In our SonarQube integration I've noticed the use of org.assertj.core.api.Assertions.assertThat causes a bug. Namely
Assertions should not be used in production code
Bug
Major
java:S5960
Assertions are intended to be used in test code, but not in production code. It is confusing, and might lead to ClassNotFoundException when the build tools only provide the required dependency in test scope.
In addition, assertions will throw a sub-class of Error: AssertionError, which should be avoided in production code.
This rule raises an issue when any assertion intended to be used in test is used in production code.
Supported frameworks:
- JUnit
- FestAssert
- AssertJ
Note: this does not apply for assert from Java itself or if the source code package name is related to tests (contains: test or assert or junit).
Technically it's right as this code, which is test code, does not have test for example in the package name or even the path. But if the code is switched across to org.springframework.test.util.AssertionErrors.assertEquals the problem goes away.
Any ideas what's happening here?
To provide an answer, the solution I ended up taking was to rename the package to include test in the name. e.g.
com.project.integration.test;
This feels invasive but it was the lesser evil.