Replace JSR-305 annotations with spotbugs annotations #118
Conversation
Annotations for Nonnull, CheckForNull, and several others were proposed for Java as part of dormant Java specification request JSR-305. The proposal never became a part of standard Java. Jenkins plugins should switch from using JSR-305 annotations to use Spotbugs annotations that provide the same semantics. The [mailing list discussion](https://groups.google.com/g/jenkinsci-dev/c/uE1wwtVi1W0/m/gLxdEJmlBQAJ) from James Nord describes the affected annotations and why they should be replaced with annotations that are actively maintained. The ["Improve a plugin" tutorial](https://www.jenkins.io/doc/developer/tutorial-improve/replace-jsr-305-annotations/) provides instructions to perform this change. An [OpenRewrite recipe](https://docs.openrewrite.org/recipes/jenkins/javaxannotationstospotbugs) is also available and is even better than the tutorial. Confirmed that automated tests pass on Linux with Java 21.
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| @@ -31,7 +29,7 @@ | |||
| CredentialsMatchers.instanceOf(StandardCertificateCredentials.class), | |||
| CredentialsMatchers.instanceOf(FileCredentials.class)); | |||
|
|
|||
| public static ListBoxModel doFillCredentialsIdItems(@Nonnull @AncestorInPath Item item, | |||
| public static ListBoxModel doFillCredentialsIdItems(@NonNull @AncestorInPath Item item, | |||
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing POST/RequirePOST annotation Warning
| @@ -97,7 +95,7 @@ | |||
| return new HashSet<>(); | |||
| } | |||
|
|
|||
| public ListBoxModel doFillCredentialsIdItems(@Nonnull @AncestorInPath Item item, | |||
| public ListBoxModel doFillCredentialsIdItems(@NonNull @AncestorInPath Item item, | |||
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing POST/RequirePOST annotation Warning
| @@ -87,7 +85,7 @@ | |||
| return "Configure Kubernetes CLI (kubectl) (deprecated, use the multi credentials one instead)"; | |||
| } | |||
|
|
|||
| public ListBoxModel doFillCredentialsIdItems(@Nonnull @AncestorInPath Item item, | |||
| public ListBoxModel doFillCredentialsIdItems(@NonNull @AncestorInPath Item item, | |||
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing POST/RequirePOST annotation Warning
| @@ -47,7 +45,7 @@ | |||
| return ""; | |||
| } | |||
|
|
|||
| public ListBoxModel doFillCredentialsIdItems(@Nonnull @AncestorInPath Item item, | |||
| public ListBoxModel doFillCredentialsIdItems(@NonNull @AncestorInPath Item item, | |||
Check warning
Code scanning / Jenkins Security Scan
Stapler: Missing POST/RequirePOST annotation Warning
|
Thanks a lot @MarkEWaite ! |
Replace JSR-305 annotations with spotbugs annotations
Annotations for Nonnull, CheckForNull, and several others were proposed for Java as part of dormant Java specification request JSR-305. The proposal never became a part of standard Java.
Jenkins plugins should switch from using JSR-305 annotations to use Spotbugs annotations that provide the same semantics.
The mailing list discussion from James Nord describes the affected annotations and why they should be replaced with annotations that are actively maintained.
The "Improve a plugin" tutorial provides instructions to perform this change.
An OpenRewrite recipe is also available and is even better than the tutorial.
Testing done
Confirmed that automated tests pass on Linux with Java 21.
Submitter checklist