sorald icon indicating copy to clipboard operation
sorald copied to clipboard

Published 20 hours ago verified publisher icon ASSERT-KTH

chore(deps): update SonarJava dependency

Open algomaster99 opened this issue 2 years ago • 2 comments

Fix #659

Deprecated rules (no longer scanned when mined for)

S2912, S2258, S4435, S4434, S3419, S3822, S4142, S3281, S4432, S3355, S3423, S3422, S2391, S1148, S2089, S1850, S3510, S2278, S1697, S3420, S3421, S2277, S2976, S3438, S1145, S3439, S3374, S3373, S3282, S3027, S4603, S1609, S2070, S2653, S3369, S1311, S5840, S4499

Newly added rules that will be mined for

S6208, S6205, S6243, S5445, S6218, S6331, S6244, S6212, S6242, S6207, S6217, S5329, S6411, S6377, S5659, S6206, S6355, S6216, S6262, S6246, S6202, S6373, S6353, S6326, S6209, S6204, S6376, S6211, S6437, S2053, S6397, S6374, S6201, S6241, S6203, S6301, S6219, S4968, S6395, S6213, S6396

Notes

  • Thankfully, none of the handled rules have been deprecated.
  • S4434 has been changed to SECURITY_HOTSPOT so it is not mined by sonar-java by default. See https://github.com/SonarSource/sonar-java/pull/3482

ToDos

  • [ ] Processor test related to S2142 is failing because we are adding the catcher at the wrong position. ~Raised request for adding addCatcherAt API here.~ https://github.com/INRIA/spoon/pull/4954
  • [ ] S1943 is no longer detected. Reported it as a bug in their forum.

algomaster99 avatar Oct 08 '22 10:10 algomaster99

:warning: 1 God Class was detected by Lift in this project. Visit the Lift web console for more details.

sonatype-lift[bot] avatar Oct 08 '22 10:10 sonatype-lift[bot]

Yes! Sonatype lift comments are no more.

algomaster99 avatar Oct 11 '22 11:10 algomaster99

S2142 has two changes:

  • [x] Violation is still detected if catcher of InterruptedException is inserted after a catcher whose type is a super type of InterruptedException.
  • [x] ThreadDeath repairs have also been modified so we need to fix that.

Need to be discussed with @khaes-kth as this rule was a part of the paper so we need to check what all claims will change before proceeding.

algomaster99 avatar Nov 01 '22 10:11 algomaster99

I think this doesn't affect our paper, as our paper was published based on an older version. We can focus on the best solutions to adjust our tool/docs.

khaes-kth avatar Nov 02 '22 17:11 khaes-kth

I pushed 75b29b0 (#900) to reach our coverage target. Otherwise, catch(InterruptedException | Exception e) { } results in a compilation error so it is extremely rare to find this case.

algomaster99 avatar Nov 11 '22 15:11 algomaster99