{"id":21273123,"url":"https://github.com/picnicsupermarket/error-prone-support","last_synced_at":"2025-05-16T14:05:02.524Z","repository":{"id":60639893,"uuid":"131403312","full_name":"PicnicSupermarket/error-prone-support","owner":"PicnicSupermarket","description":"Error Prone extensions: extra bug checkers and a large battery of Refaster rules.","archived":false,"fork":false,"pushed_at":"2025-05-11T01:04:19.000Z","size":8701,"stargazers_count":217,"open_issues_count":49,"forks_count":41,"subscribers_count":60,"default_branch":"master","last_synced_at":"2025-05-11T02:19:38.417Z","etag":null,"topics":["abstract-syntax-tree","ast","automatic-refactoring","code-quality","code-style","code-transformation","error-prone","hacktoberfest","java","refactoring","refactoring-tools","refaster","static-analysis"],"latest_commit_sha":null,"homepage":"https://error-prone.picnic.tech","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/PicnicSupermarket.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2018-04-28T11:20:42.000Z","updated_at":"2025-05-10T08:47:54.000Z","dependencies_parsed_at":"2023-10-16T03:25:53.655Z","dependency_job_id":"a24d9907-e1de-4da1-b1bb-f12f35179c7c","html_url":"https://github.com/PicnicSupermarket/error-prone-support","commit_stats":null,"previous_names":[],"tags_count":36,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicnicSupermarket%2Ferror-prone-support","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicnicSupermarket%2Ferror-prone-support/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicnicSupermarket%2Ferror-prone-support/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/PicnicSupermarket%2Ferror-prone-support/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/PicnicSupermarket","download_url":"https://codeload.github.com/PicnicSupermarket/error-prone-support/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254544146,"owners_count":22088807,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["abstract-syntax-tree","ast","automatic-refactoring","code-quality","code-style","code-transformation","error-prone","hacktoberfest","java","refactoring","refactoring-tools","refaster","static-analysis"],"created_at":"2024-11-21T09:12:38.887Z","updated_at":"2025-05-16T14:05:02.496Z","avatar_url":"https://github.com/PicnicSupermarket.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"website/assets/images/logo-dark.svg\"\u003e\n    \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"website/assets/images/logo.svg\"\u003e\n    \u003cimg alt=\"Error Prone Support logo\" src=\"website/assets/images/logo.svg\" width=\"50%\"\u003e\n  \u003c/picture\u003e\n\u003c/div\u003e\n\n# Error Prone Support\n\nError Prone Support is a [Picnic][picnic-blog]-opinionated extension of\nGoogle's [Error Prone][error-prone-orig-repo]. It aims to improve code quality,\nfocussing on maintainability, consistency and avoidance of common pitfalls.\n\n\u003e Error Prone is a static analysis tool for Java that catches common\n\u003e programming mistakes at compile-time.\n\nTo learn more about Error Prone (Support), how you can start using Error Prone\nin practice, and how we use it at Picnic, watch the conference talk\n[_Automating away bugs with Error Prone in practice_][conference-talk]. Also\nconsider checking out the blog post [_Picnic loves Error Prone: producing\nhigh-quality and consistent Java code_][picnic-blog-ep-post].\n\n[![Maven Central][maven-central-badge]][maven-central-search]\n[![Reproducible Builds][reproducible-builds-badge]][reproducible-builds-report]\n[![OpenSSF Best Practices][openssf-best-practices-badge]][openssf-best-practices-checklist]\n[![OpenSSF Scorecard][openssf-scorecard-badge]][openssf-scorecard-report]\n[![CodeQL Analysis][codeql-badge]][codeql-master]\n[![GitHub Actions][github-actions-build-badge]][github-actions-build-master]\n[![Mutation tested with PIT][pitest-badge]][pitest]\n[![Quality Gate Status][sonarcloud-quality-badge]][sonarcloud-quality-master]\n[![Maintainability Rating][sonarcloud-maintainability-badge]][sonarcloud-maintainability-master]\n[![Reliability Rating][sonarcloud-reliability-badge]][sonarcloud-reliability-master]\n[![Security Rating][sonarcloud-security-badge]][sonarcloud-security-master]\n[![Coverage][sonarcloud-coverage-badge]][sonarcloud-coverage-master]\n[![Duplicated Lines (%)][sonarcloud-duplication-badge]][sonarcloud-duplication-master]\n[![Technical Debt][sonarcloud-technical-debt-badge]][sonarcloud-technical-debt-master]\n[![License][license-badge]][license]\n[![PRs Welcome][pr-badge]][contributing]\n\n[Getting started](#-getting-started) •\n[Developing Error Prone Support](#-developing-error-prone-support) •\n[How it works](#-how-it-works) • [Contributing](#%EF%B8%8F-contributing)\n\n---\n\n## ⚡ Getting started\n\n### Installation\n\nThis library is built on top of [Error Prone][error-prone-orig-repo]. To use\nit, read the installation guide for Maven or Gradle below. The library requires\nthat your build is executed using JDK 17 or above, but supports builds that\n[target][baeldung-java-source-target-options] older versions of Java.\n\n#### Maven\n\n1. First, follow Error Prone's [installation\n   guide][error-prone-installation-guide].\n2. Next, edit your `pom.xml` file to add one or more Error Prone Support\n   modules to the `annotationProcessorPaths` of the `maven-compiler-plugin`:\n\n   ```xml\n   \u003cbuild\u003e\n       \u003cpluginManagement\u003e\n           \u003cplugins\u003e\n               \u003cplugin\u003e\n                   \u003cgroupId\u003eorg.apache.maven.plugins\u003c/groupId\u003e\n                   \u003cartifactId\u003emaven-compiler-plugin\u003c/artifactId\u003e\n                   \u003c!-- Prefer using the latest release. --\u003e\n                   \u003cversion\u003e3.12.0\u003c/version\u003e\n                   \u003cconfiguration\u003e\n                       \u003cannotationProcessorPaths\u003e\n                           \u003c!-- Error Prone itself. --\u003e\n                           \u003cpath\u003e\n                               \u003cgroupId\u003ecom.google.errorprone\u003c/groupId\u003e\n                               \u003cartifactId\u003eerror_prone_core\u003c/artifactId\u003e\n                               \u003cversion\u003e${error-prone.version}\u003c/version\u003e\n                           \u003c/path\u003e\n                           \u003c!-- Error Prone Support's additional bug checkers. --\u003e\n                           \u003cpath\u003e\n                               \u003cgroupId\u003etech.picnic.error-prone-support\u003c/groupId\u003e\n                               \u003cartifactId\u003eerror-prone-contrib\u003c/artifactId\u003e\n                               \u003cversion\u003e${error-prone-support.version}\u003c/version\u003e\n                           \u003c/path\u003e\n                           \u003c!-- Error Prone Support's Refaster rules. --\u003e\n                           \u003cpath\u003e\n                               \u003cgroupId\u003etech.picnic.error-prone-support\u003c/groupId\u003e\n                               \u003cartifactId\u003erefaster-runner\u003c/artifactId\u003e\n                               \u003cversion\u003e${error-prone-support.version}\u003c/version\u003e\n                           \u003c/path\u003e\n                       \u003c/annotationProcessorPaths\u003e\n                       \u003ccompilerArgs\u003e\n                           \u003carg\u003e\n                               -Xplugin:ErrorProne\n                               \u003c!-- Add other Error Prone flags here. See\n                               https://errorprone.info/docs/flags. --\u003e\n                           \u003c/arg\u003e\n                           \u003carg\u003e-XDcompilePolicy=simple\u003c/arg\u003e\n                       \u003c/compilerArgs\u003e\n                       \u003c!-- Enable this if you'd like to fail your build upon warnings. --\u003e\n                       \u003c!-- \u003cfailOnWarning\u003etrue\u003c/failOnWarning\u003e --\u003e\n                   \u003c/configuration\u003e\n               \u003c/plugin\u003e\n           \u003c/plugins\u003e\n       \u003c/pluginManagement\u003e\n   \u003c/build\u003e\n   ```\n\n\u003c!-- XXX: Reference `oss-parent`'s `pom.xml` once that project also uses Error\nProne Support. Alternatively reference this project's `self-check` profile\ndefinition. --\u003e\n\n#### Gradle\n\n1. First, follow the [installation\n   guide][error-prone-gradle-installation-guide] of the\n   `gradle-errorprone-plugin`.\n2. Next, edit your `build.gradle` file to add one or more Error Prone Support\n   modules:\n\n   ```groovy\n   dependencies {\n       // Error Prone itself.