@Nullable 和 SonarQube '有条件执行的块应该可以访问' 警告

2022-01-17 00:00:00 sonarqube java nullable notnull

包有以下 package-info.java:

Package has following package-info.java:

@ParametersAreNonnullByDefault
package foo;
import javax.annotation.ParametersAreNonnullByDefault;

类有如下方法:

private static String toIsoString(@Nullable Instant dateTime) {
  return dateTime == null ? null : dateTime.toString();
}

SonarQube(版本 6.2,SonarJava 4.14.0.11784)给出以下警告(squid:S2583):

On which SonarQube (Version 6.2, SonarJava 4.14.0.11784) gives the following warning (squid:S2583):

如何让 SonarQube 相信代码实际上是正确的?

How can I convince SonarQube that the code is actually correct?

有趣的是,Idea 中的 SonarLint 插件 (3.0.0.2041) 不会生成相同的警告.

Interestingly, SonarLint plugin (3.0.0.2041) in Idea doesn't generate the same warning.

推荐答案

显然,这个问题是由于我们使用 sonar-scanner 没有指定 sonar.java.libraries.由于它是多模块 maven 项目,我们不清楚如何正确指定 sonar.java.libraries.

Apparently, this problem was caused by us using sonar-scanner without specifying sonar.java.libraries. Since it's multimodule maven project it wasn't clear to us how to specify sonar.java.libraries correctly.

来自 SonarSource 的 Nicolas Peru 建议我们应该使用 sonar maven 插件,而不是 sonar-scanner,因为该插件可以访问项目的构建类路径.确实为我们解决了这个问题.

Nicolas Peru, from SonarSource, suggested that we should use sonar maven plugin, instead of sonar-scanner, as the plugin has access to build classpath of the project. Indeed that solved this problem for us.

相关文章