonarQubeIssuesParserTest.java
        CMakeParserTest.java
        EclipseMavenParserTest.java
        GccParserTest.java
        ClangParserTest.java
        AnsibleLintParserTest.java
        QacSourceCodeAnalyserParserTest.java
        FxcopParserTest.java
        MetrowerksCwLinkerParserTest.java
        CssLintParserTest.java
        Gcc4CompilerParserTest.java
        SonarQubeDiffParserTest.java
        IdeaInspectionParserTest.java
        ErrorProneParserTest.java
        CargoCheckParserTest.java
        pvsstudio
        PVSStudioParserTest.java
        PerlCriticParserTest.java
        IarParserTest.java
        violations
        ResharperInspectCodeAdapterTest.java
        AndroidLintParserAdapterTest.java
        XmlLintAdapterTest.java
        CodeNarcAdapterTest.java
        ZptLintAdapterTest.java
        PitAdapterTest.java
        JUnitAdapterTest.java
        KlocWorkAdapterTest.java
        CppCheckAdapterTest.java
        DocFxAdapterTest.java
        PyDocStyleAdapterTest.java
        Flake8AdapterTest.java
        JsHintAdapterTest.java
        YamlLintAdapterTest.java
        MyPyAdapterTest.java
        XmlParserTest.java
        SbtScalacParserTest.java
        JSLintParserTest.java
        MetrowerksCwCompilerParserTest.java
        AjcParserTest.java
        GhsMultiParserTest.java
        DiabCParserTest.java
        IntelParserTest.java
        RuboCopParserTest.java
        ClangTidyParserTest.java
        DoxygenParserTest.java
        CodeAnalysisParserTest.java
        GendarmeParserTest.java
        ScalacParserTest.java
        SphinxBuildParserTest.java
        ProtoLintParserTest.java
        GoLintParserTest.java
        MsBuildParserTest.java
        YuiCompressorParserTest.java
        RobocopyParserTest.java
        HpiCompileParserTest.java
        CadenceIncisiveParserTest.java
        IarCstatParserTest.java
        PylintParserTest.java
        ErlcParserTest.java
        InvalidsParserTest.java
        Pep8ParserTest.java
        BuckminsterParserTest.java
        TaskingVxCompilerParserTest.java
        StyleCopParserTest.java
        PuppetLintParserTest.java
        JcReportParserTest.java
        JavacParserTest.java
        AcuCobolParserTest.java
        TnsdlParserTest.java
        ClangAnalyzerPlistParserTest.java
        CppLintParserTest.java
        GradleErrorProneParserTest.java
        TiCcsParserTest.java
        GoVetParserTest.java
        AntJavacParserTest.java
        ArmccCompilerParserTest.java
        XlcLinkerParserTest.java
        EclipseParserTest.java
        Armcc5CompilerParserTest.java
        JsonParserTest.java
        GnuFortranParserTest.java
        CoolfluxChessccParserTest.java
        EclipseSharedChecks.java
        DScannerParserTest.java
        ModuleDetectorTest.java
        Example.jenkinsfile
- .pmd
- pom.xml
- LICENSE
- CONTRIBUTING.md
- package-lock.json
- .gitattributes
- .settings
  - org.eclipse.jdt.ui.prefs
  - edu.umd.cs.findbugs.core.prefs
  - org.eclipse.jdt.core.prefs
  - org.eclipse.core.resources.prefs
- CHANGELOG.md
- .checkstyle
- codacy
  - checkstyle.xml
  - ruleset.xml
- .mvn
  - extensions.xml
  - maven.config
- .dependabot
  - config.yml
- README.md
- package.json
- bin
  - release.sh
  - snapshot.sh
  - go.sh
- .idea
  - checkstyle-idea.xml
  - codeStyles
    - codeStyleConfig.xml
    - Project.xml
  - inspectionProfiles
    - Project_Default.xml
  - .name
  - .gitignore
- etc
  - assertj-templates
    - assertions_entry_point_class_template.txt
    - soft_assertions_entry_point_class_template.txt
  - Jenkinsfile.fullBuild
  - Jenkinsfile.declarative
  - Jenkinsfile.parallel.declarative
  - Jenkinsfile.local
  - Jenkinsfile.analysis
- .gitignore
- Jenkinsfile
- .project
- doc
  - dependencies.puml

