CtrlK
BlogDocsLog inGet started
Tessl Logo

tessl/maven-com-github-spotbugs--spotbugs-annotations

Annotations the SpotBugs tool supports for static analysis control and null safety

Pending
Overview
Eval results
Files

warning-suppression.mddocs/

Warning Suppression

Control SpotBugs warning generation with flexible matching strategies for suppressing false positives while maintaining important analysis coverage.

Capabilities

SuppressFBWarnings Annotation

Primary annotation for suppressing FindBugs/SpotBugs warnings with detailed control over matching behavior.

/**
 * Used to suppress FindBugs warnings. Should be used instead of 
 * @SuppressWarnings to avoid conflicts with java.lang.SuppressWarnings.
 */
@Retention(RetentionPolicy.CLASS)
@interface SuppressFBWarnings {
    /**
     * The set of FindBugs warnings that are to be suppressed in
     * annotated element. The value can be a bug category, kind or pattern.
     */
    String[] value() default {};

    /**
     * Optional documentation of the reason why the warning is suppressed
     */
    String justification() default "";

    /**
     * By default SuppressFBWarnings annotations suppress bugs by prefix,
     * for instance @SuppressFBWarnings(value = "EI_EXPO", justification = "It's OK")
     * will suppress bugs of type EI_EXPOSE_REP and EI_EXPOSE_REP2.
     * 
     * You might use @SuppressFBWarnings(value = "EI_EXPOSE_REP", justification = "It's OK", matchType=EXACT)
     * to suppress EI_EXPOSE_REP, but not EI_EXPOSE_REP2.
     * 
     * Regular expressions are also supported with matchType=REGEX.
     */
    SuppressMatchType matchType() default SuppressMatchType.DEFAULT;
}

Usage Examples:

// Suppress specific warning with justification
@SuppressFBWarnings(value = "EI_EXPOSE_REP", 
                    justification = "Deliberate exposure for performance reasons")
public Date[] getImportantDates() {
    return importantDates;
}

// Suppress multiple warnings
@SuppressFBWarnings(value = {"NP_NULL_ON_SOME_PATH", "RCN_REDUNDANT_NULLCHECK"},
                    justification = "Complex null handling verified by extensive tests")
public String processData(String input) {
    // Complex processing logic
    return result;
}

// Use exact matching to suppress only specific warning
@SuppressFBWarnings(value = "EI_EXPOSE_REP", 
                    matchType = SuppressMatchType.EXACT,
                    justification = "Only suppress exact match, not EI_EXPOSE_REP2")
public Object[] getArray() {
    return array;
}

// Use regex matching for complex patterns
@SuppressFBWarnings(value = ".*_UNCHECKED.*",
                    matchType = SuppressMatchType.REGEX,
                    justification = "All unchecked warnings suppressed in this legacy code")
public void legacyMethod() {
    // Legacy code with unavoidable unchecked operations
}

SuppressMatchType Enum

Matching strategies for @SuppressFBWarnings annotation.

enum SuppressMatchType {
    /**
     * Default bug suppression using a mixed prefixed / case insensitive match depending on the criterion.
     * Suppress bugs matching any of:
     * - the given bug type with: String.startsWith(String)
     * - the given bug category with: String.equalsIgnoreCase(String)
     * - the given bug abbreviation with: String.equalsIgnoreCase(String)
     */
    DEFAULT,

    /**
     * Exact (case sensitive match).
     * Suppress bugs matching any of:
     * - the given bug type with: String.equals(Object)
     * - the given bug category with: String.equals(Object)
     * - the given bug abbreviation with: String.equals(Object)
     */
    EXACT,

    /**
     * Suppress bugs whose type, category or abbreviation match the given regular expression.
     */
    REGEX
}

Legacy SuppressWarnings (Deprecated)

Legacy annotation that conflicts with java.lang.SuppressWarnings. Use @SuppressFBWarnings instead.

/**
 * @deprecated Use @SuppressFBWarnings instead to avoid conflicts with java.lang.SuppressWarnings
 */
@interface SuppressWarnings {
    String[] value() default {};
    String justification() default "";
}

Common Warning Types

Here are some common SpotBugs warning types you might need to suppress:

  • EI_EXPOSE_REP - Exposing internal representation by returning reference to mutable object
  • EI_EXPOSE_REP2 - Exposing internal representation by incorporating reference to mutable object
  • NP_NULL_ON_SOME_PATH - Possible null pointer dereference
  • RCN_REDUNDANT_NULLCHECK - Redundant nullcheck of value known to be non-null
  • DM_DEFAULT_ENCODING - Reliance on default encoding
  • URF_UNREAD_FIELD - Unread field
  • UWF_UNWRITTEN_FIELD - Unwritten field
  • SE_BAD_FIELD - Non-transient non-serializable instance field in serializable class

Best Practices

  1. Always provide justification: Include a clear explanation of why the warning is being suppressed
  2. Use specific patterns: Suppress only the specific warnings you need to, not broad categories
  3. Consider exact matching: Use SuppressMatchType.EXACT when you want to suppress only a specific warning type
  4. Review regularly: Periodically review suppressed warnings to see if the underlying issues can be fixed
  5. Document in code: Add comments explaining the suppression when the justification alone isn't sufficient

Install with Tessl CLI

npx tessl i tessl/maven-com-github-spotbugs--spotbugs-annotations

docs

default-annotations.md

index.md

null-safety.md

resource-management.md

return-value-checking.md

testing-annotations.md

warning-suppression.md

tile.json