Skip to content

SONARJAVA-5516 Update external rules #5102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
leonardo-pilastri-sonarsource merged 2 commits into from
Apr 28, 2025
Merged

SONARJAVA-5516 Update external rules #5102

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
302e565
Update external rules
leonardo-pilastri-sonarsource Apr 28, 2025
c628752
Recover legacy rules
leonardo-pilastri-sonarsource Apr 28, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion ...rnal-reports/src/main/resources/org/sonar/l10n/java/rules/spotbugs/findsecbugs-rules.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -313,7 +313,7 @@
},
{
"key": "NORMALIZATION_AFTER_VALIDATION",
"name": "String is normalzied after validation and not before it",
"name": "String is normalized after validation and not before it",
"type": "VULNERABILITY",
"url": "https://find-sec-bugs.github.io/bugs.htm#NORMALIZATION_AFTER_VALIDATION"
},
Expand Down
118 changes: 83 additions & 35 deletions external-reports/src/main/resources/org/sonar/l10n/java/rules/spotbugs/spotbugs-rules.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,14 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#bc-impossible-cast"
},
{
"key": "BC_NULL_INSTANCEOF",
"name": "Correctness - A known null value is checked to see if it is an instance of a type",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#bc-null-instanceof",
"comment": "LEGACY RULE, do not remove"
},
{
"key": "BC_IMPOSSIBLE_CAST_PRIMITIVE_ARRAY",
"name": "Correctness - Impossible cast involving primitive array",
Expand Down Expand Up @@ -132,13 +140,6 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#bc-impossible-instanceof"
},
{
"key": "BC_NULL_INSTANCEOF",
"name": "Correctness - A known null value is checked to see if it is an instance of a type",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#bc-null-instanceof"
},
{
"key": "BC_UNCONFIRMED_CAST",
"name": "Style - Unchecked/unconfirmed cast",
Expand Down Expand Up @@ -195,6 +196,14 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#bit-ior-of-signed-byte"
},
{
"key": "BRSA_BAD_RESULTSET_ACCESS",
"name": "Correctness - Method attempts to access a result set field with index 0",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#brsa-bad-resultset-access",
"comment": "LEGACY RULE, do not remove"
},
{
"key": "BIT_SIGNED_CHECK",
"name": "Bad practice - Check for sign of bitwise operation",
Expand All @@ -216,13 +225,6 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#boa-badly-overridden-adapter"
},
{
"key": "BRSA_BAD_RESULTSET_ACCESS",
"name": "Correctness - Method attempts to access a result set field with index 0",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#brsa-bad-resultset-access"
},
{
"key": "BSHIFT_WRONG_ADD_PRIORITY",
"name": "Correctness - Possible bad parsing of shift operation",
Expand Down Expand Up @@ -1595,6 +1597,14 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#jcip-field-isnt-final-in-immutable-class"
},
{
"key": "LI_LAZY_INIT_INSTANCE",
"name": "Multi-threading - Incorrect lazy initialization of instance field",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#li-lazy-init-instance",
"comment": "LEGACY RULE, do not remove"
},
{
"key": "JLM_JSR166_LOCK_MONITORENTER",
"name": "Multi-threading - Synchronization performed on Lock",
Expand Down Expand Up @@ -1630,13 +1640,6 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#lg-lost-logger-due-to-weak-reference"
},
{
"key": "LI_LAZY_INIT_INSTANCE",
"name": "Multi-threading - Incorrect lazy initialization of instance field",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#li-lazy-init-instance"
},
{
"key": "LI_LAZY_INIT_STATIC",
"name": "Multi-threading - Incorrect lazy initialization of static field",
Expand Down Expand Up @@ -2295,6 +2298,14 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#pa-public-array-attribute"
},
{
"key": "PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS_INNER_CLASS_NAMES",
"name": "Bad practice - Do not reuse public identifiers from JSL as inner name",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#pi-do-not-reuse-public-identifiers-inner-class-names",
"comment": "LEGACY RULE, do not remove"
},
{
"key": "PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE",
"name": "Bad practice - Mutable object-type field is public",
Expand Down Expand Up @@ -2393,6 +2404,14 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#qf-questionable-for-loop"
},
{
"key": "RCN_REDUNDANT_CHECKED_NULL_COMPARISON",
"name": "Style - Redundant comparison to null of previously checked value",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#rcn-redundant-checked-null-comparison",
"comment": "LEGACY RULE, do not remove"
},
{
"key": "RANGE_ARRAY_INDEX",
"name": "Correctness - Array index is out of bounds",
Expand Down Expand Up @@ -2421,13 +2440,6 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#range-string-index"
},
{
"key": "RCN_REDUNDANT_CHECKED_NULL_COMPARISON",
"name": "Style - Redundant comparison to null of previously checked value",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#rcn-redundant-checked-null-comparison"
},
{
"key": "RCN_REDUNDANT_COMPARISON_OF_NULL_AND_NONNULL_VALUE",
"name": "Style - Redundant comparison of non-null value to null",
Expand Down Expand Up @@ -3093,6 +3105,14 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#st-write-to-static-from-instance-method"
},
{
"key": "TLW_TWO_LOCK_NOTIFY",
"name": "Multi-threading - Notify with two locks held",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#tlw-two-lock-notify",
"comment": "LEGACY RULE, do not remove"
},
{
"key": "SWL_SLEEP_WITH_LOCK_HELD",
"name": "Multi-threading - Method calls Thread.sleep() with a lock held",
Expand Down Expand Up @@ -3156,13 +3176,6 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#throws-method-throws-runtimeexception"
},
{
"key": "TLW_TWO_LOCK_NOTIFY",
"name": "Multi-threading - Notify with two locks held",
"type": "BUG",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#tlw-two-lock-notify"
},
{
"key": "TLW_TWO_LOCK_WAIT",
"name": "Multi-threading - Wait with two locks held",
Expand Down Expand Up @@ -3380,6 +3393,41 @@
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#usm-useless-subclass-method"
},
{
"key": "US_USELESS_SUPPRESSION_ON_CLASS",
"name": "Style - Useless suppression on a class",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#us-useless-suppression-on-class"
},
{
"key": "US_USELESS_SUPPRESSION_ON_FIELD",
"name": "Style - Useless suppression on a field",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#us-useless-suppression-on-field"
},
{
"key": "US_USELESS_SUPPRESSION_ON_METHOD",
"name": "Style - Useless suppression on a method",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#us-useless-suppression-on-method"
},
{
"key": "US_USELESS_SUPPRESSION_ON_METHOD_PARAMETER",
"name": "Style - Useless suppression on a method parameter",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#us-useless-suppression-on-method-parameter"
},
{
"key": "US_USELESS_SUPPRESSION_ON_PACKAGE",
"name": "Style - Useless suppression on a package",
"type": "CODE_SMELL",
"severity": "MAJOR",
"url": "https://spotbugs.readthedocs.io/en/latest/bugDescriptions.html#us-useless-suppression-on-package"
},
{
"key": "UUF_UNUSED_FIELD",
"name": "Performance - Unused field",
Expand Down