Google Git
Sign in
apache / kudu / 1ad8c1f18a35e06d4aafd7813de71ee335c68ea1 / . / java / config / spotbugs / excludeFilter.xml
blob: 11da3f9978fb8d9222b14189ffe07483457227cc [file] [log] [blame]
<?xml version="1.0"?>
<!--
//
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
-->
<FindBugsFilter>
<!-- General exclusions -->
<Match>
<!-- Ignore classes generated by Protobuf.
Unfortunately I couldn't find a way to universally filter all Protobuf classes. -->
<Or>
<Class name="~.*PB.*"/>
<Class name="~org\.apache\.kudu\.consensus\.Opid.*"/>
<Class name="~org\.apache\.kudu\.master\.Master.*"/>
<Class name="~org\.apache\.kudu\.rpc\.RpcHeader.*"/>
</Or>
</Match>
<Match>
<!-- Spotbugs works better with Java than with Scala. We suppress some categories of
bug reports when using Scala, since spotbugs generates huge numbers of false positives
when examining Scala code. -->
<Source name="~.*\.scala" />
<Or>
<!-- NP_LOAD_OF_KNOWN_NULL_VALUE: The variable referenced at this point is known to be
null due to an earlier check against null. -->
<Bug pattern="NP_LOAD_OF_KNOWN_NULL_VALUE"/>
<!-- NP_NULL_ON_SOME_PATH: Possible null pointer dereference. -->
<Bug pattern="NP_NULL_ON_SOME_PATH"/>
<!-- NP_NULL_PARAM_DEREF: Method call passes null for non-null parameter. -->
<Bug pattern="NP_NULL_PARAM_DEREF"/>
<!-- SE_BAD_FIELD: Non-transient non-serializable instance field in serializable class. -->
<Bug pattern="SE_BAD_FIELD"/>
<!-- SE_BAD_FIELD_STORE: Non-serializable value stored into instance field of a serializable class. -->
<Bug pattern="SE_BAD_FIELD_STORE"/>
<!-- DM_STRING_CTOR: Method invokes inefficient new String(String) constructor. -->
<Bug pattern="DM_STRING_CTOR"/>
<!-- DM_NEW_FOR_GETCLASS: Method allocates an object, only to get the class object. -->
<Bug pattern="DM_NEW_FOR_GETCLASS"/>
<!-- ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD: Write to static field from instance method. -->
<Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD"/>
<!-- DM_NUMBER_CTOR: Method invokes inefficient Number constructor. -->
<Bug pattern="DM_NUMBER_CTOR"/>
<!-- RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE: Nullcheck of value previously dereferenced. -->
<Bug pattern="RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE"/>
<!-- RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE: Redundant nullcheck of value known to be non-null. -->
<Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/>
<!-- RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE: Redundant nullcheck of value known to be null. -->
<Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE"/>
<!-- RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT: Return value of method without side effect is ignored. -->
<Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT"/>
<!-- NM_CLASS_NAMING_CONVENTION: Class names should start with an upper case letter. -->
<Bug pattern="NM_CLASS_NAMING_CONVENTION"/>
<!-- NM_METHOD_NAMING_CONVENTION: Method names should start with a lower case letter. -->
<Bug pattern="NM_METHOD_NAMING_CONVENTION"/>
<!-- NM_FIELD_NAMING_CONVENTION: Field names should start with a lower case letter. -->
<Bug pattern="NM_FIELD_NAMING_CONVENTION"/>
<!-- EC_NULL_ARG: Call to equals(null) -->
<Bug pattern="EC_NULL_ARG"/>
<!-- NP_ALWAYS_NULL: Null pointer dereference -->
<Bug pattern="NP_ALWAYS_NULL"/>
<!-- MS_CANNOT_BE_FINAL: Field isn't final and can't be protected from malicious code. -->
<Bug pattern="MS_CANNOT_BE_FINAL"/>
<!-- DLS_DEAD_LOCAL_STORE: Dead store to local variable. -->
<Bug pattern="DLS_DEAD_LOCAL_STORE"/>
<!-- UPM_UNCALLED_PRIVATE_METHOD: Private method is never called. -->
<Bug pattern="UPM_UNCALLED_PRIVATE_METHOD"/>
<!-- SE_NO_SERIALVERSIONID: Class is Serializable, but doesn't define serialVersionUID. -->
<Bug pattern="SE_NO_SERIALVERSIONID"/>
<!-- HE_HASHCODE_USE_OBJECT_EQUALS: Class defines hashCode() and uses Object.equals(). -->
<Bug pattern="HE_HASHCODE_USE_OBJECT_EQUALS"/>
<!-- MS_PKGPROTECT: Field should be package protected -->
<Bug pattern="MS_PKGPROTECT"/>
</Or>
</Match>
<Match>
<!-- Spotbugs can trigger false positives for redundant null checks on JDK 11+.
