Rules and Issues - Yash-777/sonar-java GitHub Wiki

SonarQube Rules and Issues

Bug: Major

  • squid:S1126 - Return boolean expressions instead of boolean literal

  • Inappropriate "Collection" calls should not be made (squid:S2175)
    SonarJava - Fix Version: 4.12 - Partial semantic with type inference can trigger false. jira, Stack

    List<String> list = new ArrayList<String>();
list.add("1");
Integer integer = Integer.valueOf(1);
if (list.contains(integer)) { }
// Noncompliant; always false.
// list.add(integer) doesn't compile, so this will always return 'false'

  • Inappropriate regular expressions should not be used (squid:S2639)

    Regular expressions are powerful but tricky, and even those long used to using them can make mistakes.
    The following should not be used as regular expressions:

    • . - matches any single character. Used in replaceAll, it matches everything
    • | - normally used as an option delimiter. Used stand-alone, it matches the space between characters
    • File.separator - matches the platform-specific file path delimiter. On Windows, this will be taken as an escape character
    String str = "/File|Name.txt";

String clean = str.replaceAll(".","");
// Noncompliant; probably meant to remove only dot chars, but returns an empty string
String clean2 = str.replaceAll("|","_");
// Noncompliant; yields _/_F_i_l_e_|_N_a_m_e_._t_x_t_
String clean3 = str.replaceAll(File.separator,"");
// Noncompliant; exception on Windows

Bug: Blocker

  • Resources should be closed in finally block or use try-with-resources (squid:S2095)

To Skip the Sonar Rules: stack

  • To Skip Specific rules to a method/class level use an annotation @SuppressWarnings("squid:S2175") with the rule id. @SuppressWarnings({"squid:S2078", "squid:S2076"}) Multiple rules can be separated using comma.
  • To Skip all the rules
    • For specific block use @SuppressWarnings("all").
    • For a specific Line use comment //NOSONAR that tells SonarQube to ignore all the errors.
⚠️ **GitHub.com Fallback** ⚠️