S2699 Tests should include assertions false positive for andExpect

Hi Sonar Team!

I’m experiencing a false positive with rule S2699. The rule description explicitly mentions support for Spring’s org.springframework.test.web.servlet.ResultActions.andExpect(), so I expect the following test to be compliant.
However this is not the case, I do get an error for this test.

Environment:
SonarQube 7.6
SonarJava 5.11

Example test:

// springframework MockMvc used
@Test
void myTest() throws Exception {
    	mockMvc.perform(MockMvcRequestBuilders.get("/api/**"))
    	.andExpect(status().isForbidden())
    		.andReturn();
}

I think this is a false-positive.

Cheers and thanks for the help,
Balázs

Hi,

I’m having the same issue.
Does someone have an idea to solve that ?

Now in our projects we have hundreds of those false positive that are making noise and hiding the other issues

Thanks,

Maxime

Hello,

I confirm andExpect is considered by S2699 as you can see in the code

I can’t reproduce your problem with this reproducer:

import org.junit.Before;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;

import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.forwardedUrl;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

public class AssertionsInTestsCheckTest {

  @Autowired
  WebApplicationContext wac;

  private MockMvc mockMvc;

  @Before
  public void setup() {
    this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
  }

  @Test
  public void testWithNoAssertion1() { // Noncompliant
  }
  
  @Test
  void myTest1() throws Exception { // Compliant
    mockMvc.perform(MockMvcRequestBuilders.get("/api/**"))
    .andExpect(status().isForbidden())
    .andReturn();
  }
}

… using: org.springframework:spring-test:4.0.5.RELEASE

image.png2196×1732 404 KB

Which version of spring-test are you using?
Can you share a reproducer?

Thanks

Hi @Maxime,

Any news on my questions?

Hi @Alexandre_Gigleux,
i have the same issue with
spring-test version 5.2.4.RELEASE.
SonarQube Version: Community Edition Version 7.9.2 (build 30863)
Java Code Quality and Security plugin 6.3 (build 21585) installed

Edit: updating SonarQube (or the java analyzer version), also solved this problem for some users.

Hello,

Before starting, I just want to warn that my post targets recent versions of the plugin (>=6.0). It might or might not be related to the initial problem raised by this post.

Such unexpected behavior is typically due to missing bytecode of dependencies.
I discussed a similar issue in this post, it does not target the same rule nor the same method, but I believe the solutions proposed there could be relevant to you.

Feel free to get back to us if it does not.

Best,
Quentin.

Hi,

We have the same issue in our projects, we sent you a screenshot.

image1304×658 46.3 KB

Thanks.

Hello @Ernesto,

Did you have a look at the post that I linked in my previous message?
If yes, can you briefly describe what you tried? Do you see anything special in the logs of the analysis?

In addition, it would be helpful to know the version of the scanner, Sonarqube, and optionally the java analyzer version if you updated it at one point.

Hi,

We solve that updating the java analyzer version.

Thanks.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.