See https://github.com/spotbugs/spotbugs/issues/756
This is fixed in SpotBugs 4.1.3, but we can't upgrade yet due to
https://github.com/spotbugs/spotbugs/issues/1272
-->
<Or>
<Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE" />
<Bug pattern="RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE" />
</Or>
</Match>
<Match>
<!-- Disable warnings about mutable objects and the use of public fields.
Though these are important concerns, we have many instances of this warning
and "fixing" the warning could have performance implications. -->
<Bug pattern="EI_EXPOSE_REP,EI_EXPOSE_REP2" />
</Match>
<Match>
<!-- Bugs that are ignored in all tests. -->
<Or>
<Class name="~org\.apache\.kudu.*Test.*"/>
<Class name="~org\.apache\.kudu\..*\.IT.*"/>
</Or>
<Or>
<!-- Often fields are initialized in the setUp method in tests. -->
<Bug pattern="UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR" />
<!-- Tests often ignore expected exceptions -->
<Bug pattern="DE_MIGHT_IGNORE" />
<Bug pattern="REC_CATCH_EXCEPTION" />
<!-- Tests of call methods for their side effects or to check for exceptions and
ignore the return value -->
<Bug pattern="RV_RETURN_VALUE_IGNORED" />
<Bug pattern="RV_RETURN_VALUE_IGNORED_BAD_PRACTICE" />
<Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT" />
<!-- Tests often cast to a known class. -->
<Bug pattern="BC_UNCONFIRMED_CAST_OF_RETURN_VALUE" />
<!-- Tests don't need to worry about serialization compatibility. -->
<Bug pattern="SE_NO_SERIALVERSIONID" />
<!-- Often tests testing exceptions have "exception" in the name. -->
<Bug pattern="NM_CLASS_NOT_EXCEPTION" />
<!-- Tests use i % 2 == 1 frequently to alternate behavior. -->
<!-- TODO: converting these into negated "check for even" and remove. -->
<Bug pattern="IM_BAD_CHECK_FOR_ODD" />
<!-- Junit rules don't need to be read.
This naming scheme should be used for all Junit Rule usage to avoid SpotBugs issues.
-->
<And>
<Field name="~.*Rule" />
<Bug pattern="URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD" />
</And>
<!-- We generally don't care about minor performance issues in tests. -->
<And>
<Bug category="PERFORMANCE" />
<Priority value="3" />
</And>
</Or>
</Match>
<!-- kudu-backup exclusions -->
<Match>
<!-- These fields don't need to be restored in this case. -->
<Class name="org.apache.kudu.backup.KuduBackupRDD"/>
<Or>
<Field name="options" />
<Field name="sc" />
<Field name="table" />
</Or>
<Bug pattern="SE_TRANSIENT_FIELD_NOT_RESTORED" />
</Match>
<Match>
<!-- The casts in these methods are known and safe. -->
<Class name="org.apache.kudu.backup.KuduBackupRDD"/>
<Or>
<Method name="compute" />
<Method name="getPreferredLocations" />
</Or>
<Bug pattern="BC_UNCONFIRMED_CAST" />
</Match>
<!-- kudu-client exclusions -->
<Match>
<!-- Reference equality is intended here. -->
<Class name="org.apache.kudu.client.AsyncKuduClient"/>
<Method name="isMasterTable" />
<Bug pattern="ES_COMPARING_PARAMETER_STRING_WITH_EQ" />
</Match>
<Match>
<!-- These classes have exception in the name because they hold an exception. -->
<Or>
<Class name="org.apache.kudu.client.AuthzTokenCache$RpcAndException"/>
<Class name="org.apache.kudu.client.KuduException$OriginalException"/>
</Or>
<Bug pattern="NM_CLASS_NOT_EXCEPTION" />
</Match>
<Match>
<!-- Though returning null is a bad practice, changing this now breaks expectations. -->
<Or>
<And>
<Class name="org.apache.kudu.client.KuduRpc"/>
<Method name="partitionKey" />
</And>
<And>
<Class name="org.apache.kudu.client.ColumnRangePredicate"/>
<Method name="toByteArray" />
</And>
</Or>
<Bug pattern="PZLA_PREFER_ZERO_LENGTH_ARRAYS" />
</Match>
<Match>
<!-- The return value isn't needed. -->
<Class name="org.apache.kudu.client.ErrorCollector"/>
<Or>
<Method name="addError" />
<Method name="resize" />
</Or>
<Bug pattern="RV_RETURN_VALUE_IGNORED" />
</Match>
<Match>
<!-- Status has manny upper case methods, but changing it would be breaking. -->
<Class name="org.apache.kudu.client.Status"/>
<Bug pattern="NM_METHOD_NAMING_CONVENTION" />
</Match>
<Match>
<!-- These instances of floating point equality are correct. -->
<Or>
<And>
<Class name="org.apache.kudu.client.KuduPredicate"/>
<Method name="areConsecutive" />
</And>
<And>
<Class name="org.apache.kudu.client.PartialRow"/>
<Or>
<Method name="incrementColumn" />
<Method name="isCellEqual" />
<Method name="isCellIncremented" />
</Or>
</And>
</Or>
<Bug pattern="FE_FLOATING_POINT_EQUALITY" />
</Match>
<Match>
<!-- This cast is safe. -->
<Class name="org.apache.kudu.client.Negotiator"/>
<Method name="evaluateChallenge" />
<Bug pattern="BC_UNCONFIRMED_CAST_OF_RETURN_VALUE" />
</Match>
<Match>
<!-- Changing this would break public API. -->
<Class name="org.apache.kudu.client.AlterTableResponse"/>
<Method name="getTsUUID" />
<Bug pattern="NM_CONFUSING" />
</Match>
<Match>
<!-- The nullable annotation is from Guava and therefore can't be changed.
Guava is adding `@Nullable` on the parent `apply` method from the guava Predicate
implementation for `gtePred` and `ltPred` and that's being detected by SpotBugs for
some reason.
-->
<Class name="~org\.apache\.kudu\.client\.TestFlexiblePartitioning.*"/>
<Bug pattern="NP_PARAMETER_MUST_BE_NONNULL_BUT_MARKED_AS_NULLABLE" />
</Match>
<Match>
<!-- Adjusts AsyncKuduClient.FETCH_TABLETS_PER_RANGE_LOOKUP for testing purposes. -->
<Class name="org.apache.kudu.client.TestScanToken"/>
<Method name="testScanTokens" />
<Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD" />
</Match>
<Match>
<!-- Adjusts TableLocationsCache.ticker for testing purposes. -->
<Class name="org.apache.kudu.client.TestTableLocationsCache"/>
<Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD" />
</Match>