\n       errorprone(\"com.google.errorprone:error_prone_core:${errorProneVersion}\")\n       // Error Prone Support's additional bug checkers.\n       errorprone(\"tech.picnic.error-prone-support:error-prone-contrib:${errorProneSupportVersion}\")\n       // Error Prone Support's Refaster rules.\n       errorprone(\"tech.picnic.error-prone-support:refaster-runner:${errorProneSupportVersion}\")\n   }\n\n   tasks.withType(JavaCompile).configureEach {\n       options.errorprone.disableWarningsInGeneratedCode = true\n       // Add other Error Prone flags here. See:\n       // - https://github.com/tbroyer/gradle-errorprone-plugin#configuration\n       // - https://errorprone.info/docs/flags\n   }\n   ```\n\n### Seeing it in action\n\nConsider the following example code:\n\n```java\nimport com.google.common.collect.ImmutableSet;\nimport java.math.BigDecimal;\n\npublic class Example {\n  static BigDecimal getNumber() {\n    return BigDecimal.valueOf(0);\n  }\n\n  public ImmutableSet\u003cInteger\u003e getSet() {\n    ImmutableSet\u003cInteger\u003e set = ImmutableSet.of(1);\n    return ImmutableSet.copyOf(set);\n  }\n}\n```\n\nIf the [installation](#installation) was successful, then building the above\ncode with Maven should yield two compiler warnings:\n\n```sh\n$ mvn clean install\n...\n[INFO] Example.java:[9,34] [Refaster Rule] BigDecimalRules.BigDecimalZero: Refactoring opportunity\n    (see https://error-prone.picnic.tech/refasterrules/BigDecimalRules#BigDecimalZero)\n  Did you mean 'return BigDecimal.ZERO;'?\n...\n[WARNING] Example.java:[13,35] [IdentityConversion] This method invocation appears redundant; remove it or suppress this warning and add a comment explaining its purpose\n    (see https://error-prone.picnic.tech/bugpatterns/IdentityConversion)\n  Did you mean 'return set;' or '@SuppressWarnings(\"IdentityConversion\") public ImmutableSet\u003cInteger\u003e getSet() {'?\n...\n```\n\nTwo things are kicking in here:\n\n1. An Error Prone [`BugChecker`][error-prone-bugchecker] that flags unnecessary\n   [identity conversions][bug-checks-identity-conversion].\n2. A [Refaster][refaster] rule capable of\n   [rewriting][refaster-rules-bigdecimal] expressions of the form\n   `BigDecimal.valueOf(0)` and `new BigDecimal(0)` to `BigDecimal.ZERO`.\n\nBe sure to check out all [bug checks][bug-checks] and [refaster\nrules][refaster-rules].\n\n## 👷 Developing Error Prone Support\n\nThis is a [Maven][maven] project, so running `mvn clean install` performs a\nfull clean build and installs the library to your local Maven repository.\n\nOnce you've made changes, the build may fail due to a warning or error emitted\nby static code analysis. The flags and commands listed below allow you to\nsuppress or (in a large subset of cases) automatically fix such cases. Make\nsure to carefully check the available options, as this can save you significant\namounts of development time!\n\nRelevant Maven build parameters:\n\n- `-Dverification.warn` makes the warnings and errors emitted by various\n  plugins and the Java compiler non-fatal, where possible.\n- `-Dverification.skip` disables various non-essential plugins and compiles the\n  code with minimal checks (i.e. without linting, Error Prone checks, etc.).\n- `-Dversion.error-prone=some-version` runs the build using the specified\n  version of Error Prone. This is useful e.g. when testing a locally built\n  Error Prone SNAPSHOT.\n- `-Perror-prone-fork` runs the build using Picnic's [Error Prone\n  fork][error-prone-fork-repo], hosted using [GitHub\n  Packages][error-prone-fork-packages]. This fork generally contains a few\n  changes on top of the latest Error Prone release. Using this profile\n  generally requires passing `-s settings.xml`, with [suitably\n  configured][github-packages-auth] `GITHUB_ACTOR` and `GITHUB_TOKEN`\n  environment variables.\n- `-Pself-check` runs the checks defined by this project against itself.\n\nOther highly relevant commands:\n\n- `mvn fmt:format` formats the code using\n  [`google-java-format`][google-java-format].\n- [`./run-full-build.sh`][script-run-full-build] builds the project twice,\n  where the second pass validates compatibility with Picnic's [Error Prone\n  fork][error-prone-fork-repo] and compliance of the code with any rules\n  defined within this project. (Consider running this before [opening a pull\n  request][contributing-pull-request], as the PR checks also perform this\n  validation.)