Extension of SonarQube Java rule

  • Which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)?
    SonarQube Community Edition
    Version 8.9.10 (build 61524)

  • What are you trying to achieve?
    I found a bug in our code due to String.format(“Some text with a % and no format identifier”, someParam).
    The coder forgot to provide a fomat identifier. I was hoping SonarQube will catch this since it almost always will produce an IllegalFormatException because the next character other than space will be used as the format identifier. This is for sure not the intension of the developer.

  • What have you tried so far to achieve this?
    I have checked it in the above mentioned SonarQube edition. There is a rule called " Printf-style format strings should be used correctly" but it does not include this specific case where the format identifier is not specified.

  • Solution
    Extend the rule to include this case.

Thanks for the use case.

Indeed, I agree that this looks like a code smell. While have S2275 and S3457, neither checks the exact case you are proposing. I’ve opened a ticket to track this use case.