The suggested fix is incorrect for ByteArray.toString(Charsets.UTF_8) as the output is changed dramatically. ByteArray.toString(Charsets.UTF_8) returns the ByteArray inputted to a String(bytearray, charset). Your suggested fix to use ByteArray.contentToString() instead returns the bytearray integers as singular items. This is a breaking change with very different results. Please refer to the code snippet for details
Are you using
SonarQube Enterprise Edition v2025.1.4 (113907)
SonarQube for IDE 11.2.0.82481
How can we reproduce the problem? Give us a self-contained snippet of code
val byteArray = "Test".toByteArray(Charsets.UTF_8)
val toStringWithCharset = byteArray.toString(Charsets.UTF_8) // "Test"
val contentToString = byteArray.contentToString() // "[84, 101, 115, 116]"
println("toStringWithCharset $toStringWithCharset")
println("contentToString $contentToString")
Thanks for reaching out. I agree with you and as it happens, the S2116 implementation already accounts for this exception.
Typically, when we see such issues, it boils down to the analyzer missing some semantic information and the compiler incorrectly resolving a function call as a result. Which command and configuration are you using to analyze your project?
Meanwhile, we have also created a ticket to improve the fallback behavior when semantic is incomplete. However, by providing full semantics to your analysis, the analysis will become more reliable and valuable overall, besides also fixing this particular issue.
thank you for your feedback, but I am not sure how I can provide semantics. As far as I can tell our config should automatically locate all relevant files
The project is a multimodule for kotlin android.
We are use gradle with the plugin “org.sonarqube“ in version 6.3.1.5724.
Normally, the Gradle Sonar plugin should handle the semantics for you. Is it possible that you are not compiling the project before running the Sonar task?
I’ve been trying to reproduce the problem based on the configuration and code snippet you have provided but have not been successful so far. Could you create a small but complete reproducer that we can execute directly to analyze further? You can provide a link to a repository in this thread.
Hi Johan,
you are right - we only used the command ./gradlew sonar.
We are doing compile and checks beforehand, so I thought we could skip this with the sonar command.
Using instead ./gradlew build sonar fixes the issue
Thanks for your support!
Hi and sorry, to pick this up again with so much time in between.
Apparently I misread the sonar report and the issue still persists. But I can build a reproducer:
I created a new Kotlin Multiplatform Project for Android. See github:
The command I used is:
./gradlew assembleDebug sonar -Dsonar.branch.name=main -Dsonar.host.url= -Dsonar.projectKey= -Dsonar.projectName=“”
Versions used:
Android Studio Otter | 2025.2.1
Build #AI-252.25557.131.2521.14344949, built on October 29, 2025
Runtime version: 21.0.8+-14196175-b1038.72 aarch64
VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.
Toolkit: sun.lwawt.macosx.LWCToolkit
macOS 26.1
Sonarqube Gradle Plugin 7.2.0.6526
Thank you for taking the time to create the reproducer, it was very helpful. With it, I was able to reproduce the issue.
The good news is: the problem has already been fixed in more recent versions of SonarQube Server (starting 2025.2) and on SonarQube Cloud. The underlying problem was related to the Kotlin compiler itself, which we have upgraded to the new K2 compiler in the meantime.
As soon as your SonarQube Server instance is updated to a more recent version, you should see this issue disappear.