<Match>
<!-- This is a private API and a null array is expected/handled. -->
<Class name="org.apache.kudu.util.NetUtil"/>
<Method name="getAllInetAddresses" />
<Bug pattern="PZLA_PREFER_ZERO_LENGTH_ARRAYS" />
</Match>
<Match>
<Class name="org.apache.kudu.util.HashUtil"/>
<Method name="fastHash64" />
<Or>
<!-- This is the expected behavior. -->
<Bug pattern="BIT_ADD_OF_SIGNED_BYTE" />
<!-- The fallthrough is intended and documented. -->
<Bug pattern="SF_SWITCH_FALLTHROUGH" />
<!-- All cases are handled. -->
<Bug pattern="SF_SWITCH_NO_DEFAULT" />
</Or>
</Match>
<Match>
<!-- Null pointer dereference isn't possible given we check for existence. -->
<Class name="org.apache.kudu.client.RpcTraceFrame"/>
<Method name="getHumanReadableSummaryStringForTraces" />
<Bug pattern="NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE" />
</Match>
<!-- kudu-client-tools exclusions -->
<Match>
<!-- The rule doesn't need to be read. -->
<Class name="org.apache.kudu.mapreduce.tools.ITImportParquetPreCheck"/>
<Field name="chain" />
<Bug pattern="URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD" />
</Match>
<!-- kudu-mapreduce exclusions -->
<Match>
<!-- This is a false positive. -->
<Class name="org.apache.kudu.mapreduce.TestJarFinder"/>
<Method name="writeManifest" />
<Bug pattern="OBL_UNSATISFIED_OBLIGATION" />
</Match>
<!-- kudu-spark exclusions -->
<Match>
<!-- These fields don't need to be restored in this case. -->
<Class name="org.apache.kudu.spark.kudu.KuduRDD"/>
<Or>
<Field name="options" />
<Field name="predicates"/>
<Field name="projectedCols"/>
<Field name="sc"/>
<Field name="table"/>
</Or>
<Bug pattern="SE_TRANSIENT_FIELD_NOT_RESTORED" />
</Match>
<Match>
<!-- The casts in these methods are known and safe. -->
<Class name="org.apache.kudu.spark.kudu.KuduRDD"/>
<Or>
<Method name="compute" />
<Method name="getPreferredLocations" />
</Or>
<Bug pattern="BC_UNCONFIRMED_CAST" />
</Match>
<Match>
<!-- These fields don't need to be restored in this case. -->
<Class name="org.apache.kudu.spark.kudu.KuduContext"/>
<Bug pattern="SE_TRANSIENT_FIELD_NOT_RESTORED" />
</Match>
<Match>
<!-- This instance of floating point equality is correct. -->
<Class name="~org\.apache\.kudu\.spark\.kudu\.KuduContextTest.*"/>
<Bug pattern="FE_FLOATING_POINT_EQUALITY" />
</Match>
<!-- kudu-subprocess exclusions -->
<Match>
<!-- We want to ignore the exception. -->
<Class name="org.apache.kudu.subprocess.echo.EchoProtocolHandler"/>
<Bug pattern="DE_MIGHT_IGNORE" />
</Match>
<Match>
<!-- This is not a security concern. -->
<Class name="org.apache.kudu.subprocess.SubprocessTestUtil"/>
<Field name="NO_ARGS" />
<Bug pattern="MS_MUTABLE_ARRAY" />
</Match>
<Match>
<!-- We need to exit instead of throwing RuntimeException to make sure
all threads stop -->
<Class name="org.apache.kudu.subprocess.SubprocessExecutor"/>
<Bug pattern="DM_EXIT"/>
</Match>
<Match>
<!-- This is done to simplify testing. -->
<Class name="org.apache.kudu.subprocess.ranger.TestRangerSubprocess"/>
<Method name="mockAuthorizer" />
<Bug pattern="ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD" />
</Match>
<!-- kudu-test-utils exclusions -->
<Match>
<!-- There is nothing useful to do with the File.delete() return value. -->
<Class name="org.apache.kudu.test.CapturingToFileLogAppender"/>
<Bug pattern="RV_RETURN_VALUE_IGNORED_BAD_PRACTICE" />
</Match>
<Match>
<!-- This is a mock for a test and doesn't need to be serialized. -->
<Class name="org.apache.kudu.test.junit.TestResultReporter$MockFlakyTestServlet"/>
<Bug pattern="SE_TRANSIENT_FIELD_NOT_RESTORED" />
</Match>
<Match>
<!-- This is okay in a test context. -->
<Class name="org.apache.kudu.test.cluster.FakeDNS"/>
<Bug pattern="DP_DO_INSIDE_DO_PRIVILEGED" />
</Match>
</FindBugsFilter>