Search code examples
javaeclipsesuppress-warningssonarlint

How to supress warnings from SonarLint in Eclipse without causing "Unsupported @SuppressWarnings" issue

I am using SonarLint (SonarLint for Eclipse 7.7.0.60863) with Eclipse (Version: 2022-12 (4.26.0)) and it shows warnings like "Server certificates should be verified during SSL/TLS connections (java:S4830)". Since I am handling this issue (it is just for dev environment) I want to suppress this warning. So I added @SuppressWarnings({"java:S4830"}) annotation to method as this is a suggested as optimal solution ( Instead of //NOSONAR ignoring all sonar warnings in line).

SonarLint warning disappeared but now I have new warning "Unsupported @SuppressWarnings("java:S4830")"

Original code:

Original code with SonarLint warning

After ignoring SonarLint issue:

Code with suppressed SonarLint issue

Code to reproduce issue:

@SuppressWarnings({"java:S4830"})
    private void setSslToTrustAll() throws NoSuchAlgorithmException, KeyManagementException {
        X509TrustManager trustAllManager = new X509TrustManager() {
            
            @Override
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
            
            @Override
            public void checkServerTrusted(X509Certificate[] chain, String authType){
                // trust all
            }
            
            @Override
            public void checkClientTrusted(X509Certificate[] chain, String authType){
                // trust all
            }
        };
        TrustManager[] trustManagers = new TrustManager[] {trustAllManager};
        SSLContext sslContect = SSLContext.getDefault();
        sslContect.init(null, trustManagers, new SecureRandom());
        HttpsURLConnection.setDefaultSSLSocketFactory(sslContect.getSocketFactory());
        HttpsURLConnection.setDefaultHostnameVerifier((hostname, session) -> true);
    }

I do not want to use //NOSONAR to disable all warnings. I tried to use different names like @SuppressWarnings({"squid:S4830"}) - this also removes SonarLint warning but "Unsupported @SuppressWarnings" appears.

Solution

  • Use the Configure problem severity quick fix link (shown in your second screenshot) to go to the Java compiler settings and set Unhandled token in '@SupressWarnings' to Ignore.

    Even by ignoring @SuppressWarnings tokens that are not known to the Java compiler, problems for @SuppressWarnings tokens that are known to the Java compiler will still be displayed, such as for a superfluous @SuppressWarnings("unused") at something that is used or not private.