New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: handle error-prone warnings #1334
Conversation
…use warnings This prevents the following errors: $ mvn install -DskipTests=true [INFO] Scanning for projects... [WARNING] [WARNING] Some problems were encountered while building the effective model for com.google.auth:google-auth-library-oauth2-http:jar:1.20.1-SNAPSHOT [WARNING] 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique: junit:junit:jar -> duplicate declaration of version (?) @ line 249, column 17 [WARNING] 'build.plugins.plugin.(groupId:artifactId)' must be unique but found duplicate declaration of plugin org.apache.maven.plugins:maven-failsafe-plugin @ line 193, column 15 [WARNING] [WARNING] It is highly recommended to fix these problems because they threaten the stability of your build. [WARNING] [WARNING] For this reason, future Maven versions might no longer support building such malformed projects. [WARNING]
The Base64 thing is about Android compatibility. |
Indeed, but it also triggers error prone on https://errorprone.info/bugpattern/AndroidJdkLibsChecker |
Yet the proper solution in many projects is to turn off the check. API desugaring supports this on Android. For a library, it's mostly a question if you require your users to use API desugaring. You can avoid the API or use it. The point is that it is a decision that is not made "because Error Prone complained." Error Prone is well beyond the "only tell you about highly likely bugs" that it set out to be. You have to tweak and tune it to your usages and be willing to add ignores (as has been repeated to me multiple times when I complained that a suggestion was encouraging security vulnerabilities or was wrong). And some of this is auto-configured inside Google; sometimes an warning means you have a configuration mistake, not a code mistake. |
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
Removed the Base64 commit from this PR, so we can discuss it separately. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, thanks!
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
ErrorProne flags several issues in the codebase, this pull request fixes some of them:
@Override
annotations where neededThere's also a warning by maven due to conflicting / duplicate dependencies in pom.xml, this is also fixed.