package edu.hm.hafner.analysis.parser; // NOPMD

import java.io.IOException;
import java.io.Reader;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

import org.apache.commons.digester3.Digester;
import org.apache.commons.lang3.StringUtils;
import org.dom4j.DocumentException;
import org.xml.sax.SAXException;

import edu.hm.hafner.analysis.IssueBuilder;
import edu.hm.hafner.analysis.IssueParser;
import edu.hm.hafner.analysis.LineRange;
import edu.hm.hafner.analysis.LineRangeList;
import edu.hm.hafner.analysis.ParsingException;
import edu.hm.hafner.analysis.ReaderFactory;
import edu.hm.hafner.analysis.Report;
import edu.hm.hafner.analysis.SecureDigester;
import edu.hm.hafner.analysis.Severity;
import edu.hm.hafner.util.VisibleForTesting;
import edu.umd.cs.findbugs.BugAnnotation;
import edu.umd.cs.findbugs.BugInstance;
import edu.umd.cs.findbugs.Project;
import edu.umd.cs.findbugs.SortedBugCollection;
import edu.umd.cs.findbugs.SourceLineAnnotation;
import edu.umd.cs.findbugs.annotations.Nullable;
import edu.umd.cs.findbugs.ba.SourceFile;
import edu.umd.cs.findbugs.ba.SourceFinder;

import static edu.hm.hafner.analysis.parser.FindBugsParser.PriorityProperty.*;

/**
 * A parser for the native FindBugs XML files.
 *
 * @author Ullrich Hafner
 */
@SuppressWarnings("ClassFanOutComplexity")
public class FindBugsParser extends IssueParser {
    private static final long serialVersionUID = 8306319007761954027L;

    /**
     * FindBugs 2 and 3 classifies issues using the bug rank and priority (now renamed confidence). Bugs are given a
     * rank 1-20, and grouped into the categories scariest (rank 1-4), scary (rank 5-9), troubling (rank 10-14), and of
     * concern (rank 15-20). Many people were confused by the priority reported by FindBugs, and considered all HIGH
     * priority issues to be important. To reflect the actually meaning of this attribute of issues, it has been renamed
     * confidence. Issues of different bug patterns should be compared by their rank, not their confidence.
     */
    public enum PriorityProperty {
        /** Use the priority/confidence to create corresponding {@link Severity priorities}. */
        CONFIDENCE,
        /** Use rank to create corresponding {@link Severity priorities}. */
        RANK
    }

    private static final String DOT = ".";
    private static final String SLASH = "/";

    private static final int HIGH_PRIORITY_LOWEST_RANK = 4;
    private static final int NORMAL_PRIORITY_LOWEST_RANK = 9;

    /** Determines whether to use the rank when evaluation the priority. */
    private final PriorityProperty priorityProperty;

    /**
     * Creates a new instance of {@link FindBugsParser}.
     *
     * @param priorityProperty
     *         determines whether to use the rank or confidence when evaluation the {@link Severity}
     */
    public FindBugsParser(final PriorityProperty priorityProperty) {
        super();

        this.priorityProperty = priorityProperty;
    }

    @Override
    public Report parse(final ReaderFactory readerFactory) throws ParsingException {
        Collection<String> sources = new ArrayList<>();
        String moduleRoot = StringUtils.substringBefore(readerFactory.getFileName(), "/target/");
        sources.add(moduleRoot + "/src/main/java");
        sources.add(moduleRoot + "/src/test/java");
        sources.add(moduleRoot + "/src");
        return parse(readerFactory, sources, new IssueBuilder());
    }

