common-kotlin:DuplicatedBlocks should ignore annotations

Hello,

Duplicated code detection (Rule common-kotlin:DuplicatedBlocks, Source files should not have any duplicated blocks) report issues on duplicated code in annotations. I believe that both Java and Kotlin duplication in annotations could be pretty common for multiple frameworks and use cases.

Here is an example where we hit that false positive, using Swagger and some annotations:

import io.swagger.v3.oas.annotations.media.Content
import io.swagger.v3.oas.annotations.responses.ApiResponse
import io.swagger.v3.oas.annotations.responses.ApiResponses
import io.swagger.v3.oas.annotations.tags.Tag
import io.swagger.v3.oas.annotations.tags.Tags

open class SomeClass {

    @Post("/foo")
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    @ApiResponses(
            ApiResponse(
                    description = "description 1", responseCode = "200",
                    content = [Content(mediaType = MediaType.APPLICATION_JSON)]
            ),
            ApiResponse(
                    description = "Invalid payload", responseCode = "400",
                    content = [Content(mediaType = MediaType.APPLICATION_JSON)]
            ),
            ApiResponse(
                    description = "Not authorized", responseCode = "401",
                    content = [Content(mediaType = MediaType.APPLICATION_JSON)]
            ),
            ApiResponse(
                    description = "not found", responseCode = "404",
                    content = [Content(mediaType = MediaType.APPLICATION_JSON)]
            ),
            ApiResponse(
                    description = "Internal Server error", responseCode = "500",
                    content = [Content(mediaType = MediaType.APPLICATION_JSON)]
            )
    )
    open fun fooBar(): Single<HttpResponse<String>> {
    }
    [...]

Reproducible environment: Sonarqube 8.9.x

3 Likes

Hello Piotr,

Thanks for the report! Unfortunately this is not an easy fix. Duplication detection is a complex topic and will yield false positives (and negatives) from time to time, in any language. By fixing false positives such as the one you provided here, we would simultaneously introduce false negatives. It often depends on context which cannot be captured fully by static analysis, whether a piece of code that looks similar to another is a true duplicate or not.

As such, we have to rely on heuristics and balance them in a way to provide the best possible compromise between false positives and negatives.

In this particular case, I would suggest you close the issue as false positive. If you getting a lot of FP noise because of this rule, it is always a possibility to disable it. Unfortunately there is not a whole lot we can do to really fix this anytime soon.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.