Invoke method(s) only conditionally (squid:S2629) is triggered when evaluating annotation element

java

(Konrad Windszus) #1

When using SonarQube 6.4 a false positive is emitted for squid:S2629 when an annotation type is being used. I would argue that calling a method on an annotation type is in general very cheap and should not be prevented in the context of logging. Example source code

private final static Logger LOG = LoggerFactory.getLogger(ExtensionStrippingTransformer.class);
...
public void myMethod(AnnotationType annotation) throws SAXException {
LOG.debug("Called myMethod with annotation element1 '{}' and element2 '{}'!", annotation.element1(), annotation.element2()); // this will trigger squid:S2629
}

(Konrad Windszus) #2

Still not a single comment after over one month? Do you consider this a valid report or if not, please share your concerns!


(Michael Gumowski) #3

Hello @kwin

A few quesitons:

  • Can you please provide the version of your SonarJava analyzer?
  • What do you mean by AnnotationType? Are you referring to any class extending sun.reflect.annotation.AnnotationType or simply any custom annotation type? i.e Defined with a @interface, and therefore implicitly extending java.lang.annotation.Annotation.
  • Could you provide with your example an annotationType and the elements you would like to retrieve.

Regards,
Michael

PS: please note that we are trying to answer threads here on a best effort basis. Some times some topics are passing through. Sorry for missing this one.


(Konrad Windszus) #4

Thanks Michael,

4.15.0.12310

The latter, i.e. any @interface!

E.g. just take this as an example:

@ObjectClassDefinition(name = "Some configuration object")
static @interface AnnotationType {

@AttributeDefinition(name = "some name", description = "some description")
String element1();
@AttributeDefinition(name = "some name", description = "some description")
String element2();
}

Whenever you try to access element1 or element2 the issue is being emitted.
Actually OSGi R6 relies on custom annotations for declarative services.


(Konrad Windszus) #5

Ping, @Michael do you have any update for me? Can you create a ticket to track that?


(Michael Gumowski) #6

Hello,

I admit that, by definition of annotation types and their elements, the operation of calling their methods should not result in any performance penalty. I therefore created the following ticket to handle the issue and fix SonarJava: SONARJAVA-2897

Now, please be aware that you are apparently using both very old versions of SonarQube and SonarJava, which are not supported anymore. Current LTS of SonarQube is 6.7.5, which guarantees support of latest released version of SonarJava (5.7). If you want to benefit from the fix to come of this ticket, you will need to upgrade at least your SonarQube version to 6.7.x, and then update SonarJava.

Regards,
Michael