-
Notifications
You must be signed in to change notification settings - Fork 578
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DCL01-J. Do not reuse public identifiers from the Java Standard Library #2511
Conversation
[Ticket: spotbugs#32]
[Ticket: spotbugs#32]
Restructure test cases for class names into separate packages, representing where the bug should appear. Add new edge cases. [Ticket: spotbugs#32]
Separated test cases into individual methods for improved clarity and modularity. [Ticket: spotbugs#32]
Rename test classes in order to be more descriptive [Ticket: spotbugs#32]
Implement test cases for shadowing with fields and variables. Also added the necessary test classes [Ticket: spotbugs#32]
Add test case with static method and add another test case with method parameter [Ticket: spotbugs#32]
for variable detection [Ticket: spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
Since there are so many public identifiers, they are ordered alphabetically and split into separate files, roughly containing the same amount of identifiers. It is necessary to split in order to avoid compiler limitations. [Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
Remove unnecessary new lines Remove redundant null value initialization [Ticket: java-static-analysis/dev-spotbugs#32]
AnnotationMatcherTest uses two public identifiers from the Java Standard Library (namely 'Value' and 'Generated') that are found by DontReusePublicIdentifiers detector. Fix: checking for the public identifier bugtype and ignoring those cases [Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
[Ticket: java-static-analysis/dev-spotbugs#32]
Ticket: java-static-analysis/dev-spotbugs#32
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Build is failing.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like there are some merge problems. Can you please resolve them?
I think earlier "only" the Read the docs build failed, not the actual spotbugs build. Approved the workflow, the build succeeded. @ThrawnCA Do you know how to prevent the Read the docs build from failing? |
The Read the docs build problem got solved. |
Thanks for the PR @norbo03 I suppose that this identifiers list was built with some kind of script, would it be possible to share the script? |
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/PublicIdentifiers.java
Outdated
Show resolved
Hide resolved
spotbugs/src/main/java/edu/umd/cs/findbugs/detect/PublicIdentifiers.java
Show resolved
Hide resolved
I believe integrating an automatic update feature into the project is a fantastic idea! In the past, I utilized scripts to extract public identifiers. Regrettably, these scripts are now outdated, and the results they produced necessitated extensive manual adjustments. While these scripts could serve as a foundation, they do require updates. I've gathered them here for reference. |
Thanks, I can't seem to access the repository you have linked (I get a 404 error page), maybe it is private? |
I have already changed it, can you please check it now? |
I created DontReusePublicIdentifiers detector for rule DCL01-J to check clashes between user-defined identifiers and publicly available identifiers from the Java Standard Library.
I created several test cases considering the possible locations where user-defined names would appear. I checked class and interface names, field and variable declarations, and method names. In the case of classes, I checked multiply nested classes too. The test classes are placed into a separate package because of the number of source files.
I have slightly adjusted AnnotationMatcherTest because my detector found bugs in the test classes and the test was failing. Instead of checking that found bug matches the annotation, it inspects the number of bugs.
Make sure these boxes are checked before submitting your PR -- thank you!
CHANGELOG.md
if you have changed SpotBugs code