You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The @SuppressFBWarnings(value = "ABCDE", justification = "...") suppresses warnings for all rules whose names begin with ABCDE, not just the rule ABCDE. This is a problem because because there are rules whose names are proper prefixes of other rules' names, making it impossible to suppress just the one rule without suppressing the other.
In the example below, it's impossible to suppress EI_EXPOSE_REP without also suppressing EI_EXPOSE_REP2.
Javadoc on the SuppressFBWarnings annotation suggests that value is a pattern (which may explain the prefix matching behavior) but experimentation shows that line anchors like ^ and $ aren't handled, so this can't be handled by adding $ at the end.
Details and Reproducing
Using the maven spotbugs plugin (version 4.8.2), I get two errors when analyzing a simple POJO with a mutable List field (and this is expected):
[ERROR] Medium: org.example.ListWrapper.getNames() may expose internal representation by returning ListWrapper.names [org.example.ListWrapper] At ListWrapper.java:[line 11] EI_EXPOSE_REP
[ERROR] Medium: org.example.ListWrapper.setNames(List) may expose internal representation by storing an externally mutable object into ListWrapper.names [org.example.ListWrapper] At ListWrapper.java:[line 13] EI_EXPOSE_REP2
This is expected, but I'm OK with it, so I'd like to use @SuppressFBWarnings. Note that the warning for the getter is EI_EXPOSE_REP, and for the setter is EI_EXPOSE_REP2. That is, the annotations should be:
This makes the errors disappear. However, by a copy and paste mistake, I initially used EI_EXPOSE_REP in both annotations, and still both errors disappear. A bit more testing shows that that if the value is any prefix of the rule name, the errors are suppressed. For instance:
That's (sort of) consistent with the documentation on the SuppressFBWarnings value field, which says that value can be a pattern:
/** * The set of FindBugs warnings that are to be suppressed in * annotated element. The value can be a bug category, kind or pattern. */String[] value() default {};
However, given that some rule names, like EI_EXPOSE_REP are proper prefixes of other rule names, like EI_EXPOSE_REP2, it means that it's impossible to suppress warnings for justEI_EXPOSE_REP without also suppressing for EI_EXPOSE_REP2. I tried experimenting with the "pattern" aspect of it (e.g., checking whether I could use an end-of-line anchor with EI_EXPOSE_REP$), but that didn't work either.
I'm using spotbugs and spotbugs-annotations 4.8.2 on Java 17.0.6.
Any thoughts or workarounds?
The text was updated successfully, but these errors were encountered:
Summary
The
@SuppressFBWarnings(value = "ABCDE", justification = "...")
suppresses warnings for all rules whose names begin withABCDE
, not just the ruleABCDE
. This is a problem because because there are rules whose names are proper prefixes of other rules' names, making it impossible to suppress just the one rule without suppressing the other.In the example below, it's impossible to suppress
EI_EXPOSE_REP
without also suppressingEI_EXPOSE_REP2
.Javadoc on the SuppressFBWarnings annotation suggests that
value
is a pattern (which may explain the prefix matching behavior) but experimentation shows that line anchors like^
and$
aren't handled, so this can't be handled by adding$
at the end.Details and Reproducing
Using the maven spotbugs plugin (version 4.8.2), I get two errors when analyzing a simple POJO with a mutable List field (and this is expected):
This is expected, but I'm OK with it, so I'd like to use
@SuppressFBWarnings
. Note that the warning for the getter isEI_EXPOSE_REP
, and for the setter isEI_EXPOSE_REP2
. That is, the annotations should be:This makes the errors disappear. However, by a copy and paste mistake, I initially used
EI_EXPOSE_REP
in both annotations, and still both errors disappear. A bit more testing shows that that if thevalue
is any prefix of the rule name, the errors are suppressed. For instance:That's (sort of) consistent with the documentation on the SuppressFBWarnings value field, which says that
value
can be a pattern:However, given that some rule names, like
EI_EXPOSE_REP
are proper prefixes of other rule names, likeEI_EXPOSE_REP2
, it means that it's impossible to suppress warnings for justEI_EXPOSE_REP
without also suppressing forEI_EXPOSE_REP2
. I tried experimenting with the "pattern" aspect of it (e.g., checking whether I could use an end-of-line anchor withEI_EXPOSE_REP$
), but that didn't work either.I'm using spotbugs and spotbugs-annotations 4.8.2 on Java 17.0.6.
Any thoughts or workarounds?
The text was updated successfully, but these errors were encountered: