gnodet commented on code in PR #24358:
URL: https://github.com/apache/camel/pull/24358#discussion_r3508266623
##########
core/camel-core-reifier/src/main/java/org/apache/camel/reifier/AggregateReifier.java:
##########
@@ -50,6 +50,8 @@ public Processor createProcessor() throws Exception {
return createAggregator();
}
+ // ExecutorService lifecycle is managed by AggregateProcessor via
shutdownThreadPool flag
+ @SuppressWarnings("java:S2095")
Review Comment:
_Claude Code on behalf of Guillaume Nodet_
Yes — SonarCloud is still flagging this file despite the statement-level
`@SuppressWarnings` from PR #22343. The annotation sits on line 80 (the
variable declaration), but SonarCloud tracks the resource flow to a different
exit point and flags line 86 instead, bypassing the annotation.
Confirmed via API:
`https://sonarcloud.io/api/issues/search?componentKeys=apache_camel&branch=main&rules=java:S2095`
still lists `AggregateReifier.java:86` as an open issue.
Moving to method-level is the only approach SonarCloud recognizes for this
pattern. We acknowledge it broadens the scope, but given that this method only
creates one `ExecutorService` with well-documented lifecycle, the risk of
masking future leaks is low.
##########
core/camel-core-reifier/src/main/java/org/apache/camel/reifier/ThreadsReifier.java:
##########
@@ -34,6 +34,8 @@ public ThreadsReifier(Route route, ProcessorDefinition<?>
definition) {
super(route, (ThreadsDefinition) definition);
}
+ // ExecutorService lifecycle is managed by ThreadsProcessor via
shutdownThreadPool flag
+ @SuppressWarnings("java:S2095")
Review Comment:
_Claude Code on behalf of Guillaume Nodet_
Same situation — SonarCloud still flags `ThreadsReifier.java:75` despite the
statement-level `@SuppressWarnings` on line 47. The annotation doesn't cover
the line SonarCloud is tracking the resource flow to.
##########
components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java:
##########
@@ -958,13 +958,14 @@ public RawClient createRawClientFor(SalesforceEndpoint
endpoint) throws Salesfor
return new DefaultRawClient(httpClient, "", session, loginConfig);
}
+ // ExecutorService lifecycle is managed by SalesforceHttpClient
+ @SuppressWarnings("java:S2095")
Review Comment:
_Claude Code on behalf of Guillaume Nodet_
Confirmed — SonarCloud still flags `SalesforceComponent.java:968` despite
the `// NOSONAR` on line 967. The NOSONAR comment is on the constructor call
line, but SonarCloud flags the next line (the argument). Method-level
`@SuppressWarnings` is the fallback that SonarCloud actually respects for this
pattern.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]