Getting SLF4J_FORMAT_SHOULD_BE_CONST on error(String msg)

[robertandrewbain]

The following code will reproduce the issue:

import lombok.extern.slf4j.Slf4j;

@Slf4j
public class IssueDemonstrator {

    private void triggerWarning() {
        logMessage("This will trigger SLF4J_FORMAT_SHOULD_BE_CONST");
    }

    private void logMessage(String msg) {
        log.error(msg);
    }

}

Maven output to follow:

[INFO] Done FindBugs Analysis....
[INFO]
[INFO] <<< findbugs-maven-plugin:3.0.1:check (default-cli) < :findbugs @ *********** <<<
[INFO]
[INFO] --- findbugs-maven-plugin:3.0.1:check (default-cli) @ * ---
[INFO] BugInstance size is 1
[INFO] Error size is 0
[INFO] Total bugs: 1
[INFO] Format should be constant [.IssueDemonstrator] At IssueDemonstrator.java:[line 13]
[INFO]

[KengoTODA]

Yes, and currently I have no plan to fix this problem, because it's hard to judge value of argument is CONST or not.

[jeffjensen]

But it is still a problem!

On Fri, Apr 17, 2015 at 6:51 PM, Kengo TODA notifications@github.com
wrote:

Closed #32 #32.

—
Reply to this email directly or view it on GitHub
#32 (comment).

[robertandrewbain]

A class constant will cause this issue too when passed into a method. This is a serious bug.

[robertandrewbain]

Remove the findbugs warning if you can't apply it accurately, otherwise developers are failing builds which should pass.

[KengoTODA]

@robertandrewbain @jeffjensen
Could you try this as a workaround? And your PR is always welcome :)

[jeffjensen]

Yes, we've already been using the FindBugs exclude filters for the specific
classes.

On Sat, Apr 18, 2015 at 11:35 PM, Kengo TODA notifications@github.com
wrote:

@robertandrewbain https://github.com/robertandrewbain @jeffjensen
https://github.com/jeffjensen
Could you try this
http://stackoverflow.com/questions/1829904/is-there-a-way-to-ignore-a-single-findbugs-warning/1829960#1829960
as a workaround? And your PR is always welcome :)

—
Reply to this email directly or view it on GitHub
#32 (comment)
.

[KengoTODA]

@jeffjensen @robertandrewbain
Today I have released version 1.2.0 and it will be deployed onto Maven central soon.
Could you try this version? It should be solution for your case.

• https://github.com/KengoTODA/findbugs-slf4j/releases/tag/findbugs-slf4j-1.2.0

Note that I tested 1.2.0 on Java 8. If your product depends on Java 7 or older one, it might have problem.

[jeffjensen]

Just verified it still has false positive on Java 7.

[KengoTODA]

Got it, thanks for your verification.

I have a question: is it acceptable for you, to limit scope (visibility) of method to support? I mean, can I keep current behaviour for public & package-private methods?

class Foo {
  :
  :
  :
  private void log(String string) {
    logger.info(string); // VALID; we can verify that all caller do not use dynamically constructed string
  }
  void packagePrivateLog(String string) {
    logger.info(string); // INVALID; we cannot verify that all caller do not use dynamically constructed string
  }
  public void publicLog(String string) {
    logger.info(string); // INVALID; we cannot verify that all caller do not use dynamically constructed string
  }
}

If so, I will handle this issue in #35.

[jeffjensen]

Yes, this idea is a much better workaround than using FindBugs filters. I like this rule very much, but it gives too much false positive yet.
Thank you for continuing to work on this issue!