堆栈内存溢出
  简体   繁体   English

SonarQube 5.6:由findbugs报告的外部类别的违规行为未被报告为声纳违规

[英]SonarQube 5.6: violations reported for an outer class by findbugs is not reported as a sonar violation

 原文  2016-08-10 19:38:17       java/ sonarqube/ findbugs

问题描述

I am using SonarQube 5.6 with java plugin 4.0 and findbugs plugin 3.4.3. 我正在使用SonarQube 5.6和java插件4.0以及findbugs插件3.4.3。 With this configuration, the violations reported for an outer class by findbugs is not reported as a sonar violation. 使用此配置,findbugs为外部类报告的违规不会报告为声纳违规。 The below are the code details. 以下是代码详细信息。

Java file Java文件 

package com.test.pkg;

import java.net.MalformedURLException;
import java.net.URL;

public class URLTest {

    public static void main (String [] args) {
        // do nothing
    }
}

class OuterURL {

    public void foo () throws MalformedURLException {
        URL findbugsURL1 = new URL ("http://findbugs.sourceforge.net/");
        URL findbugsURL2 = new URL ("http://findbugs.sourceforge.net/");
        if (findbugsURL1.equals(findbugsURL2)) {
            System.out.println("both urls are equal");
        }
    }

}

Findbugs-results.xml has below content Findbugs-results.xml具有以下内容 

<BugCollection version="3.0.1" sequence="0" timestamp="1470131475000" analysisTimestamp="1470133581561" release="">
  <Project>
    <Jar><somepath>/project1/bin/com/test/pkg/OuterURL.class</Jar>
    <Jar><somepath>/project1/bin/com/test/pkg/URLTest.class</Jar>
    <AuxClasspathEntry><somepath>/project1/bin</AuxClasspathEntry>
    <AuxClasspathEntry><somepath>/project1/src/.sonar/findbugs/annotations.jar</AuxClasspathEntry>
    <AuxClasspathEntry><somepath>/project1/src/.sonar/findbugs/jsr305.jar</AuxClasspathEntry>
    <WrkDir><somepath>/project1/src/.sonar</WrkDir>
  </Project>
  <BugInstance type="DMI_BLOCKING_METHODS_ON_URL" priority="1" rank="16" abbrev="Dm" category="PERFORMANCE" instanceHash="3c28cb79b988fda6b10e89974603edc7" instanceOccurrenceNum="0" instanceOccurrenceMax="0">
    <ShortMessage>The equals and hashCode methods of URL are blocking</ShortMessage>
    <LongMessage>Invocation of java.net.URL.equals(Object), which blocks to do domain name resolution, in com.test.pkg.OuterURL.foo()</LongMessage>
    <Class classname="com.test.pkg.OuterURL" primary="true">
      <SourceLine classname="com.test.pkg.OuterURL" start="13" end="21" sourcefile="URLTest.java" sourcepath="com/test/pkg/URLTest.java">
        <Message>At URLTest.java:[lines 13-21]</Message>
      </SourceLine>
      <Message>In class com.test.pkg.OuterURL</Message>
    </Class>
    <Method classname="com.test.pkg.OuterURL" name="foo" signature="()V" isStatic="false" primary="true">
      <SourceLine classname="com.test.pkg.OuterURL" start="16" end="21" startBytecode="0" endBytecode="131" sourcefile="URLTest.java" sourcepath="com/test/pkg/URLTest.java"/>
      <Message>In method com.test.pkg.OuterURL.foo()</Message>
    </Method>
    <Method classname="java.net.URL" name="equals" signature="(Ljava/lang/Object;)Z" isStatic="false" role="METHOD_CALLED">
      <SourceLine classname="java.net.URL" start="866" end="870" startBytecode="0" endBytecode="68" sourcefile="URL.java" sourcepath="java/net/URL.java"/>
      <Message>Called method java.net.URL.equals(Object)</Message>
    </Method>
    <SourceLine classname="com.test.pkg.OuterURL" primary="true" start="18" end="18" startBytecode="22" endBytecode="22" sourcefile="URLTest.java" sourcepath="com/test/pkg/URLTest.java">
      <Message>At URLTest.java:[line 18]</Message>
    </SourceLine>

In console log, i can see below message. 在控制台日志中,我可以看到以下消息。 WARN: The class 'com.test.pkg.OuterURL' could not be match to its original source file. 警告:类'com.test.pkg.OuterURL'无法与其原始源文件匹配。 It might be a dynamically generated class. 它可能是一个动态生成的类。

This issue seems to be happening due to the logic in findJavaClassFile method of ByteCodeResourceLocator 由于ByteCodeResourceLocator的findJavaClassFile方法中的逻辑,这个问题似乎正在发生

Has anyone seen similar issue ? 有没有人见过类似的问题?

2 个解决方案

解决方案1
 2  2016-08-16 22:15:51

This is an issue with the sonar-findbugs plugin. 这是sonar-findbugs插件的问题。 It was failing to find the original source file. 它未能找到原始源文件。

To follow the resolution, please refer to this issue: https://github.com/SonarQubeCommunity/sonar-findbugs/issues/40 要遵循该决议,请参阅此问题: https//github.com/SonarQubeCommunity/sonar-findbugs/issues/40

解决方案2
 1  2016-08-10 19:56:34

很可能相关的FindBugs规则未包含在用于项目的质量配置文件中。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 声纳执行成功,未报告代码覆盖率 - Sonar successfully executed, no code coverage reported evosuite _ESTest.java结果在声纳/ jacoco报道 - evosuite _ESTest.java results reported in sonar/jacoco 如何解决 sonarqube 报告为重复代码的多个“if return”语句 - How to solve multiple "if return" statements being reported as duplicated code by sonarqube 解决SonarQube中的问题不会影响SonarLint报告的警告 - Resolving issues in SonarQube does not affect warnings reported by SonarLint Cobertura更改了Sonar违规行为 - Cobertura changes Sonar violations 与SonarQube 5.6和Java Analyzer 4.0以及Findbugs 3.3或Cobertura 1.6.3的API不兼容 - API incompatibility with SonarQube 5.6 and Java Analyzer 4.0 with Findbugs 3.3 or Cobertura 1.6.3 声纳空指针冲突 - Sonar null pointer violations 如何使用sonarqube-5.4和maven报告问题的html报告? - How to generate html report for issues reported using sonarqube-5.4 and maven? 无法使用 ToIntFunction<t> 而不是 Function<t, integer> 在 Collectors.toMap - 基于 SonarQube 报告代码气味</t,></t> - Unable to use ToIntFunction<T> instead of Function<T, Integer> in Collectors.toMap - Based on SonarQube reported codesmell Maven项目中没有报告的语言 - No reported language in a maven project
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM