Meta-annotations not effective (@SuppressWarnings("...") alias)

petrk · May 21, 2025, 8:07am

Hi community,

I have declared a meta annotation as:

/**
* We prefer java.util.logging as it is good enough part of Java platform.
* <p>
* So far, it has not been hampered by security scandals as other third party loggers.
* <p>
* Sonar analysis seems weak producing false issues as it cannot reliably detect which logging
* framework is use and what are its capabilities, namely the error prone substitutions/expansions.
*
* @seealso https://codeq.alm.eurofins.com/coding_rules?open=java%3AS2629&rule_key=java%3AS2629
*/
@SuppressWarnings("squid:S2629")
@Retention(RetentionPolicy.SOURCE)
@Target({ METHOD })
public @interface SimpleJUL {
// declarative
}

It is used as:

@SimpleJUL
void foo() {
  log.warning(this + ": example");
}

But it’s not effective.

Enterprise Edition v2025.1 reports it as an issue unless inlined as:

@SuppressWarnings("squid:S2629")
void foo()

Any clue how to make sonarq recognize the meta-annotation, please?

jonathan.vila · May 27, 2025, 9:39am

Hello @petrk , thanks for sharing with the community.

After an internal investigation I see that SonarQube Java analyzer code is checking ONLY for the SuppressWarnings exact type (with its FQN ), as you can see here :

github.com/SonarSource/sonar-java

java-checks/src/main/java/org/sonar/java/filters/SuppressWarningFilter.java

c44fcee0e


      
          
          private static int startLineIncludingTrivia(Tree tree) {
            SyntaxToken firstToken = tree.firstToken();
            // first token can't be null, because tree has @SuppressWarnings annotation
            if (!firstToken.trivias().isEmpty()) {
              return LineUtils.startLine(firstToken.trivias().get(0));
            }
            return LineUtils.startLine(firstToken);
          }
          
          private static boolean isSuppressWarningsAnnotation(AnnotationTree annotationTree) {
            return annotationTree.annotationType().symbolType().is("java.lang.SuppressWarnings") && !annotationTree.arguments().isEmpty();
          }
          
          private static List<String> getRules(AnnotationTree annotationTree) {
            return getRulesFromExpression(annotationTree.arguments().get(0));
          }
          
          private static List<String> getRulesFromExpression(ExpressionTree expression) {
            List<String> args = new ArrayList<>();
            if (expression.is(Tree.Kind.NEW_ARRAY)) {

jonathan.vila · May 27, 2025, 9:52am

I have created this Jira issue in order to implement this feature

Thanks for the value you shared @petrk

Topic		Replies	Views
Where is the documentation on how to suppress each kind of warning? SonarQube Server / Community Build java	2	32124	April 23, 2019
SonarQube Docker ignores @SuppressWarnings SonarQube Server / Community Build java	5	2320	June 1, 2020
How to suppress warnings for code in class / method comments SonarQube Server / Community Build cfamily	4	32625	November 12, 2021
False postive with java:S5979 when using a meta-annotation Report False-positive / False-negative... java	3	807	March 16, 2021
How to enable custom Java rules on classes annotated with `SuppressWarnings("all")` Writing rules java , sonarqube	15	70	March 12, 2025

Meta-annotations not effective (@SuppressWarnings("...") alias)

Related topics