[
https://issues.apache.org/jira/browse/CONFIGURATION-766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16961869#comment-16961869
]
Haris Adzemovic commented on CONFIGURATION-766:
-----------------------------------------------
Thank you for the quick reply!
Seeing as how it is a one-line change and the error only shows up on static
analysis, is a unit test necessary? The unit test would then show how the usage
_could_ be dangerous and not really "relate" to the commons-configuration lib.
It would be something akin to:
assertEquals(new BigDecimal(0.1), 0.1)) <-- Fails
assertEquals(BigDecimal.valueOf(0.1), 0.1)) <-- Passes
Should that still be included? Or is attaching a screenshot of the Sonarqube
analysis showing the violation to this ticket a more suitable solution?
> BigDecimal(double) should not be used
> -------------------------------------
>
> Key: CONFIGURATION-766
> URL: https://issues.apache.org/jira/browse/CONFIGURATION-766
> Project: Commons Configuration
> Issue Type: Bug
> Environment: A single occurrence in file PropertyConverter.java, line
> 393:
> {code:java}
> return new BigDecimal(n.doubleValue());
> {code}
> Reporter: Haris Adzemovic
> Priority: Minor
>
> Static analysis with SonarQube shows a violation of ruleĀ
> [S2111|[https://rules.sonarsource.com/java/type/Bug/RSPEC-2111]] - a
> dangerous use of the BigDecimal constructor.
> Fixed by using BigDecimal.valueOf(param) instead.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
