Multiple false positives after upgrade to SonarQube 8.5.1

Report a bug False-positive
,
#1

We recently upgraded from 8.4.1 to 8.5.1. After this upgrade we have been hit with dozens of false positives surrounding null checks, such as the one seen in this screenshot:

image
image860×139 11.9 KB

The line immediately before the issue shows a null check for agenda.getBody(), so it cannot be null at the time getJobs() is called.

I am aware that some are caused by SonarQube not being able to see null checks that happen in called methods, but this clearly has the null check in the same expression.

Has anyone else faced this issue with the current version?

False positive: Java: NullPointerException could be thrown
#2

Hello @swfinch1277,

These new issues are probably due to the fact that we updated the list of supported null-related annotations. See SONARJAVA-3536

Then, to me, this is not a false positive: you can not assume that two consecutive calls to getBody() return the same value, if the second returns null, you will have a NPE. Extracting this call into a variable would make the code safer and cleaner, as it will also potentially prevent duplicated computation.

Does it make sense to you?

1 Like
#3

Yes, it does. The code reference in the ticket helped, as well.

#4

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.