We managed to reproduce and better understand the problem: it is linked to a classpath order problem.
You probably have in your dependencies a JAR (which itself can contain another JAR) containing another implementation of javax.xml.transform.TransformerFactory different from the JDK, which does not contain any declaration of a setFeature(...) method. During the scan, the Scanner is relying on this “wrong” version of TransformerFactory and fail to determine that you are correctly calling setFeature(...) method because there is no setFeature(...).
Hello,
Many thanks for looking into problem.
I tried to search in my application Jar’s for another implementation of TransformerFactory, but we have only one implementation used, which is of Java(x) only.
Do you suggest any workaround for the issue?
Is Sonar Team will fix this Bug?
Hi, @pmjroth This is an issue with how SonarJava handles conflict in the classpath of the analysis and more particularly between classes that are defined in JDK and in a dependency.
This is not a simple issue as a fix here can lead to the same issue but “reversed” elsewhere. We are aware of the issue and currently discussing a solution.
This is clearly an important matter to us and should be addressed in the upcoming releases of SonarJava.
In the meantime you can mark issues as false positives.
If you are still facing a similar problem, feel free to create a new topic, with up to date description of your problem (and potentially a link to this topic).