Category Archives: FindBugs

FindBug: Solving DM_DEFAULT_ENCODING Warning When Using FileWriter

PROBLEM

Let’s assume we have the following code to write some data into a file:-

File file = new File(someFilePath);
Writer w = new FileWriter(file);
PrintWriter pw = new PrintWriter(w);
pw.println(someContent);
pw.close();

When running this code against a static code analysis tool, such as Findbugs, we get this high priority warning:-

Found reliance on default encoding in com.choonchernlim.epicapp.CodeGeneratorService.createFile(String): 
new java.io.FileWriter(File)

Found a call to a method which will perform a byte to String (or String 
to byte) conversion, and will assume that the default platform encoding 
is suitable. This will cause the application behaviour to vary between 
platforms. Use an alternative API and specify a charset name or Charset 
object explicitly. 

The Javadoc for FileWriter says:-

Convenience class for writing character files. The constructors of this class 
assume that the default character encoding and the default byte-buffer size are 
acceptable. To specify these values yourself, construct an OutputStreamWriter 
on a FileOutputStream.

Obviously, this class is too convenient and FindBugs is not happy about it. Further, there is no way to set a charset using FileWriter.

SOLUTION

To make FindBugs as happy as Pharrell Williams, we can use OutputStreamWriter instead because it allows us to specify a charset.

File file = new File(someFilePath);
Writer w = new OutputStreamWriter(new FileOutputStream(file), "UTF-8");
PrintWriter pw = new PrintWriter(w);
pw.println(someContent);
pw.close();

Advertisements

Suppressing FindBugs Warnings

PROBLEM

FindBugs is one of the many great static code analysis tools that I use everyday. However, the generated report may usually contain a few false positives that forces me to weave through them whenever I rerun my build on Jenkins.

For example, I’m using Google Guava to construct my equals(...) and hashCode():-

public class Person {
    private String firstName;
    private String lastName;
    private Long age;

    @Override
    public boolean equals(Object o) {
        if (this == o) {
            return true;
        }
        if (o == null || getClass() != o.getClass()) {
            return false;
        }

        Person other = (Person) o;

        return Objects.equal(firstName, other.firstName) &&
               Objects.equal(lastName, other.lastName);
    }

    @Override
    public int hashCode() {
        return Objects.hashCode(firstName, lastName);
    }
		
    // getters and setters
}

FindBugs will produce a EQ_UNUSUAL warning with the following description:-

myproject.Person.equals(Object) is unusual

This class doesn't do any of the patterns we recognize for checking 
that the type of the argument is compatible with the type of the this 
object. There might not be anything wrong with this code, but it is 
worth reviewing. 

SOLUTION

There are 2 known ways that I know to suppress these warnings. One way is to create FindBugs filter files, which I find very tedious. The other way is to use FindBug’s annotations to do so, which is what I’m going to show here.

First, we need to include the neccessary dependency:-

<dependency>
    <groupId>net.sourceforge.findbugs</groupId>
    <artifactId>annotations</artifactId>
    <version>1.3.2</version>
</dependency>

Next, we annotation equals(...) to suppress that specific warning:-

public class Person {
    private String firstName;
    private String lastName;
    private Long age;

    @edu.umd.cs.findbugs.annotations.SuppressWarnings(value = "EQ_UNUSUAL", 
                                                      justification="Implemented using Google Guava")
    @Override
    public boolean equals(Object o) {
        if (this == o) {
            return true;
        }
        if (o == null || getClass() != o.getClass()) {
            return false;
        }

        Person other = (Person) o;

        return Objects.equal(firstName, other.firstName) &&
               Objects.equal(lastName, other.lastName);
    }

    @Override
    public int hashCode() {
        return Objects.hashCode(firstName, lastName);
    }

    // getters and setters
}

That’s it… it’s that simple.

Yes, I know there’s this ugly FindBugs dependency in my code. However, I’ll take that anyday so that I’m getting a cleaner report from FindBugs. I can also be absolutely sure that I have reviewed the generated warnings and decided that they are safe to be ignored.