org.apache.commons.collections.MapUtils is Not Rcognize By Sonar Scanning

  • SonarQube Version
  • Issues: SonarQube raised “NullPointerException could be thrown” even though MapUtils.IsNotEmpty is used for validation
  • Sample code :

Similar issue as this previous one

A correction was done here, but only on the package org.apache.commons.collections4.

But the older packages (without the 4 in canonical name) are still used in some librairy


For example, latest vesions of commons-beanutils and commons-validator still use commons-collections 3.X

Hey there.

Thanks for the report – but we can’t pass a report onto our developers with a screenshot of code. Can you please post a well-formatted code sample?


Here is sample code :

package com.sonarsource.example

import java.util.List;
import java.util.Map;

import org.apache.commons.collections.CollectionUtils;
import org.apache.commons.collections.MapUtils;

import jakarta.annotation.Nullable;

public class FPS2259 {

	public static void main(String[] args) {
		final Map<String, List<Object>> canBeNullMap = getMap(args[0]);
		if (MapUtils.isNotEmpty(canBeNullMap) && CollectionUtils.isNotEmpty(canBeNullMap.get(args[0]))) {
			System.out.println(String.format("There is %d item for key %s", canBeNullMap.get(args[0])
				.size(), args[0]));

	private static Map<String, List<Object>> getMap(String p) {
		if ("x".equals(p)) {
			return Map.of("k1", List.of("v1"));
		return null;


Thank you

Hello @Rguihard,

Thanks for the report. Yes, these methods are indeed missing. I’ve created a ticket to fix it:


1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.