Java rule false positive

lcrazyl · November 21, 2023, 5:18am

Must-share information (formatted with Markdown):

which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
sonarQube 8.9.0
how is SonarQube deployed: zip, Docker, Helm
zip
what are you trying to achieve
When scanning Java projects, one of the rules is “Remove this call to “equals”; comparisons between unrelated types always return false”,But the code in my actual project is as follows:

if (d.getRecommendJobId().equals(recommendJobId){

}

In actual business scenarios, the obtained id will not be null, so you can use the equals method for comparison.

what have you tried so far to achieve this

Do not share screenshots of logs – share the text itself (bonus points for being well-formatted)!

Colin · November 21, 2023, 9:23am

Hi,

Your version is past EOL. You should upgrade to either the latest version or the current LTS at your earliest convenience. Your upgrade path is:

8.9.0 → 9.9.3 → 10.3 (last step optional)

You may find these resources helpful:

If you have questions about upgrading, feel free to open a new thread for that here.

If your issue persists after upgrade, please come back to us.

lcrazyl · November 22, 2023, 2:20am

There is no wrapper.conf file in the conf folder in version 9.9. How to specify the wrapper.java.command path?

Colin · November 22, 2023, 9:11am

If there are multiple versions of Java installed on your server, to select specific Java version to be used, set the environment variable SONAR_JAVA_PATH. Read more here.

lcrazyl · November 27, 2023, 8:22am

Thank you very much for your answer. I have successfully upgraded to version 9.9, but the minimum version of JDK required by 9.9 is 11, and my project is built using JDK1.8

How to solve the problem of inconsistent JDK versions between sonarQube local scan and Maven project build?

In addition, why does the command executed by the local scan of sonarQube9.9 version maven project is mvn clean verify?

Colin · November 28, 2023, 9:06am

I think the documentation on Scanner Environment should help you.

Maven / Gradle

If your whole Maven or Gradle build doesn’t run on Java 11 or 17, we suggest first to try to base the whole build on one of those two versions of Java. If it’s not compatible, then you can override the JAVA_HOME environment variable just before the analysis step, as shown here:
# Maven build
mvn verify ...
export JAVA_HOME=/path/to/java-11-or-17
mvn sonar:sonar ...