gnodet commented on code in PR #24358:
URL: https://github.com/apache/camel/pull/24358#discussion_r3508266623


##########
core/camel-core-reifier/src/main/java/org/apache/camel/reifier/AggregateReifier.java:
##########
@@ -50,6 +50,8 @@ public Processor createProcessor() throws Exception {
         return createAggregator();
     }
 
+    // ExecutorService lifecycle is managed by AggregateProcessor via 
shutdownThreadPool flag
+    @SuppressWarnings("java:S2095")

Review Comment:
   _Claude Code on behalf of Guillaume Nodet_
   
   Yes — SonarCloud is still flagging this file despite the statement-level 
`@SuppressWarnings` from PR #22343. The annotation sits on line 80 (the 
variable declaration), but SonarCloud tracks the resource flow to a different 
exit point and flags line 86 instead, bypassing the annotation.
   
   Confirmed via API: 
`https://sonarcloud.io/api/issues/search?componentKeys=apache_camel&branch=main&rules=java:S2095`
 still lists `AggregateReifier.java:86` as an open issue.
   
   Moving to method-level is the only approach SonarCloud recognizes for this 
pattern. We acknowledge it broadens the scope, but given that this method only 
creates one `ExecutorService` with well-documented lifecycle, the risk of 
masking future leaks is low.



##########
core/camel-core-reifier/src/main/java/org/apache/camel/reifier/ThreadsReifier.java:
##########
@@ -34,6 +34,8 @@ public ThreadsReifier(Route route, ProcessorDefinition<?> 
definition) {
         super(route, (ThreadsDefinition) definition);
     }
 
+    // ExecutorService lifecycle is managed by ThreadsProcessor via 
shutdownThreadPool flag
+    @SuppressWarnings("java:S2095")

Review Comment:
   _Claude Code on behalf of Guillaume Nodet_
   
   Same situation — SonarCloud still flags `ThreadsReifier.java:75` despite the 
statement-level `@SuppressWarnings` on line 47. The annotation doesn't cover 
the line SonarCloud is tracking the resource flow to.



##########
components/camel-salesforce/camel-salesforce-component/src/main/java/org/apache/camel/component/salesforce/SalesforceComponent.java:
##########
@@ -958,13 +958,14 @@ public RawClient createRawClientFor(SalesforceEndpoint 
endpoint) throws Salesfor
         return new DefaultRawClient(httpClient, "", session, loginConfig);
     }
 
+    // ExecutorService lifecycle is managed by SalesforceHttpClient
+    @SuppressWarnings("java:S2095")

Review Comment:
   _Claude Code on behalf of Guillaume Nodet_
   
   Confirmed — SonarCloud still flags `SalesforceComponent.java:968` despite 
the `// NOSONAR` on line 967. The NOSONAR comment is on the constructor call 
line, but SonarCloud flags the next line (the argument). Method-level 
`@SuppressWarnings` is the fallback that SonarCloud actually respects for this 
pattern.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to