1<?xml version="1.0" encoding="UTF-8"?> 2<!-- 3 ~ Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 4 ~ 5 ~ Licensed under the Apache License, Version 2.0 (the "License"). 6 ~ You may not use this file except in compliance with the License. 7 ~ A copy of the License is located at 8 ~ 9 ~ http://aws.amazon.com/apache2.0 10 ~ 11 ~ or in the "license" file accompanying this file. This file is distributed 12 ~ on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either 13 ~ express or implied. See the License for the specific language governing 14 ~ permissions and limitations under the License. 15 --> 16 17<FindBugsFilter> 18 19 <!-- Ignore Java "Serializable" problems in the code generator. --> 20 <Match> 21 <Package name="~software\.amazon\.awssdk\.codegen.*"/> 22 <Bug pattern="SE_BAD_FIELD,SE_NO_SERIALVERSIONID,SE_BAD_FIELD_STORE"/> 23 </Match> 24 25 26 <!-- Ignore "confusing name" problems that result of needing to match the inconsistent naming in 27 the service model. --> 28 <Match> 29 <Package name="~software\.amazon\.awssdk\.codegen\.model.*"/> 30 <Bug pattern="NM_CONFUSING"/> 31 </Match> 32 33 <Match> 34 <!-- PZLA_PREFER_ZERO_LENGTH_ARRAYS: This rule causes many false positives, because sometimes we want to return 35 null for arrays. --> 36 <!-- UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR: This rule causes many false positives, because we may be null 37 checking using a library function, like Validate.notNull. --> 38 <Bug pattern="PZLA_PREFER_ZERO_LENGTH_ARRAYS,UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR"/> 39 </Match> 40 41 <Match> 42 <Or> 43 <!-- Container classes do not copy arrays for performance reasons at this time. --> 44 <Class name="software.amazon.awssdk.protocols.json.JsonContent" /> 45 </Or> 46 <Bug pattern="EI_EXPOSE_REP,EI_EXPOSE_REP2" /> 47 </Match> 48 49 <Match> 50 <!-- Explicitly an unsafe option that the customer must opt into. --> 51 <Class name="software.amazon.awssdk.core.BytesWrapper" /> 52 <Method name="asByteArrayUnsafe" /> 53 <Bug pattern="EI_EXPOSE_REP" /> 54 </Match> 55 56 <!-- Delegate closes input stream. --> 57 <Match> 58 <Class name="software.amazon.awssdk.protocols.ion.internal.IonFactory" /> 59 <Method name="createParser" /> 60 <Bug pattern="OBL_UNSATISFIED_OBLIGATION" /> 61 </Match> 62 63 <!-- We do not have control over these objects being serializable, but we do not intend for them to fully function 64 after serialization. --> 65 <Match> 66 <Or> 67 <Class name="software.amazon.awssdk.services.dynamodb.datamodeling.DynamoDBMapper$BatchGetItemException"/> 68 <Class name="software.amazon.awssdk.protocols.ion.internal.IonFactory"/> 69 </Or> 70 <Bug pattern="SE_TRANSIENT_FIELD_NOT_RESTORED" /> 71 </Match> 72 73 <!-- Protocol test client suppressions. --> 74 <Match> 75 <Or> 76 <Package name="~software\.amazon\.awssdk\.services\.protocol.*"/> 77 </Or> 78 <!-- URF_UNREAD_FIELD, DLS_DEAD_LOCAL_STORE: Sometimes we have unread variables and fields because they're only 79 conditionally used. It's cleaner to just always generate them, even if we may not actually be using them. --> 80 <!-- REC_CATCH_EXCEPTION: Sometimes we want to convert runtime exceptions into sdk exceptions, so we catch it and 81 wrap it in an sdk-specific exception. --> 82 <Bug pattern="URF_UNREAD_FIELD,DLS_DEAD_LOCAL_STORE,REC_CATCH_EXCEPTION" /> 83 </Match> 84 85 <!-- False positive --> 86 <Match> 87 <Class name="software.amazon.awssdk.core.ResponseBytes" /> 88 <Bug pattern="EI_EXPOSE_REP2" /> 89 </Match> 90 91 <!-- False positive Unconfirmed cast--> 92 <Match> 93 <Or> 94 <Class name="software.amazon.awssdk.core.client.handler.BaseAsyncClientHandler$InterceptorCallingHttpResponseHandler" /> 95 <Class name="software.amazon.awssdk.core.client.handler.BaseAsyncClientHandler$UnmarshallingSdkHttpResponseHandler" /> 96 <Class name="software.amazon.awssdk.core.internal.http.async.SyncResponseHandlerAdapter" /> 97 </Or> 98 <Bug pattern="BC_UNCONFIRMED_CAST" /> 99 </Match> 100 101 <!