When API nullability is established through @NonNullApi, exceptions specified through @Nullable (which is the intent of the API) are ignored and multiple of nullability false positives are triggered.
import org.springframework.lang.Nullable;
public class X {
public boolean isNull(@Nullable x) {
return x == null; // java:S2583
}
@Nullable public Object getNull() {
return null; // java:S2637
}
}
Sorry, I don’t have access to newer versions, the instance I use is governed by our corporate IT.
Are you implying you can’t reproduce it with a recent version or that you simply don’t look at issues unless they can be reproduced with a newer version?
I will definitely doublecheck the highlighted parameters.
Sure, I’ve read that and I already clarified that using a new version is “not possible”. I will interpret your response as “haven’t tried to reproduce”.
That’s unfortunate because we won’t be able to help you much. This SonarQube version is not maintained and not supported anymore. Your corporate IT is obviously not following our guidelines regarding using non-LTS versions of SonarQube.
For your information, your use case can not be reproduced with the latest released version of SonarQube (8.8), which embeds version 6.14 of the Java Analyzer. To me, the issue you might be facing has been solved by this ticket: SONARJAVA-3447. This was indeed an FP and a wrong interpretation of the annotation.
The fix was released as part of version 6.7 of the Java Analyzer, which was itself only available with SonarQube 8.5 (not maintained anymore). As of today, the only way to benefit from the fix, as well as all the other fixes and features we added since then would be to update to the latest version of SonarQube.
Unfortunately for you, you made it clear that it is absolutely “not possible”.