S2699 - False Positives for Java MockMvc + SonarCloud

Platform: SonarCloud
Language: Java

For our integration tests we’re running into a false positive that expects at least a single assertion when using MockMvc. andExpect works as an assertion, but is not treated like one.
I found a similar issue, where the fix was to upgrade their version:

I’m unsure how to go about fixing this for SonarCloud.

Code snippet:

  @Test
  @SuppressWarnings("squid:S2699")
  void register400() throws Exception {

    mockMvc.perform(post("/register")
        .content(...)
        .andExpect(status().is(400))
        .andExpect(jsonPath("$.errorMessage", is("TEST ERROR MESSAGE")));
  }

Hi @joepf and welcome to the community!

I tried to reproduce your problem and I can’t. According to the implementation we do support MockMvc methods for this rule. In order to investigate this case further I need link to your project in SonarCloud or at least the whole file with this issue.

My guess is either you have misconfigured project and semantic is broken, or your assertions are in different package than analyser expects, so are not considered as assertions.

Regards,
Margarita

Hello! We have the same issue in our project.

1 Like

Hi @Nazariy,

Thank you for your message and welcome to the community. As you can probably see, we were unable to reproduce such case because Java analyser do support MockMvc assertions.

In order to make help us investigate your case, we will highly appreciate if you can share the version of the product you’re using and the version of Java analyser there. Also it will be very helpful if you can tell us, which version of Spring you’re using to test with MockMvc (or any other library you’re using, if it’s not from Spring) and a version of JUnit.

Another possible explanation could be a broken configuration or semantics, so it will be nice to see your log and/or configuration and properties.

Kind regards,
Margarita

@Margarita_Nedzelska I also started sufferring from the issue (got multiple false positives related to the problem, during the last night SonarCloud analyzing).
We are using Spring 5.3.3, JUnit4.

Example

Hello @lrozenblyum,

Thank you for the message. Unfortunately, I cannot reproduce the original case.
Could you please explain a little bit more what does it mean “during last night SonarCloud analysis”. Does it mean, the issue was not reported before on this case or there was no such code before?

Could you please also check there are no warnings on your project. There could be a missing semantic problem that leads to FPs. It is usually caused by misconfiguration.

Regatds,
Margarita

Hello @Margarita_Nedzelska!
By ‘during last night SonarCloud analysis’ I meant that the code is pretty old (since July 2019), and Sonar hasn’t been complaining about it before.

About warnings: SonarCloud doesn’t show any warnings about analyzing itelf on its web interface. Or do you mean to check logs of the analyzing in the CI?

Yes, I meant both warnings in the web interface and in logs.