-- Currently they look the same and we will revisit this when we add APIG --> 102 <Match> 103 <Or> 104 <Class name="software.amazon.awssdk.core.client.handler.SdkAsyncClientHandler" /> 105 <Class name="software.amazon.awssdk.core.client.handler.SdkSyncClientHandler" /> 106 <Class name="software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler" /> 107 <Class name="software.amazon.awssdk.awscore.client.handler.AwsAsyncClientHandler" /> 108 </Or> 109 <Bug pattern="RI_REDUNDANT_INTERFACES" /> 110 </Match> 111 112 <Match> 113 <Or> 114 <Package name="io.netty.handler.codec.http2"/> 115 <Class name="software.amazon.awssdk.http.nio.netty.internal.utils.BetterFixedChannelPool" /> 116 </Or> 117 <Bug pattern="BC_UNCONFIRMED_CAST,SIC_INNER_SHOULD_BE_STATIC_ANON,DLS_DEAD_LOCAL_STORE,DM_CONVERT_CASE,NM_CLASS_NOT_EXCEPTION,NP_NULL_ON_SOME_PATH"/> 118 </Match> 119 120 <Match> 121 <Class name="software.amazon.awssdk.benchmark.marshaller.dynamodb.V1DynamoDbAttributeValue$TestItemUnmarshalling" /> 122 <Method name="utf8" /> 123 <Bug pattern="EI_EXPOSE_REP" /> 124 </Match> 125 126 <Match> 127 <Class name="software.amazon.awssdk.benchmark.marshaller.dynamodb.V2DynamoDbAttributeValue$TestItemUnmarshalling" /> 128 <Method name="utf8" /> 129 <Bug pattern="EI_EXPOSE_REP" /> 130 </Match> 131 132 <Match> 133 <Class name="software.amazon.awssdk.authcrt.signer.internal.SdkSigningResult" /> 134 <Method name="getSignature" /> 135 <Bug pattern="EI_EXPOSE_REP" /> 136 </Match> 137 138 <Match> 139 <Class name="software.amazon.awssdk.http.auth.aws.crt.internal.signer.V4aRequestSigningResult" /> 140 <Method name="getSignature" /> 141 <Bug pattern="EI_EXPOSE_REP" /> 142 </Match> 143 144 <Match> 145 <Class name="software.amazon.awssdk.http.auth.aws.crt.internal.signer.RollingSigner" /> 146 <Bug pattern="EI_EXPOSE_REP" /> 147 </Match> 148 149 <Match> 150 <Class name="software.amazon.awssdk.protocols.json.internal.unmarshall.JsonProtocolUnmarshaller" /> 151 <Method name="unmarshallStructured" /> 152 <Bug pattern="BC_UNCONFIRMED_CAST" /> 153 </Match> 154 155 <!-- We want the content to be restored to the default vaue of null --> 156 <Match> 157 <Class name="software.amazon.awssdk.http.DefaultSdkHttpFullResponse" /> 158 <Field name="content" /> 159 <Bug pattern="SE_TRANSIENT_FIELD_NOT_RESTORED" /> 160 </Match> 161 162 <!-- Don't understand why these are bugs --> 163 <Match> 164 <Class name="software.amazon.awssdk.services.protocolec2.DefaultProtocolEc2AsyncClient" /> 165 <Method name="init" /> 166 <Bug pattern="BC_UNCONFIRMED_CAST_OF_RETURN_VALUE" /> 167 </Match> 168 <Match> 169 <Class name="software.amazon.awssdk.services.protocolec2.DefaultProtocolEc2Client" /> 170 <Method name="init" /> 171 <Bug pattern="BC_UNCONFIRMED_CAST_OF_RETURN_VALUE" /> 172 </Match> 173 174 <!-- https://github.com/spotbugs/spotbugs/issues/600 --> 175 <Match> 176 <Or> 177 <Class name="software.amazon.awssdk.core.interceptor.ClasspathInterceptorChainFactory"/> 178 <Class name="software.amazon.awssdk.protocols.json.internal.dom.JsonDomParser"/> 179 <Class name="software.amazon.awssdk.testutils.service.AwsIntegrationTestBase"/> 180 <Class name="software.amazon.awssdk.protocol.asserts.marshalling.XmlAsserts" /> 181 <Class name="software.amazon.awssdk.testutils.FileUtils"/> 182 </Or> 183 <Bug pattern="RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE"/> 184 </Match> 185 186 <!-- See SpotBugs bug: https://github.com/spotbugs/spotbugs/issues/600, https://github.com/spotbugs/spotbugs/issues/756 --> 187 <Match> 188 <Class name="software.amazon.awssdk.internal.http.AbstractFileStoreTlsKeyManagersProvider"/> 189 <Method name="createKeyStore"/> 190 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 191 </Match> 192 193 <!