    @VisibleForTesting
    Report parse(final ReaderFactory readerFactory, final Collection<String> sources, final IssueBuilder builder)
            throws ParsingException {
        Map<String, String> hashToMessageMapping = new HashMap<>();
        Map<String, String> categories = new HashMap<>();

        try (Reader input = readerFactory.create()) {
            List<XmlBugInstance> bugs = preParse(input);
            for (XmlBugInstance bug : bugs) {
                hashToMessageMapping.put(bug.getInstanceHash(), bug.getMessage());
                categories.put(bug.getType(), bug.getCategory());
            }
        }
        catch (SAXException | IOException exception) {
            throw new ParsingException(exception);
        }

        return parse(readerFactory, sources, builder, hashToMessageMapping, categories);
    }

    /**
     * Returns the parsed FindBugs analysis file. This scanner accepts files in the native FindBugs format.
     *
     * @param builder
     *         the issue builder
     * @param readerFactory
     *         the FindBugs analysis file
     * @param sources
     *         a collection of folders to scan for source files
     * @param hashToMessageMapping
     *         mapping of hash codes to messages
     * @param categories
     *         mapping from bug types to their categories
     *
     * @return the parsed result (stored in the module instance)
     */
    private Report parse(final ReaderFactory readerFactory, final Collection<String> sources,
            final IssueBuilder builder, final Map<String, String> hashToMessageMapping,
            final Map<String, String> categories) {
        try (Reader input = readerFactory.create()) {
            SortedBugCollection bugs = readXml(input);

            try (Project project = bugs.getProject()) {
                return convertBugsToIssues(sources, builder, hashToMessageMapping, categories, bugs, project);
            }
        }
        catch (DocumentException | IOException exception) {
            throw new ParsingException(exception);
        }
    }

    private Report convertBugsToIssues(final Collection<String> sources, final IssueBuilder builder,
            final Map<String, String> hashToMessageMapping, final Map<String, String> categories,
            final SortedBugCollection collection, final Project project) {
        project.addSourceDirs(sources);

        try (SourceFinder sourceFinder = new SourceFinder(project)) {
            if (StringUtils.isNotBlank(project.getProjectName())) {
                builder.setModuleName(project.getProjectName());
            }

            Collection<BugInstance> bugs = collection.getCollection();

            Report report = new Report();
            for (BugInstance warning : bugs) {
                SourceLineAnnotation sourceLine = warning.getPrimarySourceLineAnnotation();

                String message = warning.getMessage();
                String type = warning.getType();
                String category = categories.get(type);
                if (category == null) { // alternately, only if warning.getBugPattern().getType().equals("UNKNOWN")
                    category = warning.getBugPattern().getCategory();
                }
                builder.setSeverity(getPriority(warning))
                        .setMessage(createMessage(hashToMessageMapping, warning, message))
                        .setCategory(category)
                        .setType(type)
                        .setLineStart(sourceLine.getStartLine())
                        .setLineEnd(sourceLine.getEndLine())
                        .setFileName(findSourceFile(sourceFinder, sourceLine))
                        .setPackageName(warning.getPrimaryClass().getPackageName())
                        .setFingerprint(warning.getInstanceHash());
                setAffectedLines(warning, builder,
                        new LineRange(sourceLine.getStartLine(), sourceLine.getEndLine()));

                report.add(builder.build());
            }
            return report;
        }
    }

    /**
     * Pre-parses a file for some information not available from the FindBugs parser. Creates a mapping of FindBugs
     * warnings to messages. A bug is represented by its unique hash code. Also obtains original categories for bug
     * types.
     *
     * @param file
     *         the FindBugs XML file
     *
     * @return the map of warning messages
     * @throws SAXException
     *         if the file contains no valid XML
     * @throws IOException
     *         signals that an I/O exception has occurred.
     */
    @VisibleForTesting
    List<XmlBugInstance> preParse(final Reader file) throws SAXException, IOException {
        Digester digester = new SecureDigester(FindBugsParser.class);

        String rootXPath = "BugCollection/BugInstance";
        digester.addObjectCreate(rootXPath, XmlBugInstance.class);
        digester.addSetProperties(rootXPath);

