ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4823/java/rule.adoc
Fred Tingaud 16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
2023-05-25 14:18:12 +02:00

141 lines
3.6 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
This rule raises an issue as soon as there is a reference to argv, be it for direct use or via a CLI library like JCommander, GetOpt or Apache CLI.
----
public class Main {
public static void main (String[] argv) {
String option = argv[0];  // Sensitive: check how the argument is used
}
}
----
----
// === JCommander ===
import com.beust.jcommander.*;
public class Main {
public static void main (String[] argv) {
Main main = new Main();
JCommander.newBuilder()
.addObject(main)
.build()
.parse(argv); // Sensitive
main.run();
}
}
----
----
// === GNU Getopt ===
import gnu.getopt.Getopt;
public class Main {
public static void main (String[] argv) {
Getopt g = new Getopt("myprog", argv, "ab"); // Sensitive
}
}
----
----
// === Apache CLI ===
import org.apache.commons.cli.*;
public class Main {
public static void main (String[] argv) {
Options options = new Options();
CommandLineParser parser = new DefaultParser();
try {
CommandLine line = parser.parse(options, argv); // Sensitive
}
}
}
----
In the case of Args4J, an issue is created on the ``++public void run++`` method of any class using ``++org.kohsuke.args4j.Option++`` or ``++org.kohsuke.args4j.Argument++``.
Such a class is called directly by ``++org.kohsuke.args4j.Starter++`` outside of any ``++public static void main++`` method. If the class has no ``++run++`` method, no issue will be raised as there must be a ``++public static void main++`` and its argument is already highlighted.
----
// === argv4J ===
import org.kohsuke.args4j.Option;
import org.kohsuke.args4j.Argument;
public class Main {
@Option(name="-myopt",usage="An option")
public String myopt;
@Argument(usage = "An argument", metaVar = "<myArg>")
String myarg;
String file;
@Option(name="-file")
public void setFile(String file) {
this.file = file;
}
String arg2;
@Argument(index=1)
public void setArg2(String arg2) {
this.arg2 = arg2;
}
public void run() { // Sensitive: This function
myarg.toString(); // check how this argument is used
}
}
----
== Exceptions
The support of Argv4J without the use of ``++org.kohsuke.argv4j.Option++`` is out of scope as there is no way to know which Bean will be used as the mainclass.
No issue will be raised on ``++public static void main(String[] argv)++`` if ``++argv++`` is not referenced in the method.
include::../see.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
=== Highlighting
* main method
** main: command line parameter
** secondaries: references to ``++argv++``
* classes having args4J annotation
** main: run method
** secondaries: the annotated argument and option fields
'''
== Comments And Links
(visible only on this page)
=== on 17 Sep 2018, 09:48:11 Nicolas Harraudeau wrote:
The analyzer should create an issue on ``++public static void main(String[] argv)++``, highlighting ``++String[] argv++``. It should do so if and only if the parameter is used inside the method. This reduces the noise when the parameter is not used at all.
The only exception is Arg4J as there is no ``++main++`` method.
Note: The support of Argv4J without the use of ``++org.kohsuke.argv4j.Option++`` is out of scope as there is no way to know which Bean will be used as the ``++mainclass++``. See https://args4j.kohsuke.org/sample.html[Arg4J documentation] for more details.
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink