Skip to content

Ensure all packages declare package-info.java with null-safety annotations #30069

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 4 commits into from
Closed

Ensure all packages declare package-info.java with null-safety annotations #30069

wants to merge 4 commits into from

Conversation

edyda99
Copy link
Contributor

@edyda99 edyda99 commented Mar 6, 2023
edited by sbrannen
Loading

Overview

This commit adds the JavadocPackage Checkstyle module to the project's configuration file (checkstyle.xml). The module is configured to emit a warning message when a package-info.java file is missing, rather than throwing an exception. In addition, suppressions have been added to prevent the JavadocPackage checks from being applied to packages outside of the src/main directory. These suppressions ensure that the module only checks the packages that are relevant to the project and prevents false positives from being reported.

Deliverables

  • Configure the JavadocPackage Checkstyle module to require package-info.java files for all packages under src/main.
  • Determine if it is possible to require that package-info.java files include null-safety annotations – for example, via Checkstyle.
  • If it's possible to require that package-info.java files include null-safety annotations, configure the necessary infrastructure.
  • Introduce missing package-info.java files with package-level Javadoc and null-safety annotations.

@edyda99 edyda99 mentioned this pull request Mar 6, 2023
Closed
4 tasks
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged or decided on label Mar 6, 2023
@edyda99 edyda99 force-pushed the issue-30056 branch 2 times, most recently from 7268cb4 to 73fa229 Compare March 6, 2023 14:43
@rstoyanchev rstoyanchev added in: core Issues in core modules (aop, beans, core, context, expression) type: task A general task labels Mar 6, 2023
@rstoyanchev rstoyanchev requested a review from sbrannen March 6, 2023 16:05
@edyda99 edyda99 force-pushed the issue-30056 branch 4 times, most recently from f6d442e to 7d191a4 Compare March 6, 2023 19:29
simonbasle
simonbasle reviewed Mar 7, 2023
View reviewed changes
Copy link
Contributor

@simonbasle simonbasle left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for the suggestion. Can you provide more details about the choices you made for checkstyle modules?

@simonbasle
Copy link
Contributor

(didn't see the issue reference, which probably provides some context. my bad)

@simonbasle
Copy link
Contributor

@edyda99 I think the RegexpJavaSingleLine variant does the job (unless you've spotted occurrences of multilines nullability annotations?) The other one is also harder to read and has its own caveats with comments, so I'd go with the first one.

@edyda99
Copy link
Contributor Author

edyda99 commented Mar 7, 2023

Hi @simonbasle, I will go with RegexpJavaSingleLine.
No, I didn't spot any occurrences of multilines nullability, but it was about preventing it from happening.
So should I remove the whitespace warning? ( I would suggest keeping it and increasing the severity to "error", so whenever someone writes @\n<annotation_name> an error will be thrown)

@simonbasle simonbasle linked an issue Mar 7, 2023 that may be closed by this pull request
Ensure all packages declare package-info.java with null-safety annotations #30056
Closed
4 tasks
@simonbasle
Copy link
Contributor

( I would suggest keeping it and increasing the severity to "error", so whenever someone writes @\n<annotation_name> an error will be thrown)

Perhaps a simpler one line regexp like @\s*$ (at then any number of whitespace then the end of the line) would fit the bill? That said, I think this PR can focus on the actual null-safety annotations.

@edyda99
Copy link
Contributor Author

edyda99 commented Mar 7, 2023

Done!
In case all was good,
I will start with the last point:
'Introduce missing package-info.java files with package-level Javadoc and null-safety annotations.'
But I have two questions:

  • Do you suggest doing micro commits for each missing package-info.java?
  • What do I need to rely on before adding null-safety annotations on a newly added package-info?

@simonbasle
Copy link
Contributor

simonbasle commented Mar 7, 2023
edited
Loading

  • Do you suggest doing micro commits for each missing package-info.java?

Not necessarily, if that's the only thing in the commit.

  • What do I need to rely on before adding null-safety annotations on a newly added package-info?

It depends on how many package-info are missing. I would locally prepare the change and run some static analysis trying to find null-safety issues raising from that change. If the build doesn't break, I'm not sure I would make it a goal of this PR to fix the null-safety warnings though. Wdyt @sbrannen (also cc @sdeleuze)

@sbrannen sbrannen self-assigned this Mar 8, 2023
@sbrannen
Copy link
Member

sbrannen commented Mar 8, 2023
edited
Loading

  • Do you suggest doing micro commits for each missing package-info.java?

Not necessarily, if that's the only thing in the commit.

I agree with @simonbasle.

Ideally the final result will be 3-4 commits.

  • enforce that package-info.java files exist and contain Javadoc
    • build should fail
  • introduce missing package-info.java files
    • build should pass
  • enforce that package-info.java files declare @NonNullApi and @NonNullFields
    • build should fail
  • introduce missing @NonNullApi and @NonNullFields declarations
    • build should pass

Of course, we may squash all commits in the PR into a single commit if that turns out to be easier.

  • What do I need to rely on before adding null-safety annotations on a newly added package-info?

I don't understand the question. Can you please expound?

It depends on how many package-info are missing. I would locally prepare the change and run some static analysis trying to find null-safety issues raising from that change. If the build doesn't break, I'm not sure I would make it a goal of this PR to fix the null-safety warnings though. Wdyt @sbrannen (also cc @sdeleuze)

Ensuring that proper null-safety semantics are enforced within code in newly annotated packages is beyond the scope of this PR/issue. I've created #30083 to address that.

sbrannen
sbrannen requested changes Mar 8, 2023
View reviewed changes
Copy link
Member

@sbrannen sbrannen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for working on this!

It's coming along nicely.

I've requested a few minor changes.

After that, all that's left is ensuring that the build fails for violations and that all missing package-info.java files have been created (so that the build passes again).

@sbrannen sbrannen added status: waiting-for-feedback We need additional information before we can continue and removed status: waiting-for-triage An issue we've not yet triaged or decided on labels Mar 8, 2023
@sbrannen sbrannen changed the title Add JavadocPackage checkstyle module with warning severity level and … Ensure all packages declare package-info.java with null-safety annotations Mar 8, 2023
@sbrannen
Copy link
Member

sbrannen commented Mar 8, 2023
edited
Loading

You also need to suppress violations in the framework-docs module, since that source code is only used in the reference manual.

And for the following packages in spring-core.

  • spring-core/src/main/java/org/springframework/asm
  • spring-core/src/main/java/org/springframework/cglib
  • spring-core/src/main/java/org/springframework/objenesis
  • spring-core/src/main/java/org/springframework/javapoet
  • spring-core/src/main/java/org/springframework/lang

@sbrannen sbrannen marked this pull request as draft March 8, 2023 12:28
@sbrannen sbrannen added this to the 6.0.7 milestone Mar 8, 2023
@edyda99 edyda99 force-pushed the issue-30056 branch 2 times, most recently from f4000a3 to 8eee8f0 Compare March 8, 2023 12:56
@edyda99
Enforce package-info.java files on /src/main/ and framework-docs modu…
cf4b673 
…le and specific packages inside spring-core module

This commit updates the project's checkstyle configuration to require the existence of a package-info.java file for all packages within the src/main directory while excluding framework-docs module and certain packages inside spring-core module. A missing package-info.java will result in emitting an exception.
edyda99 added 3 commits March 8, 2023 16:16
@edyda99
Enforce package-info.java files on /src/main/ and framework-docs modu…
56a71b1 
…le and specific packages inside spring-core module

This commit updates the project's checkstyle configuration to require the existence of a package-info.java file for all packages within the src/main directory while excluding framework-docs module and certain packages inside spring-core module. A missing package-info.java will result in emitting a warning.
@edyda99
Enforce package-info.java files on /src/main/ and framework-docs modu…
adfefce 
…le and specific packages inside spring-core module

