I have a project that is showing false positives in sourceanalyzer reports. For example, using a static variable named PASSWORD_DIALOG_TAG is reported as a hard coded password even though it's not. I'd like to be able to hide this line or suppress this particular warning in my fortify reports. Note, I don't want to suppress all warnings for hardcoded passwords, just this one.
I know that for this particular warning I could simply change the variable name, but there are other types of warnings that aren't as easily rectified.
I would first confirm it is really a false positive by AWB >> Group By [Category Analyzer]. If the PASSWORD... is found by the Semantic analyzer, then it is high possibility that the issue is due to keyword "PASS/PASSWD/PASSWORD/SSN/TXTNO..." etc.
There are 4 ways to hide an issue.
(1) #AWB suppress it: This is not recommended as it would suppress all current and FUTURE issue under this RULEGUID. However, the issue can be found in the DB and can be reverted.
**(2) #AWB NAI it: ** This is recommended. Click on the Analysis tag and mark it Not an Issue (see above picture)
(3) #AWB Filter it: Top menu bar >>Options >>Show View >>Filter >>Visibility Filter >> Create New filter >> a pop up wizard shows up >> Category contains .
This method is compliment to other methods. After you suppressing/NAIing and issue, you can make the false positive disappear from your list.
(4) exclude certain file from being scanned by command line parameter -exclude /absolute path of dir/file.name (list here for reference only...)
Related
I have a tool that will list failed tests, and I would like a way to open a fully qualified class and goto a method in Eclipse with a single string I can copy from the results. It can use any pattern whatsoever (I can change the test results layout), but could be something like this example:
com.my.package.StringUtilTest:testValueOf
I shall use it for re-running tests, but could work with any methods. It could go to the first option when there are overloads (won't matter for me). It could also list all options and allow me to paste the string and enter to go to the first option (being the only one in my case), or selecting the correct one from the very narrowed down options, just like Ctrl + O will do (note Ctrl + O will work on current file only though). It could even accept (or require!) the parameter types, won't matter. Anything like that would be a huge thanks. Some place where I can paste a single string on (in any way that it may have to be) to open a specific method.
I've been looking for a while, could be built-in or configured shortcut, macro, plugin, et cetera, but could neither find nor wrap my head around doing something (not expert on eclipsetalities)... I tried searching for a lot different stuff, but as you can see my problem can be solved with a vast pletora of things (none of which I can find anywhere though).
Eclipse jdt doesn't have it yet, but I believe an open method dialog similar to the open type dialog is in the works.. Please create a bug at bugs.eclipse.org if one doesn't exist describing what you would want in such a dialog.
I find this extremely annoying that you often do not get help with figuring out the parameter signatures of methods and contructors when you have already written the first parameter.
Instead Intellij will show the variables available to you in your context. This is good, but not the first prio. I want to see the signature of the method/constructor as well.
This has the consequence that you always have to keep deleting and CTRL + SPACE to see the signature.
Is there a way around this issue?
You don't have to press Ctrl+P, you can configure IDEA to always show this information:
Go to Settings > Editor > General > Code Completion
Select the Show full signatures and Autopopup in (ms:) boxes.
You can press Ctrl+P to show the signature(s) of the method/constructor, see this link for more details:
https://www.jetbrains.com/idea/webhelp/viewing-method-parameter-information.html
I've returned to IntelliJ after a long hiatus for Android development so I'm getting used to it again. The problem I have is that for example when you want to see where is a class being used, you'd position the caret in the class declaration and issue cmdaltF7 (on Mac OS X) to Find Usages, which is returning stuff from mapping.txt and seeds.txt as well as the .java results, and even tho I can set up the defaults by doing shiftcmdaltF7 and un-tick the: search for text occurrences and even change the scope from Project Files to a custom scope (for example), these options are not saved when I invoke Find Usages again.
Does anybody know of a way to personalize the Find Usages so it's more close to what Eclipse would do? (I.e., find the real usages instead of a text search for occurrences).
Reporting back from the future: the behaviour described in the question has now been implemented (Intellij issue mentioned in the comments).
To configure cmdaltF7 to run in a default scope, start by running it against some Symbol
Clicking on the wrench icon, one can select one of the pre-defined scopes, or create a new one (using the ... button).
The + creates a new scope. Find the folder in which to look, and click Include recursively. And voila!
Any consequent searches will use that scope until it is changed.
Instead of cmdaltF7, use the shortcut altF7. This will open a pop-up for you to make a selection about Scope, Test occurrences, and types of usage. You will have to make this selection one time. The next time you press altF7 then your choices are remembered.
The result is that altF7 followed by enter gives you what you need.
As I am looking for ways to speed development and usage with IDEA, I am using Intentions (I.e: Alt+Enter by default Keymapping) to auto-insert things like decelerations, constructors, and all that jazz, trying to keep myself well clear of using the mouse when I can.
One thing that does irritate me is with creating constants, fields, and parameters. After generating them, the IDE jumps to the position they are declared, and prompts for name and type. Usually this results in a double-hit of the enter key, however, leaves the cursor at there. Is there a way to jump back to the usage after declaring it through this feature?
Cheers.
Assuming you want a field foo, you can type foo and then immediately use the quick fix intention to create a field foo. Now you can type Alt +F7 ("Find Usages"). This will take you to the usage you just typed (since it is the only one). This assumes you have the "Skip results tab with one usage" option set in "Find Usages Settings (Edit > Find > Find Usages Settings or Ctrl+Alt+Shift+F7). If you do not have that setting configured, the result will open in the Find tool window with the usage highlighted. You can then type F4 (jump to source).
I have a Java code line where IntelliJ displays a warning. How do I silence the warning in that particular line, without affecting warnings displayed in other lines?
In this question it's irrelevant what the actual warning is: now I'm not seeking advice on how to improve the quality of a specific piece of Java code, but I want to know in general how to prevent IntelliJ from displaying a warning on a specific Java source line.
Mostly in IntelliJ, you can click on the line and Alt+Enter, and it will have options for suppressing the warning, among other things.
Expanding upon Ryan Stewart's answer, in IntelliJ, use Alt+Enter, then select the first sub-menu, then the last item: Suppress for statement.
Update
Using IntelliJ IDEA 13, I noticed an additional menu item: "Suppress for statement with comment". This will use the IntelliJ style //noinspection unchecked. If you select "Suppress for statement", IntelliJ will insert this text: #SuppressWarnings("unchecked").
Depending on the warning you can use #SuppressWarnings. Eg:
#SuppressWarnings("deprecation")
yourLineWhichIsDeprecated;
Take a look at this answer for a pretty long list of warnings you can suppress. Check the other posts on that topic for more details.
In IntelliJ 15 the inline "yellow bulb" and alt-enter menus don't offer to suppress the inspection for 1 line.
There are more options when running the inspections via the Menu: Analyze -> Inspect Code....
Then on the Inspection panel the right side offers various options.
Some of text in the right hand panel is clickable. Note that usually the problem resolution function (quick fix) is also available.
(Apparently #tino already noticed this in a comment, but I missed his comment the first time. I'm adding this as full answer to make the important bit I personally missed easier to find.)
Just one more note. If you are looking for a answer to suppress all warnings for a next line (or part of the code). It might be a reason for a several cases:
Idea doesn't provide error name, or suggestions
Number of warnings for next line is too large
You can use just:
//noinspection ALL
Click on the complaining area that has a wavy line 〰️ beneath it
A light bulb 💡 appears, click the light bulb 💡
Select the suppress statement option
4. An no inspection comment will be added above current line //noinspection CssInvalidPropertyValue
The complaining disappear 👏
Problems panel
The Problems panel shows a list of warnings and errors in our code. There we can peruse the various issues with our code, working through the list one-by-one. This feature arrived in IntelliJ 2020.2.
In at least IntelliJ 2021.2, and perhaps earlier, we can suppress a warning within that panel.
When selecting a problem point, the right-side pane of the Problems panel shows a Suppress widget. This pop-up menu displays items for various ways to suppress the warning.
When compiling code using Kotlin language and IntelliJ here is a hint
Here is a link to the github source where the compiler warnings have their origin and where the default error messages output by the Kotlin compiler are defined
kotlin/compiler/frontend/src/org/jetbrains/kotlin/diagnostics/rendering/DefaultErrorMessages.java
If the compiler outputs "Variable ''{0}'' is never used" it origins from this line form DefaultErrorMessages.java
MAP.put(UNUSED_VARIABLE, "Variable ''{0}'' is never used", NAME);
To suppress the warning you can put a #Suppress() annotation before an unused variable in your code like this:
#Suppress("UNUSED_VARIABLE")
var y: Int = 3
So the trick if the IntelliJ does not help you pop up suggestions pressing Alt+ENTER at a highlighted expression is to look inside DefaultErrorMessages.java if you can find the error message and the keyword to supress a particular warning using #Suppress(..names)
This topic is not marked "Kotlin" but at least marked IntelliJ
//noinspection unchecked,ConstantConditions
#SuppressWarnings does not work in every place
As other questions point out, there are several options to achieve what are you asking for. A more comprehensive list of the options available can be found in the official documentation here.