Kengo TODA

Duplicate of https://github.com/spotbugs/spotbugs/issues/1255

Duplicate of https://github.com/spotbugs/spotbugs/issues/1255

In short, nobody knows the motivation. 🥲 The author of the related commit efa6b1865b57f7fbaf413bfea6f8e3ac8309b95a is inactive. Refer to [this email](https://mailman.cs.umd.edu/pipermail/findbugs-discuss/2016-November/004321.html) and [another one](https://mailman.cs.umd.edu/pipermail/findbugs-discuss/2017-September/004383.html) to find the background of this project....

This detector was implemented based on the [ERR08-J rule](https://wiki.sei.cmu.edu/confluence/display/java/ERR08-J.+Do+not+catch+NullPointerException+or+any+of+its+ancestors), and that rule says "Programs must not catch", and the case you mentioned is not listed in [its exceptions](https://wiki.sei.cmu.edu/confluence/display/java/ERR08-J.+Do+not+catch+NullPointerException+or+any+of+its+ancestors#ERR08J.DonotcatchNullPointerExceptionoranyofitsancestors-Exceptions). So at...

It's OK but this issue is for the next major release then we will not merge the PR for a while.

I heard that this problem has been fixed on the find-sec-bugs side. https://github.com/spotbugs/spotbugs/issues/1919#issuecomment-1020023959 Please check your Maven configuration to confirm that the version of find-sec-bugs is surely 1.12.0. I found...

refs https://github.com/find-sec-bugs/find-sec-bugs/pull/669

I think so, their implementation probably has room to improve. https://github.com/find-sec-bugs/find-sec-bugs/blob/version-1.12.0/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/spring/SignatureParserWithGeneric.java#L64-L69 Could you create an issue in their repository?

closed by #2167

refs #1810, #2017