This commit updates the project's checkstyle configuration to require the existence of a package-info.java file for all packages within the src/main directory while excluding framework-docs module and certain packages inside spring-core module. A missing package-info.java will result in emitting a warning. Additionally, two RegexpSinglelineJava modules have been added to check that package-info.java files contain null-safety annotations @NonNullApi and NonNullFields and throws exception in case one of them or both are missing.
@edyda99
Enforce package-info.java files on /src/main/ and framework-docs modu…
003e122 
…le and specific packages inside spring-core module

This commit updates the project's checkstyle configuration to require the existence of a package-info.java file for all packages within the src/main directory while excluding framework-docs module and certain packages inside spring-core module. A missing package-info.java will result in emitting a warning. Additionally, two RegexpSinglelineJava modules have been added to check that package-info.java files contain null-safety annotations @NonNullApi and NonNullFields.
@edyda99
Copy link
Contributor Author

edyda99 commented Mar 8, 2023

Hi again,

First sorry for the continuous Force pushes, but I wanted to reduce my commits.
I reduced them to 4 micro commits, with the last one containing the full commit message.
All comments are resolved.

The merge request is ready for the final review

Thank you again!

@spring-projects-issues spring-projects-issues added status: feedback-provided Feedback has been provided and removed status: waiting-for-feedback We need additional information before we can continue labels Mar 8, 2023
@edyda99 edyda99 marked this pull request as ready for review March 9, 2023 08:14
@sbrannen sbrannen removed the status: feedback-provided Feedback has been provided label Mar 9, 2023
@sbrannen sbrannen marked this pull request as draft March 9, 2023 16:54
@sbrannen
Copy link
Member

sbrannen commented Mar 9, 2023

Thanks for making the latest changes, @edyda99!

Except for creation of the missing package-info.java files, the PR is effectively complete.

While reviewing the work locally on my machine, I have discovered a few issues with regular expressions, the wrong severity, additional packages that need to be excluded (suppressed), etc.

I have therefore converted this PR to a draft to signal that I will make the final changes locally after merging in your work.

@edyda99
Copy link
Contributor Author

edyda99 commented Mar 9, 2023

@sbrannen Ok Great
Could you suggest something else for me?

sbrannen pushed a commit that referenced this pull request Mar 10, 2023
@edyda99 @sbrannen
Configure Checkstyle to require package-info.java files
268e3fe 
This commit updates the project's checkstyle configuration to require
the existence of a package-info.java file for all packages within the
src/main directory while excluding the framework-docs module and
certain packages inside the spring-core module. A missing
package-info.java file will result in emitting a warning.

See gh-30069
sbrannen pushed a commit that referenced this pull request Mar 10, 2023
@edyda99 @sbrannen
Configure Checkstyle to require package-level null-safety annotations
7e32f50 
This commit updates the project's checkstyle configuration to check
that package-info.java files contain the @NonNullApi and @NonNullFields
null-safety annotations.

See gh-30069
@sbrannen sbrannen closed this in 99e54fe Mar 10, 2023
@sbrannen
Copy link
Member

This has been merged into main in 268e3fe and 7e32f50 and revised and completed in 99e54fe.

The latter turned out to be a bit more work than expected. 👀

Thanks again for the contribution, @edyda99!

@sbrannen
Copy link
Member

Could you suggest something else for me?

We have an ideal-for-contribution label for such suggestions. Though, unfortunately there's only one issue in that category right now.

In light of that, you can search for existing issues that appeal to you and for which you feel qualified to tackle. Then ask on the issue if a PR would be welcome.

@sbrannen sbrannen mentioned this pull request Mar 10, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbrannen sbrannen sbrannen requested changes

@simonbasle simonbasle simonbasle left review comments

Assignees

@sbrannen sbrannen

Labels
in: core Issues in core modules (aop, beans, core, context, expression) type: task A general task
Projects
None yet
Milestone
6.0.7
Development

Successfully merging this pull request may close these issues.

Ensure all packages declare package-info.java with null-safety annotations
5 participants
@edyda99 @simonbasle @sbrannen @rstoyanchev @spring-projects-issues