False Positive "ImplicitDefaultLocale" In rmat("0x%08X")

Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Talk to a Lightrun Answers expertFalse positive "ImplicitDefaultLocale" in String.format("0x%08X")See original GitHub issue

Expected Behavior

A call to String.format("0x%08X", value) is recognized as being locale-independent because hexadecimal number formatting is related to engineering and not to i18n/l12n.

Observed Behavior

detect reported the following source lines as ImplicitDefaultLocale:

private fun UInt?.hex(): String = String.format("0x%08X", this) private fun UShort?.hex(): String = String.format("0x%04X", this)

That is a false positive on ImplicitDefaultLocale because the %x formatting specified is locale-independent.

Steps to Reproduce

Create a Kotlin source file that calls String.format("0x%08X, 42) or something like that. Run detekt.

Context

Context: Format numbers in hexadecimal to create tracing messages for people to analyze a proprietary binary network protocol.

Your Environment

• Version of detekt used: 1.17.1
• Version of Gradle used (if applicable): 6.8.2
• Gradle scan link (add --scan option when running the gradle task): n/a
• Operating System and version: Kubuntu 20.04.2 LTS
• Link to your project (if it’s a public repository): n/a

Issue Analytics

• State:
• Created 2 years ago
• Comments:6 (2 by maintainers)

Top GitHub Comments

3reactionscortinicocommented, May 31, 2021

Thanks for your explanation @christianhujer

when it has really no benefit other than addressing a lazily static code analyzer’s false positives.

Just to clarify, when we turn back proposals/fixes is because we have extremely limited resources. We try to don’t add too much complexity to rules as they become harder to maintain in the long run.

I still believe that inspecting the string template for placeholders might add unnecessary complexity. I could be totally wrong, so I’d be more than happy to review a PR and eventually discuss over there. If we do so we should also consider this approach to be a bit more general and not just hexadecimal number (e.g. also octal and others listed here https://docs.oracle.com/javase/7/docs/api/java/util/Formatter.html#detail)

EDIT: grammar

2reactionsBraisGabincommented, May 24, 2021

I agree that in this case there is not need to add the locale. But I think that it’s not a bad idea to use Locale.ROOT in this case anyway.

I don’t know how could we spot all those cases where the Locale is not needed and don’t add any false-negatives. In this rule the false-negatives seem more scary than the false positives.

Read more comments on GitHub >

Top Results From Across the Web

Why does Android Lint warn about String.format using default ...when I mentioned the locale with the format, the lint warning just vanished. String.format(Locale.US,"%02d", selectedInt);.Read more >Implicitly using the default locale is a common source of bugsIssue 499086: Implicitly using the default locale is a common source of ... locale is a common source of bugs: Use `String.format(Locale, ....Read more >lint/libs/lint-tests/src/test/java/com/android/tools/lint/checks ...src/test/pkg/LocaleTest.java:11: Warning: Implicitly using the default locale is a common source of bugs: Use toUpperCase(Locale) instead. For strings meant ...Read more >Free Automated Malware Analysis Service - Hybrid AnalysisSubmit malware for free analysis with Falcon Sandbox and Hybrid Analysis technology. Hybrid Analysis develops and licenses analysis tools to fight malware.Read more >Use forbiddenapis static code analizer as maven plugin #1217String #toLowerCase() [Uses default locale] [ERROR] in ... not be used as it give false-positives in Main class that has to use system...Read more >

Top Related Medium Post

No results found

Top Related StackOverflow Question

No results found

Troubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.Start Free

Top Related Reddit Thread

No results found

Top Related Hackernoon Post

No results found

Top Related Tweet

No results found

Top Related Dev.to Post

No results found

Top Related Hashnode Post

No results foundPrevious page

Avoidable creation of range

Next page

Running detektFormat Gradle task sometimes work fine and other times throw an exception