Redundant-Throws-Declaration-Check False positive on custom SecurityException

java
sonarqube
sonarjava

(Chrsitian Harke) #1

When extending Exception and choosing a clashing Name like SecurityException, SonarQube does not recognize that it’s not Java’s java.lang.SecurityException. Therefore, it’s complaining about a superfluous RuntimeException declaration:

Remove the declaration of thrown exception 'java.lang.SecurityException' which is a runtime exception.

Note:
This only occurs on SonarQube Server (or probably in the Scanner), the SonarLint plugin for IntelliJ IDEA does not have this issue.

versions used

  • SonarQube: 7.6 (build 21501)
  • Scanner: 3.3.0.1492
  • language analyzer: SonarJava 5.11 (build 17289)

code sample

package myexceptions;
public class SecurityException extends Exception {
    public SecurityException(String message) {
        super(message);
    }
    public SecurityException(Throwable throwable) {
        super(throwable);
    }
    public SecurityException(String message, Throwable throwable) {
        super(message, throwable);
    }
}
import myexceptions.SecurityException;
public class A {
    public void anyMethod() throws SecurityException {} // complaining here
}