False Negative for rule RSPEC-1226

engmscyorku · June 1, 2025, 8:36pm

Hi Team,

The code snippet below violates RSPEC-1226, but SonarQube scans of this code snippet don’t pick up the bug rule violation.

Code snippet:

import java.util.Arrays;
import java.util.List;

class BuggyCode {

  public static void main(String[] args) {
    doTheThing("hello", 123, Arrays.asList("apple", "banana", "cherry"));
  }

  public static void doTheThing(String str, int i, List<String> strings) {
    str = Integer.toString(i);
    for (String s : strings) {

      s = "hello world";
    }
  }
}

screenshot of the code snippet scan result in sonarqube:

Scanning information:
Sonarqube version: 10.7.0.96327
SonarScanner version: 5.0.1.3006
SonarQube Community Edition
Related language: Java

Note: To recreate, you can use sonar-scanner to scan the given file. In our case, scans were performed using SonarQube versions 9.9 and 10.7, and neither of the scans consistently detected the bug rule violation.

Thanks for your time and consideration.

Colin · June 3, 2025, 8:52am

Hey there.

Thanks for the report. As I’ve noted in your other reports, please reproduce this using the latest version of SonarQube Community Build – 25.5.

Topic		Replies	Views
False Negative for rule RSPEC-1226 Report False-positive / False-negative... java , sonarqube , scanner	1	20	June 3, 2025
False Negative for rule RSPEC-2116 Report False-positive / False-negative... java , sonarqube , scanner	1	13	June 3, 2025
False Negative for rule RSPEC-6070 Report False-positive / False-negative... java , sonarqube , scanner	3	23	June 3, 2025
False Negative for rule RSPEC-3981 Report False-positive / False-negative... java , sonarqube , scanner	3	17	June 3, 2025
False Negative for rule RSPEC-2201 Report False-positive / False-negative... java , sonarqube , scanner	3	17	June 3, 2025

False Negative for rule RSPEC-1226

Related topics