-- See SpotBugs bug: https://github.com/spotbugs/spotbugs/issues/600, https://github.com/spotbugs/spotbugs/issues/756 --> 194 <Match> 195 <Class name="software.amazon.awssdk.codegen.emitters.CodeWriter"/> 196 <Method name="flush"/> 197 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 198 </Match> 199 200 <!-- See SpotBugs bug: https://github.com/spotbugs/spotbugs/issues/600, https://github.com/spotbugs/spotbugs/issues/756 --> 201 <Match> 202 <Class name="software.amazon.awssdk.core.SdkServiceClientConfiguration$Builder"/> 203 <Method name="overrideConfiguration"/> 204 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 205 </Match> 206 207 <!-- If we're not sure about the RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT, skip the warning. --> 208 <Match> 209 <Package name="~software.amazon.awssdk.http.nio.netty.*"/> 210 <Bug pattern="RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT"/> 211 <Not> 212 <Confidence value="1"/> 213 </Not> 214 </Match> 215 216 <Match> 217 <Class name="software.amazon.awssdk.core.internal.waiters.ResponseOrException"/> 218 <Bug pattern="NM_CLASS_NOT_EXCEPTION"/> 219 </Match> 220 221 <Match> 222 <Package name="~software.amazon.awssdk.http.*"/> 223 <Bug pattern="URF_UNREAD_FIELD, RV_RETURN_VALUE_IGNORED"/> 224 </Match> 225 226 <Match> 227 <Class name="software.amazon.awssdk.utils.async.StoringSubscriber"/> 228 <Method name="drop"/> 229 <Bug pattern="RV_RETURN_VALUE_IGNORED"/> 230 </Match> 231 232 233 <Match> 234 <Class name="software.amazon.awssdk.http.crt.internal.response.CrtResponseBodyPublisher" /> 235 <Method name="subscribe"/> 236 <Bug pattern="SIC_INNER_SHOULD_BE_STATIC_ANON"/> 237 </Match> 238 239 <!-- on some java versions, the try-with-resources byte code is getting flagged by this --> 240 <Match> 241 <Class name="software.amazon.awssdk.http.crt.AwsCrtAsyncHttpClient" /> 242 <Method name="execute"/> 243 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 244 </Match> 245 <Match> 246 <Class name="software.amazon.awssdk.http.crt.AwsCrtAsyncHttpClient"/> 247 <Method name="<init>"/> 248 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 249 </Match> 250 251 252 <!-- For forward-compatibility with this having members (i.e. the checksum type) --> 253 <Match> 254 <Class name="software.amazon.awssdk.core.interceptor.trait.HttpChecksumRequired"/> 255 <Method name="create"/> 256 <Bug pattern="ISC_INSTANTIATE_STATIC_CLASS"/> 257 </Match> 258 259 <!-- This is very buggy https://github.com/spotbugs/spotbugs/issues/1539 --> 260 <Match> 261 <Bug pattern="DMI_RANDOM_USED_ONLY_ONCE" /> 262 </Match> 263 264 <!-- Uses these methods legitimately. --> 265 <Match> 266 <Or> 267 <Class name="software.amazon.awssdk.http.SdkHttpHeaders"/> 268 <Class name="software.amazon.awssdk.http.SdkHttpRequest"/> 269 </Or> 270 <Bug pattern="SDK_BAD_METHOD_CALL"/> 271 </Match> 272 273 <!-- False positive on JDK 11+ --> 274 <Match> 275 <Class name="software.amazon.awssdk.transfer.s3.model.ResumableFileDownload"/> 276 <Method name="fromFile"/> 277 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 278 </Match> 279 280 <!-- False positive on JDK 11+ --> 281 <Match> 282 <Class name="software.amazon.awssdk.transfer.s3.model.ResumableFileUpload"/> 283 <Method name="fromFile"/> 284 <Bug pattern="RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE"/> 285 </Match> 286 287 <!-- Intentional for backwards-compatibility --> 288 <Match> 289 <Or> 290 <Class name="software.amazon.awssdk.auth.signer.AwsSignerExecutionAttribute"/> 291 <Class name="software.amazon.awssdk.auth.signer.S3SignerExecutionAttribute"/> 292 </Or> 293 <Bug pattern="NP_BOOLEAN_RETURN_NULL"/> 294 </Match> 295 296 <!-- New flags as of spotbogs 4.7.3.5 --> 297 <!-- TODO: Fix or explicitly exclude each occurrence --> 298 <Match> 299 <Bug pattern="EI_EXPOSE_REP2,EI_EXPOSE_REP,MS_EXPOSE_REP,MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR,SA_FIELD_SELF_ASSIGNMENT,DCN_NULLPOINTER_EXCEPTION"/> 300 </Match> 301</FindBugsFilter> 302