@opensip-tools/checks-java 1.0.4

package/.turbo/turbo-typecheck.log

@@ -0,0 +1,4 @@
+
+> @opensip-tools/checks-java@1.0.4 typecheck /Users/sb/Documents/Code/opensip-ai/opensip-tools/packages/fitness/checks-java
+> tsc --noEmit
+

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 opensip-ai
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/package.json

@@ -0,0 +1,35 @@
+{
+  "name": "@opensip-tools/checks-java",
+  "version": "1.0.4",
+  "license": "MIT",
+  "description": "Java fitness checks for opensip-tools",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/opensip-ai/opensip-tools.git",
+    "directory": "packages/fitness/checks-java"
+  },
+  "homepage": "https://github.com/opensip-ai/opensip-tools",
+  "bugs": {
+    "url": "https://github.com/opensip-ai/opensip-tools/issues"
+  },
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": "./dist/index.js"
+  },
+  "dependencies": {
+    "@opensip-tools/fitness": "1.0.4",
+    "@opensip-tools/lang-java": "1.0.4"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "vitest": "^2.1.0"
+  },
+  "scripts": {
+    "build": "tsc",
+    "test": "vitest run --passWithNoTests",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist"
+  }
+}

package/src/__tests__/analyze.test.ts

@@ -0,0 +1,33 @@
+import { describe, expect, it } from 'vitest';
+
+import { analyzePrintStackTrace } from '../checks/no-printstacktrace.js';
+
+describe('analyzePrintStackTrace', () => {
+  it('flags e.printStackTrace()', () => {
+    const out = analyzePrintStackTrace('try { foo(); } catch (Exception e) { e.printStackTrace(); }');
+    expect(out).toHaveLength(1);
+    expect(out[0]?.severity).toBe('warning');
+  });
+
+  it('flags printStackTrace() with whitespace', () => {
+    expect(analyzePrintStackTrace('e.printStackTrace ( )')).toHaveLength(1);
+  });
+
+  it('reports the correct line', () => {
+    const out = analyzePrintStackTrace('class X {\n  void f(Exception e) {\n    e.printStackTrace();\n  }\n}');
+    expect(out[0]?.line).toBe(3);
+  });
+
+  it('does not flag printStackTrace with arguments', () => {
+    expect(analyzePrintStackTrace('e.printStackTrace(System.err)')).toHaveLength(0);
+  });
+
+  it('flags multiple occurrences in one file', () => {
+    const src = 'a.printStackTrace();\nb.printStackTrace();';
+    expect(analyzePrintStackTrace(src)).toHaveLength(2);
+  });
+
+  it('returns an empty list when no .printStackTrace() is present', () => {
+    expect(analyzePrintStackTrace('class X {}')).toEqual([]);
+  });
+});

package/src/__tests__/no-printstacktrace.test.ts

@@ -0,0 +1,59 @@
+import { stripComments, stripStrings } from '@opensip-tools/lang-java/strip'
+import { describe, expect, it } from 'vitest'
+
+import { analyzePrintStackTrace } from '../checks/no-printstacktrace.js'
+
+describe('analyzePrintStackTrace', () => {
+  it('flags e.printStackTrace()', () => {
+    const violations = analyzePrintStackTrace('e.printStackTrace();')
+    expect(violations.length).toBe(1)
+    expect(violations[0]?.line).toBe(1)
+    expect(violations[0]?.message).toContain('logging framework')
+  })
+
+  it('does not flag the same literal text inside a string after stripping', () => {
+    // The content filter (strip-strings-and-comments) is applied by the
+    // framework before calling analyze. Simulate that here.
+    const src = 'String s = "e.printStackTrace()";'
+    const filtered = stripStrings(src)
+    const violations = analyzePrintStackTrace(filtered)
+    expect(violations.length).toBe(0)
+  })
+
+  it('does not flag occurrences inside comments after stripping', () => {
+    const src = '// see e.printStackTrace() for example\nint x = 1;'
+    const filtered = stripComments(src)
+    const violations = analyzePrintStackTrace(filtered)
+    expect(violations.length).toBe(0)
+  })
+
+  it('reports correct line numbers for multiple matches', () => {
+    const src = [
+      'class A {',
+      '  void m(Throwable e) {',
+      '    e.printStackTrace();',
+      '    int x = 1;',
+      '    e.printStackTrace();',
+      '  }',
+      '}',
+    ].join('\n')
+    const violations = analyzePrintStackTrace(src)
+    expect(violations.length).toBe(2)
+    expect(violations[0]?.line).toBe(3)
+    expect(violations[1]?.line).toBe(5)
+  })
+
+  it('flags calls with whitespace inside the parens', () => {
+    const violations = analyzePrintStackTrace('e.printStackTrace( );')
+    expect(violations.length).toBe(1)
+  })
+
+  it('does not flag printStackTrace with arguments (different signature)', () => {
+    // printStackTrace(PrintStream) is a legitimate call — only the
+    // no-arg variant goes to System.err implicitly.
+    const violations = analyzePrintStackTrace(
+      'e.printStackTrace(System.out);',
+    )
+    expect(violations.length).toBe(0)
+  })
+})

