英文:
How to supress warnings from SonarLint in Eclipse without causing "Unsupported @SuppressWarnings" issue
问题
I am using SonarLint (SonarLint for Eclipse 7.7.0.60863) with Eclipse (Version: 2022-12 (4.26.0)) and it shows warnings like "Server certificates should be verified during SSL/TLS connections (java:S4830)". Since I am handling this issue (it is just for dev environment) I want to suppress this warning. So I added @SuppressWarnings({"java:S4830"}) annotation to method as this is suggested as the optimal solution ( Instead of //NOSONAR ignoring all sonar warnings in line).
SonarLint warning disappeared but now I have a new warning "Unsupported @SuppressWarnings("java:S4830")"
Original code:
After ignoring SonarLint issue:
Code to reproduce the issue:
@SuppressWarnings({"java:S4830"})
private void setSslToTrustAll() throws NoSuchAlgorithmException, KeyManagementException {
X509TrustManager trustAllManager = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType){
// trust all
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType){
// trust all
}
};
TrustManager[] trustManagers = new TrustManager[] {trustAllManager};
SSLContext sslContext = SSLContext.getDefault();
sslContext.init(null, trustManagers, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslContext.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
}
I do not want to use //NOSONAR to disable all warnings.
I tried to use different names like @SuppressWarnings({"squid:S4830"}) - this also removes SonarLint warning but "Unsupported @SuppressWarnings" appears.
英文:
I am using SonarLint (SonarLint for Eclipse 7.7.0.60863) with Eclipse (Version: 2022-12 (4.26.0)) and it shows warnings like "Server certificates should be verified during SSL/TLS connections (java:S4830)". Since I am handling this issue (it is just for dev environment) I want to suppress this warning. So I added @SuppressWarnings({"java:S4830"}) annotation to method as this is a suggested as optimal solution ( Instead of //NOSONAR ignoring all sonar warnings in line).
SonarLint warning disappeared but now I have new warning "Unsupported @SuppressWarnings("java:S4830")"
Original code:
After ignoring SonarLint issue:
Code to reproduce issue:
@SuppressWarnings({"java:S4830"})
private void setSslToTrustAll() throws NoSuchAlgorithmException, KeyManagementException {
X509TrustManager trustAllManager = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType){
// trust all
}
@Override
public void checkClientTrusted(X509Certificate[] chain, String authType){
// trust all
}
};
TrustManager[] trustManagers = new TrustManager[] {trustAllManager};
SSLContext sslContect = SSLContext.getDefault();
sslContect.init(null, trustManagers, new SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sslContect.getSocketFactory());
HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
}
I do not want to use //NOSONAR to disable all warnings.
I tried to use different names like @SuppressWarnings({"squid:S4830"}) - this also removes SonarLint warning but "Unsupported @SuppressWarnings" appears.
答案1
得分: 1
使用配置问题严重性快速修复链接(在您的第二个屏幕截图中显示)前往Java编译器设置,并将**“@SupressWarnings”中的“Unhandled token”设置为“Ignore”**。
即使忽略Java编译器不认识的@SuppressWarnings标记,仍会显示Java编译器认识的@SuppressWarnings标记的问题,例如在已使用或非私有的地方出现多余的@SuppressWarnings("unused")。
英文:
Use the Configure problem severity quick fix link (shown in your second screenshot) to go to the Java compiler settings and set Unhandled token in '@SupressWarnings' to Ignore.
Even by ignoring @SuppressWarnings tokens that are not known to the Java compiler, problems for @SuppressWarnings tokens that are known to the Java compiler will still be displayed, such as for a superfluous @SuppressWarnings("unused") at something that is used or not private.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论