[
https://issues.apache.org/jira/browse/CASSANDRA-18239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17740522#comment-17740522
]
Jacek Lewandowski edited comment on CASSANDRA-18239 at 7/21/23 2:04 PM:
------------------------------------------------------------------------
h3. Summary
CheckerFramework is added to the build and introduces the following
user-visible targets and properties:
h4. Targets:
* {{cf-all}} - Run CheckerFramework against all production source files +
fqltool and stresstool. This goal is intended to be run on CI (post commit).
* {{cf}} - Run CheckerFramework against all changed source files compared to
the latest common ancestor between HEAD and trunk + changes staged and unstaged
for commit. This goal is intended to be run locally before starting CI and on
pre-commit.
* {{cf-dirty}} - Run CheckerFramework against sources staged and unstaged for
commit. This is goal is something an engineer should execute before committing
changes so that each commit is sane.
* {{cf-only}} - Run CheckerFramework against source files specified in
{{cf.check.only}} property (comma separated file paths under {{src/java}} or
glob patterns, for example
{{{}-Dcf.check.only=org/apache/cassandra/utils/**{}}}).
h4. Properties:
* {{cf.check.only}} - Specify a glob pattern of source files for
CheckerFramework to verify
* {{cf.skip}} - When set to true, CheckerFramework execution is silently
skipped
* {{cf.verbose}} - Enable verbose output from the CheckerFramework
The number of suppressed false-positive, resource-based warnings has been
reduced from ~230 to ~60.
CheckerFramework jars are fetched into a separate directory and not included in
the distribution. The only jar included in the distribution contains
CheckerFramework-specific annotations, and it has been included before as a
dependency of some of the libraries we use. That one jar is distributed under a
compatible license.
I've filed a couple of issues in the CheckerFramework project, which, when
fixed, will allow for further reduction of warning suppression. They release a
new version every month and respond very quickly to the problems we report.
was (Author: jlewandowski):
h3. Summary
CheckerFramework is added to the build and introduces the following
user-visible targets and properties:
h4. Targets:
* {{cf-all}} - Run CheckerFramework against all production source files. This
goal is intended to be run on CI.
* {{cf-diff}} - Run CheckerFramework against all changed production source
files compared to the latest common ancestor between HEAD and trunk. This goal
is intended to be run locally before starting CI.
* {{cf}} - Run CheckerFramework against changed production source files
(staged for commit). This is the default goal an engineer should execute before
committing changes.
* {{cf-only}} - Run CheckerFramework against production source files specified
in {{cf.check.only}} property (comma separated file paths under {{src/java}} or
glob patterns, for example
{{{}-Dcf.check.only=org/apache/cassandra/utils/**{}}}).
h4. Properties:
* {{cf.check.only}} - Specify a glob pattern of source files for
CheckerFramework to verify
* {{cf.skip}} - When set to true, CheckerFramework execution is silently
skipped
* {{cf.verbose}} - Enable verbose output from the CheckerFramework
The number of suppressed false-positive, resource-based warnings has been
reduced from ~230 to ~60.
CheckerFramework jars are fetched into a separate directory and not included in
the distribution. The only jar included in the distribution contains
CheckerFramework-specific annotations, and it has been included before as a
dependency of some of the libraries we use. That one jar is distributed under a
compatible license.
I've filed a couple of issues in the CheckerFramework project, which, when
fixed, will allow for further reduction of warning suppression. They release a
new version every month and respond very quickly to the problems we report.
https://app.circleci.com/pipelines/github/jacek-lewandowski/cassandra/765/workflows/349d13fc-1788-4c1c-9d67-6a2108a28919
> Replace eclipse warnings based static code analysis with something better
> (CheckerFramework)
> --------------------------------------------------------------------------------------------
>
> Key: CASSANDRA-18239
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18239
> Project: Cassandra
> Issue Type: Task
> Components: Build
> Reporter: Jacek Lewandowski
> Assignee: Jacek Lewandowski
> Priority: Normal
> Fix For: 5.x
>
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Eclipse warnings is used for static code analysis. However, it does not fit
> well into Cassandra code and practically we end up explicitly adding
> suppressions in many places just to satisfy that tool rather than fix the
> real issues.
> This is an incomplete list of reasons to remove it:
> - not closed resources are detected incorrectly
> - does not recognize custom utility methods used to close the resources,
> which use use heavily in the code, like {{{}Throwables.close{}}},
> {{{}FileUtils.close{}}}, {{{}closeQuietly{}}}...
> - because of the above, we cannot make important things like {{Ref}} to
> implement {{Closeable}} as it would make the tool to explode with tons of
> warnings
> - it complains about correct generics - something like "method X is not
> applicable for ..." when the code compiles successfully is not acceptable
> - it is old and not maintained
> There are better tools like IntelliJ inspections for example, which can also
> be run in headless mode
> As agreed on the [dev mailing
> list|https://lists.apache.org/thread/8ok01odwx79crxw45cnfh0n1j4nsf9cp] we
> will replace it in trunk with CheckerFramework.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
