32

SonarQube complains about "String contains no format specifiers." when using org.slf4j.Logger, in particular method "public void debug(String msg)". For example 

 log.info("message");

It refers to this rule : https://wiki.sei.cmu.edu/confluence/display/c/FIO47-C.+Use+valid+format+strings

However, in this rule, we can find the following quote :

Each conversion specification is introduced by the % character followed (in order) by

Zero or more flags (in any order), which modify the meaning of the conversion specification

Is it me that miss something, or is this rule not well implemented? Any experience with that ?

Jonathan Schoreels
  • 1,660
  • 1
  • 12
  • 20

2 Answers2

38

This is a known issue introduced with SonarJava 5.1. You can safely consider this issue as a False Positive (FP) and/or ignore it. It has already been fixed while handling JIRA ticket SONARJAVA-2633.

The fix has been delivered with version 5.1.1 of SonarJava analyzer, released on Feb 16, 2018 (requires SonarQube LTS 6.7 or superior).

Update for SonarLint standalone users

For SonarLint users working with standalone versions (not connected to any SonarQube instance), you may still observe the issue depending of the version you are using. If you are using:

  • SonarLint for Eclipse 3.5: It includes version 5.1.0.13090 of SonarJava, so you will still observe the FP on your code. Next release will use a more recent version of SonarJava, therefore resolving the issue. Next version is expected for end of May/early June 2018.
  • SonarLint for IntelliJ 3.4 (released on May 9, 2018): It includes SonarJava 5.3.0.13828, which means that the issue has been fixed. Updating your version to latest released version should then fix the issue.
Wohops
  • 3,071
  • 18
  • 29
  • Thank you for the answer and the link ! – Jonathan Schoreels Feb 08 '18 at 13:57
  • Hi, thanks for info, do you have any idea, if only logger is impacted, or its more wide in general and every kind of logging will raise this kind of issue? Thanks .. I didnt find the info at ref link – xxxvodnikxxx Feb 12 '18 at 09:54
  • 1
    Only logger from `org.slf4j.Logger` should be impacted. – Wohops Feb 13 '18 at 10:27
  • I've just asked a question flagged as a duplicate of the one here. I'm running 6.7.1 LTS and I was still seeing this, also with `org.slf4j.Logger`. For anyone coming across this: you should upgrade to 6.7.2, which contains the fix. – AbVog Mar 28 '18 at 14:31
  • @AbVog this is not related to SonarQube version, this is related to the SonarJava plugin. You could have stayed with SQ **6.7.1** and only update the SonarJava plugin to version **5.1.1** – Wohops Mar 28 '18 at 14:37
  • Alright, noted! I started with a fresh directory for the upgrade, reinstalled plugins, and in the process, upgraded the SonarJava plugin. I then mistakenly ascribed the "fix" where it wasn't due. – AbVog Mar 28 '18 at 15:12
  • It doesn't appear to be fixed in SonarLint for Eclipse 3.5 – Jay R. May 09 '18 at 14:12
  • 4
    @JayR. Indeed. SonarLint for Eclipse 3.5 has the version 5.1.0.13090 in standalone mode, which doesn't have the fix. A new Eclipse release is expected within a month, which will have the latest Java analyzer, including this fix. – janos May 09 '18 at 15:43
  • I am using SonarLint 3.6 in Eclipse and I still get this error. – xmlParser Jun 28 '18 at 14:09
15

Noncompliant Code Example

logger.info("Query: " , query);
LOGGER.info("Query: {0}", query);
// issue: String contains no format specifiers
LOGGER.info("Query: {0}", query);
// issue: String contains no format specifiers

Compliant Solution

LOGGER.info("Query: {}", query);
Yunnosch
  • 26,130
  • 9
  • 42
  • 54
Rohit Chaurasiya
  • 446
  • 4
  • 8