False Positive on `optional.orElse(null)`

AJ8GH · January 26, 2023, 8:07am

Version info:
Developer Edition, Version 9.4 (build 54424), LGPL v3
what are you trying to achieve:

Pass null as an argument to orElse in the Java Optional API: Optional.of(<anything>).map(<anyFunction>).orElse(null)

Example of how to replicate the issue in code:

    Optional.of("anything")
        .map(String::toUpperCase)
        .orElse(null);

This is failing as it’s being marked by SonarQube as a bug, with the message:

Parameter 1 to this call is marked "@NotNull" but null could be passed.

I believe this is incorrect and is a false positive, because the parameter itself is marked nullable in the java optional source code:

    public T orElse(@Nullable @Flow(targetIsContainer = true) T other) {
        return value != null ? value : other;
    }

ganncamp · January 27, 2023, 3:10pm

Hi,

Welcome to the community!

What rule is raising this issue? The id will be something like java:S111. Also, can you upgrade to the latest version, SonarQube 9.8, and see if this is replicable?

Ann

mbrown10 · March 8, 2023, 4:21pm

I have the same issue using SonarCloud caused by rule java:S2637

ganncamp · March 8, 2023, 4:24pm

Hi @mbrown10,

Welcome to the community and thanks for chiming in here.

I’ve flagged this for team attention.

Ann

jbeleites · March 15, 2023, 9:27am

Hello Matt, hello Adam,

Thank you for reporting this issue. Indeed, this looks like a false positive.

Unfortunately, I have not been able to reproduce the issue on SonarCloud or SonarQube based on the first example provided in the initial post. Could you provide a stand-alone compilable reproducer, which triggers this behavior? Optionally, I can open a private channel for you to share such a reproducer if you cannot make it work without including private code.

henrykuijpers · April 11, 2023, 11:20am

We currently have this issue as well:

java:S2637 is the issue that is reported.

Using SonarQube Developer Edition Version 9.5 (build 56709).

henrykuijpers · April 11, 2023, 11:22am

Java’s Optional.ofNullable’s first parameter, however, is annotated with @Nullable.

jbeleites · April 11, 2023, 12:54pm

Thank you @henrykuijpers for confirming the issue.

After digging a bit more, in fact, we have a ticket for this issue. Thank you all for reporting the issue anyway, it helps us assess how prevalent the problem is and how to prioritize fixing it.

henrykuijpers · April 12, 2023, 8:23am

Do you have any idea how I can get my atlassian account to join the SonarSource JIRA? I see that the linked issue has been there for more than a year already, without a fix. If needed, I can try to work on this, to get this fixed.

henrykuijpers · April 12, 2023, 8:29am

Do you have any idea on how to join the SonarSource JIRA with my Atlassian account?
I see that the linked ticket is more than 1 year old, without a fix. It would be nice to work on this.

ganncamp · April 12, 2023, 12:25pm

Hi,

Unfortunately, you won’t be able to interact in our Jira projects. Fortunately, you don’t need to to contribute. Feel free to reference an existing ticket in a PR and if we accept the PR, we’ll handle the Jira admin.

Ann

henrykuijpers · May 3, 2023, 9:17am

Hi, is there any progress on the issue? And/or are there any pointers on how to fix this? It’s popping up very frequently and making our quality pipelines fail.

I would be willing to submit a PR, however, I have no idea where to start on trying to make a test case to prove the issue and then fixing it.