package/src/checks/no-printstacktrace.ts

@@ -0,0 +1,55 @@
+/**
+ * @fileoverview Flag uses of `Throwable.printStackTrace()`.
+ *
+ * `e.printStackTrace()` writes to stderr, bypassing the application's
+ * logging framework. Stack traces emitted that way miss correlation
+ * IDs, log levels, and structured fields, and they typically don't
+ * land in centralized log aggregation. Always log via the configured
+ * logger (SLF4J/Log4j/etc.) and pass the throwable as the cause.
+ *
+ * The check uses the `strip-strings-and-comments` content filter so
+ * the literal token "printStackTrace()" inside a string literal or
+ * comment isn't reported.
+ */
+import { defineCheck, type CheckViolation } from '@opensip-tools/fitness'
+
+const PRINT_STACK_TRACE_PATTERN = /\.printStackTrace\s*\(\s*\)/g
+
+/**
+ * Pure analysis function. Exported so unit tests can exercise the
+ * detection logic without standing up the full Check framework
+ * (defineCheck wraps `analyze` into an `execute` closure that
+ * requires an ExecutionContext to invoke).
+ */
+export function analyzePrintStackTrace(content: string): CheckViolation[] {
+  const violations: CheckViolation[] = []
+  const lines = content.split('\n')
+  for (const [i, line_] of lines.entries()) {
+    const line = line_
+    PRINT_STACK_TRACE_PATTERN.lastIndex = 0
+    while (PRINT_STACK_TRACE_PATTERN.exec(line) !== null) {
+      violations.push({
+        message:
+          'e.printStackTrace() bypasses the logging framework — use a logger instead',
+        severity: 'warning',
+        line: i + 1,
+        suggestion:
+          'Replace with logger.error("...", e) so the trace lands in centralized logs',
+      })
+    }
+  }
+  return violations
+}
+
+export const noPrintStackTrace = defineCheck({
+  id: 'c1d2e3f4-9876-4321-cccc-300000000001',
+  slug: 'java-no-print-stack-trace',
+  description:
+    'e.printStackTrace() bypasses the logging framework — use a logger instead',
+  scope: { languages: ['java'], concerns: [] },
+  tags: ['quality', 'observability', 'java'],
+  // Strip strings AND comments so the literal token inside a docstring
+  // or example comment isn't false-flagged.
+  contentFilter: 'strip-strings-and-comments',
+  analyze: (content) => analyzePrintStackTrace(content),
+})

package/src/index.ts

@@ -0,0 +1,12 @@
+import { noPrintStackTrace } from './checks/no-printstacktrace.js'
+
+export const checks = [noPrintStackTrace] as const
+
+
+export const metadata = {
+  name: '@opensip-tools/checks-java',
+  version: '0.6.1',
+  description: 'Java fitness checks',
+}
+
+export {noPrintStackTrace} from './checks/no-printstacktrace.js'

package/tsconfig.json

@@ -0,0 +1,8 @@
+{
+  "extends": "../../../tsconfig.json",
+  "compilerOptions": {
+    "outDir": "dist",
+    "rootDir": "src"
+  },
+  "include": ["src"]
+}

package/vitest.config.ts

@@ -0,0 +1,10 @@
+import { defineConfig } from 'vitest/config';
+export default defineConfig({
+  test: {
+    include: ['src/**/*.test.ts'],
+    coverage: {
+      include: ['src/**'],
+      exclude: ['src/**/*.test.ts', 'src/**/__tests__/**', 'src/index.ts'],
+    },
+  },
+});