        String fileXPath = rootXPath + "/LongMessage";
        digester.addCallMethod(fileXPath, "setMessage", 0);

        digester.addSetNext(rootXPath, "add", Object.class.getName());
        ArrayList<XmlBugInstance> bugs = new ArrayList<>();
        digester.push(bugs);
        digester.parse(file);

        return bugs;
    }

    private String createMessage(final Map<String, String> hashToMessageMapping, final BugInstance warning,
            final String message) {
        return StringUtils.defaultIfEmpty(hashToMessageMapping.get(warning.getInstanceHash()), message);
    }

    private Severity getPriority(final BugInstance warning) {
        if (priorityProperty == RANK) {
            return getPriorityByRank(warning);
        }
        else {
            return getPriorityByPriority(warning);
        }
    }

    private SortedBugCollection readXml(final Reader file) throws IOException, DocumentException {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        try {
            Thread.currentThread().setContextClassLoader(FindBugsParser.class.getClassLoader());
            SortedBugCollection collection = new SortedBugCollection();
            collection.readXML(file);
            return collection;
        }
        finally {
            Thread.currentThread().setContextClassLoader(contextClassLoader);
        }
    }

    private void setAffectedLines(final BugInstance warning, final IssueBuilder builder,
            final LineRange primary) {
        Iterator<BugAnnotation> annotationIterator = warning.annotationIterator();
        LineRangeList lineRanges = new LineRangeList();
        while (annotationIterator.hasNext()) {
            BugAnnotation bugAnnotation = annotationIterator.next();
            if (bugAnnotation instanceof SourceLineAnnotation) {
                SourceLineAnnotation annotation = (SourceLineAnnotation) bugAnnotation;
                LineRange lineRange = new LineRange(annotation.getStartLine(), annotation.getEndLine());
                if (!lineRanges.contains(lineRange) && !primary.equals(lineRange)) {
                    lineRanges.add(lineRange);
                }
            }
        }
        builder.setLineRanges(lineRanges);
    }

    private String findSourceFile(final SourceFinder sourceFinder, final SourceLineAnnotation sourceLine) {
        try {
            SourceFile sourceFile = sourceFinder.findSourceFile(sourceLine);
            return sourceFile.getFullFileName();
        }
        catch (IOException ignored) {
            return sourceLine.getPackageName().replace(DOT, SLASH) + SLASH + sourceLine.getSourceFile();
        }
    }

    /**
     * Maps the FindBugs library rank to plug-in priority enumeration.
     *
     * @param warning
     *         the FindBugs warning
     *
     * @return mapped priority enumeration
     */
    private Severity getPriorityByRank(final BugInstance warning) {
        int rank = warning.getBugRank();
        if (rank <= HIGH_PRIORITY_LOWEST_RANK) {
            return Severity.WARNING_HIGH;
        }
        if (rank <= NORMAL_PRIORITY_LOWEST_RANK) {
            return Severity.WARNING_NORMAL;
        }
        return Severity.WARNING_LOW;
    }

    /**
     * Maps the FindBugs library priority to plug-in priority enumeration.
     *
     * @param warning
     *         the FindBugs warning
     *
     * @return mapped priority enumeration
     */
    private Severity getPriorityByPriority(final BugInstance warning) {
        switch (warning.getPriority()) {
            case 1:
                return Severity.WARNING_HIGH;
            case 2:
                return Severity.WARNING_NORMAL;
            default:
                return Severity.WARNING_LOW;
        }
    }

    /**
     * Java Bean to create the mapping of hash codes to messages using the Digester XML parser.
     *
     * @author Ullrich Hafner
     */
    @SuppressWarnings("all")
    public static class XmlBugInstance {
        @Nullable
        private String instanceHash;
        @Nullable
        private String message;
        @Nullable
        private String type;
        @Nullable
        private String category;

        @Nullable
        public String getInstanceHash() {
            return instanceHash;
        }

        public void setInstanceHash(final String instanceHash) {
            this.instanceHash = instanceHash;
        }

        @Nullable
        public String getMessage() {
            return message;
        }

        public void setMessage(final String message) {
            this.message = message;
        }

        @Nullable
        public String getType() {
            return type;
        }

        public void setType(final String type) {
            this.type = type;
        }

        @Nullable
        public String getCategory() {
            return category;
        }

        public void setCategory(final String category) {
            this.category = category;
        }
    }
}