\n- [`./apply-error-prone-suggestions.sh`][script-apply-error-prone-suggestions]\n  applies Error Prone and Error Prone Support code suggestions to this project.\n  Before running this command, make sure to have installed the project (`mvn\n  clean install`) and make sure that the current working directory does not\n  contain unstaged or uncommited changes.\n- [`./run-branch-mutation-tests.sh`][script-run-branch-mutation-tests] uses\n  [Pitest][pitest] to run mutation tests against code that is modified relative\n  to the upstream default branch. The results can be reviewed by opening the\n  respective `target/pit-reports/index.html` files. One can use\n  [`./run-mutation-tests.sh`][script-run-mutation-tests] to run mutation tests\n  against _all_ code in the current working directory. For more information\n  check the [PIT Maven plugin][pitest-maven].\n\nOpening the project in IntelliJ IDEA may require running `mvn clean install`\nfirst. Additionally, when running the project's tests using the IDE, you might\nsee the following error:\n\n```\njava: exporting a package from system module jdk.compiler is not allowed with --release\n```\n\nIf this happens, go to _Settings -\u003e Build, Execution, Deployment -\u003e Compiler -\u003e\nJava Compiler_ and deselect the option _Use '--release' option for\ncross-compilation (Java 9 and later)_. See [IDEA-288052][idea-288052] for\ndetails.\n\n## 💡 How it works\n\nThis project provides additional [`BugChecker`][error-prone-bugchecker]\nimplementations.\n\n\u003c!-- XXX: Extend this section. --\u003e\n\n## ✍️ Contributing\n\nWant to report or fix a bug, suggest or add a new feature, or improve the\ndocumentation? That's awesome! Please read our [contribution\nguidelines][contributing].\n\n### Security\n\nIf you want to report a security vulnerability, please do so through a private\nchannel; please see our [security policy][security] for details.\n\n[baeldung-java-source-target-options]: https://www.baeldung.com/java-source-target-options\n[bug-checks]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/error-prone-contrib/src/main/java/tech/picnic/errorprone/bugpatterns/\n[bug-checks-identity-conversion]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/error-prone-contrib/src/main/java/tech/picnic/errorprone/bugpatterns/IdentityConversion.java\n[codeql-badge]: https://github.com/PicnicSupermarket/error-prone-support/actions/workflows/codeql.yml/badge.svg?branch=master\u0026event=push\n[codeql-master]: https://github.com/PicnicSupermarket/error-prone-support/actions/workflows/codeql.yml?query=branch:master+event:push\n[conference-talk]: https://www.youtube.com/watch?v=-47WD-3wKBs\n[contributing]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/CONTRIBUTING.md\n[contributing-pull-request]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/CONTRIBUTING.md#-opening-a-pull-request\n[error-prone-bugchecker]: https://github.com/google/error-prone/blob/master/check_api/src/main/java/com/google/errorprone/bugpatterns/BugChecker.java\n[error-prone-fork-packages]: https://github.com/PicnicSupermarket/error-prone/packages\n[error-prone-fork-repo]: https://github.com/PicnicSupermarket/error-prone\n[error-prone-gradle-installation-guide]: https://github.com/tbroyer/gradle-errorprone-plugin\n[error-prone-installation-guide]: https://errorprone.info/docs/installation#maven\n[error-prone-orig-repo]: https://github.com/google/error-prone\n[github-actions-build-badge]: https://github.com/PicnicSupermarket/error-prone-support/actions/workflows/build.yml/badge.svg\n[github-actions-build-master]: https://github.com/PicnicSupermarket/error-prone-support/actions/workflows/build.yml?query=branch:master\u0026event=push\n[github-packages-auth]: https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-apache-maven-registry#authenticating-to-github-packages\n[google-java-format]: https://github.com/google/google-java-format\n[idea-288052]: https://youtrack.jetbrains.com/issue/IDEA-288052\n[license-badge]: https://img.shields.io/github/license/PicnicSupermarket/error-prone-support\n[license]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/LICENSE.md\n[maven-central-badge]: https://img.shields.io/maven-central/v/tech.picnic.error-prone-support/error-prone-support?color=blue\n[maven-central-search]: https://search.maven.org/artifact/tech.picnic.error-prone-support/error-prone-support\n[maven]: https://maven.apache.org\n[openssf-best-practices-badge]: https://bestpractices.coreinfrastructure.org/projects/7199/badge\n[openssf-best-practices-checklist]: https://bestpractices.coreinfrastructure.org/projects/7199\n[openssf-scorecard-badge]: https://img.shields.io/ossf-scorecard/github.com/PicnicSupermarket/error-prone-support?label=openssf%20scorecard\n[openssf-scorecard-report]: https://securityscorecards.dev/viewer/?uri=github.com/PicnicSupermarket/error-prone-support\n[picnic-blog-ep-post]: https://blog.picnic.nl/picnic-loves-error-prone-producing-high-quality-and-consistent-java-code-b8a566be6886\n[picnic-blog]: https://blog.picnic.nl\n[pitest-badge]: https://img.shields.io/badge/-Mutation%20tested%20with%20PIT-blue.svg\n[pitest]: https://pitest.org\n[pitest-maven]: https://pitest.org/quickstart/maven\n[pr-badge]: https://img.shields.io/badge/PRs-welcome-brightgreen.svg\n[refaster]: https://errorprone.info/docs/refaster\n[refaster-rules-bigdecimal]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/error-prone-contrib/src/main/java/tech/picnic/errorprone/refasterrules/BigDecimalRules.java\n[refaster-rules]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/error-prone-contrib/src/main/java/tech/picnic/errorprone/refasterrules/\n[reproducible-builds-badge]: https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jvm-repo-rebuild/reproducible-central/master/content/tech/picnic/error-prone-support/error-prone-support/badge.json\n[reproducible-builds-report]: https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/tech/picnic/error-prone-support/error-prone-support/README.md\n[script-apply-error-prone-suggestions]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/apply-error-prone-suggestions.sh\n[script-run-branch-mutation-tests]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/run-branch-mutation-tests.sh\n[script-run-full-build]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/run-full-build.sh\n[script-run-mutation-tests]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/run-mutation-tests.sh\n[security]: https://github.com/PicnicSupermarket/error-prone-support/blob/master/SECURITY.md\n[sonarcloud-coverage-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=coverage\n[sonarcloud-coverage-master]: https://sonarcloud.io/component_measures?id=PicnicSupermarket_error-prone-support\u0026metric=coverage\n[sonarcloud-duplication-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=duplicated_lines_density\n[sonarcloud-duplication-master]: https://sonarcloud.io/component_measures?id=PicnicSupermarket_error-prone-support\u0026metric=duplicated_lines_density\n[sonarcloud-maintainability-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=sqale_rating\n[sonarcloud-maintainability-master]: https://sonarcloud.io/component_measures?id=PicnicSupermarket_error-prone-support\u0026metric=sqale_rating\n[sonarcloud-quality-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=alert_status\n[sonarcloud-quality-master]: https://sonarcloud.io/summary/new_code?id=PicnicSupermarket_error-prone-support\n[sonarcloud-reliability-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=reliability_rating\n[sonarcloud-reliability-master]: https://sonarcloud.io/component_measures?id=PicnicSupermarket_error-prone-support\u0026metric=reliability_rating\n[sonarcloud-security-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=security_rating\n[sonarcloud-security-master]: https://sonarcloud.io/component_measures?id=PicnicSupermarket_error-prone-support\u0026metric=security_rating\n[sonarcloud-technical-debt-badge]: https://sonarcloud.io/api/project_badges/measure?project=PicnicSupermarket_error-prone-support\u0026metric=sqale_index\n[sonarcloud-technical-debt-master]: https://sonarcloud.io/component_measures?id=PicnicSupermarket_error-prone-support\u0026metric=sqale_index\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpicnicsupermarket%2Ferror-prone-support","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpicnicsupermarket%2Ferror-prone-support","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpicnicsupermarket%2Ferror-prone-support/lists"}