Error Prone Integration

Part of: Static Code Analysis | Phase: 1 of 7 | Status: ✅ Active (WARNING mode)

Overview

Error Prone is a static analysis tool from Google that catches common Java programming mistakes at compile-time. It's been integrated into our build process as Phase 1 of our static code analysis adoption plan.

See Static Code Analysis Overview for the complete adoption strategy and roadmap.

Current Status

✅ Phase 1: Complete - Error Prone is integrated and running in WARNING mode

Mode: All errors reported as warnings (-XepAllErrorsAsWarnings)
Build Impact: Does not fail the build
Coverage: Analyzes all Java source files during compilation
Found Issues: 8 bugs detected in existing codebase

Configuration

Error Prone is configured in pom.xml (maven-compiler-plugin):

<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-compiler-plugin</artifactId>
    <version>3.13.0</version>
    <configuration>
        <source>23</source>
        <target>23</target>
        <compilerArgs>
            <arg>-XDcompilePolicy=simple</arg>
            <!-- Error Prone in WARNING mode -->
            <arg>-Xplugin:ErrorProne -XepAllErrorsAsWarnings</arg>
            <!-- Java 23 module access flags -->
            <arg>-J--add-exports=jdk.compiler/com.sun.tools.javac.api=ALL-UNNAMED</arg>
            <!-- ... additional exports ... -->
        </compilerArgs>
        <annotationProcessorPaths>
            <path>
                <groupId>com.google.errorprone</groupId>
                <artifactId>error_prone_core</artifactId>
                <version>2.33.0</version>
            </path>
        </annotationProcessorPaths>
        <fork>true</fork>
    </configuration>
</plugin>

Known Issues Found

Error Prone has identified 8 bugs in the codebase:

ImpossibleNullComparison (7 occurrences)

Checks for null values that can never be null:

RBACServiceImpl.java:135 - null check on non-null value
RBACServiceImpl.java:225 - null check on non-null value
RBACServiceImpl.java:423 - null check on non-null value
RBACServiceImpl.java:491 - null check on non-null value
RBACServiceImpl.java:728 - null check on non-null value
IccApiPostProcessor.java:849 - null check on non-null value
CodeApplicabilityInspectorV2.java:581 - null check on non-null value

SelfAssignment (1 occurrence)

Variable assigned to itself:

ArchitecturalPlanReviewer.java:971 - variable self-assignment

How to Use

During Development

Run compilation to see Error Prone warnings:

export JAVA_HOME=/usr/lib/jvm/temurin-23-jdk-arm64
mvn compile

Fixing Issues

When you modify a file, review Error Prone warnings for that file and fix them as part of your changeset. This ensures:

Incremental improvement: Fix issues in files you're already touching
No massive refactoring: Don't need to fix the entire codebase at once
Natural progression: Code quality improves with each feature

Viewing Detailed Error Information

Error Prone provides links to detailed explanations:

[ImpossibleNullComparison] This value cannot be null...
    (see https://errorprone.info/bugpattern/ImpossibleNullComparison)

Visit the URL for:

Explanation of why it's a bug
Examples of correct code
Reasoning behind the check

Next Steps

Phase 2: Enable Strict Mode (After fixing known issues)

Once the 8 known issues are fixed, enable strict mode by changing:

<!-- FROM: -->
<arg>-Xplugin:ErrorProne -XepAllErrorsAsWarnings</arg>

<!-- TO: -->
<arg>-Xplugin:ErrorProne</arg>

This will cause the build to fail on Error Prone issues, preventing new bugs from being introduced.

Phase 3: Pre-commit Hook

Add a Git pre-commit hook to run Error Prone on staged files:

# Create .git-hooks/pre-commit-java.sh
#!/bin/bash
STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM | grep "\.java$")

if [ -z "$STAGED_FILES" ]; then
    exit 0
fi

echo "🔍 Running Error Prone on staged Java files..."
export JAVA_HOME=/usr/lib/jvm/temurin-23-jdk-arm64
mvn compile -DskipTests

if [ $? -ne 0 ]; then
    echo "❌ Error Prone found issues. Fix them before committing."
    exit 1
fi

echo "✅ All checks passed!"
exit 0

Suppressing False Positives

If Error Prone reports a false positive, you can suppress it:

import com.google.errorprone.annotations.SuppressWarnings;

@SuppressWarnings("ImpossibleNullComparison") // Justification: ...
public void myMethod() {
    // code
}

Important: Always add a comment explaining why the warning is suppressed.

Resources

Error Prone Docs: https://errorprone.info/
Bug Patterns: https://errorprone.info/bugpatterns
Issue #203: https://github.com/sanchos101/construction-code-expert/issues/203
Adoption Plan: See issue comments for full phased rollout strategy

Java 23 Compatibility

Error Prone 2.33.0 requires special JVM arguments to work with Java 23's module system. These are configured in the pom.xml using -J--add-exports and -J--add-opens flags to allow Error Prone to access internal compiler APIs.

FAQ

Q: Why is the build slower now?

A: Error Prone adds ~10-15% to compilation time. This is a reasonable trade-off for catching bugs early.

Q: Can I disable Error Prone temporarily?

A: Yes, comment out the <arg>-Xplugin:ErrorProne...</arg> line in pom.xml. Don't commit this change.

Q: What about generated code (protobuf)?

A: Error Prone reports warnings on generated protobuf code. These can be ignored for now. We may add exclusions later.

Q: Should I fix all 8 issues immediately?

A: No! Fix them incrementally as you work on those files. This is the "fix forward" strategy.

Overview​

Current Status​

Configuration​

Known Issues Found​

ImpossibleNullComparison (7 occurrences)​

SelfAssignment (1 occurrence)​

How to Use​

During Development​

Fixing Issues​

Viewing Detailed Error Information​

Next Steps​

Phase 2: Enable Strict Mode (After fixing known issues)​

Phase 3: Pre-commit Hook​

Suppressing False Positives​

Resources​

Java 23 Compatibility​

FAQ​

Q: Why is the build slower now?​

Q: Can I disable Error Prone temporarily?​

Q: What about generated code (protobuf)?​

Q: Should I fix all 8 issues immediately?​