commons-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Haris Adzemovic (Jira)" <j...@apache.org>
Subject [jira] [Commented] (CONFIGURATION-766) BigDecimal(double) should not be used
Date Tue, 29 Oct 2019 10:31:00 GMT

    [ https://issues.apache.org/jira/browse/CONFIGURATION-766?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16961869#comment-16961869
] 

Haris Adzemovic commented on CONFIGURATION-766:
-----------------------------------------------

Thank you for the quick reply!

Seeing as how it is a one-line change and the error only shows up on static analysis, is a
unit test necessary? The unit test would then show how the usage _could_ be dangerous and
not really "relate" to the commons-configuration lib. It would be something akin to:

assertEquals(new BigDecimal(0.1), 0.1)) <-- Fails

assertEquals(BigDecimal.valueOf(0.1), 0.1)) <-- Passes

Should that still be included? Or is attaching a screenshot of the Sonarqube analysis showing
the violation to this ticket a more suitable solution?

> BigDecimal(double) should not be used
> -------------------------------------
>
>                 Key: CONFIGURATION-766
>                 URL: https://issues.apache.org/jira/browse/CONFIGURATION-766
>             Project: Commons Configuration
>          Issue Type: Bug
>         Environment: A single occurrence in file PropertyConverter.java, line 393:
> {code:java}
> return new BigDecimal(n.doubleValue());
> {code}
>            Reporter: Haris Adzemovic
>            Priority: Minor
>
> Static analysis with SonarQube shows a violation of ruleĀ [S2111|[https://rules.sonarsource.com/java/type/Bug/RSPEC-2111]]
- a dangerous use of the BigDecimal constructor.
> Fixed by using BigDecimal.valueOf(param) instead.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message