[nullsafe] Add an option to warn about unvetted third party in default mode

Summary: Currently, we don't issue warnings for third party return value in non-@Nullsafe modes. For some integrations, this feature is useful. This diff repurposes the existing param to suit this goal. Reviewed By: artempyanykh Differential Revision: D25186043 fbshipit-source-id: 308101841
4 years ago · 7dcbacf693
parent c6a33c88b7
commit 7dcbacf693
6 changed files with 23 additions and 25 deletions
--- a/infer/man/man1/infer-full.txt
+++ b/infer/man/man1/infer-full.txt
@ -1667,11 +1667,12 @@ INTERNAL OPTIONS
           This feature is needed for compatibility reasons. (Conversely:
           --no-nullsafe-disable-field-not-initialized-in-nonstrict-classes)
-       --no-nullsafe-optimistic-third-party-params-in-non-strict
+       --no-nullsafe-optimistic-third-party-in-default-mode
-           Deactivates: Nullsafe: in this mode we treat non annotated third
+           Deactivates: Nullsafe: Unless @Nullsafe annotation is used, treat
-           party method params as if they were annotated as nullable.
+           not annotated third party method params as if they were annotated
-           (Conversely:
+           as nullable, and return values as if they were annotated as
-           --nullsafe-optimistic-third-party-params-in-non-strict)
+           non-null (Conversely:
           --nullsafe-optimistic-third-party-in-default-mode)
       --nullsafe-strict-containers
           Activates: Warn when containers are used with nullable keys or
--- a/infer/src/base/Config.ml
+++ b/infer/src/base/Config.ml
@ -1650,17 +1650,15 @@ and nullsafe_disable_field_not_initialized_in_nonstrict_classes =
     marked as @NullsafeStrict. This feature is needed for compatibility reasons."
-and nullsafe_optimistic_third_party_params_in_non_strict =
+and nullsafe_optimistic_third_party_in_default_mode =
  CLOpt.mk_bool
    ~long:
-      "nullsafe-optimistic-third-party-params-in-non-strict"
+      "nullsafe-optimistic-third-party-in-default-mode"
-      (* Turned on for compatibility reasons.
+      (* Turned on for compatibility reasons
-         Historically this is because there was no actionable way to change third party annotations.
+       *) ~default:true
-         Now that we have such a support, this behavior should be reconsidered, provided
+    "Nullsafe: Unless @Nullsafe annotation is used, treat not annotated third party method params \
-         our tooling and error reporting is friendly enough to be smoothly used by developers.
+     as if they were annotated as nullable, and return values as if they were annotated as \
-      *) ~default:true
+     non-null"
    "Nullsafe: in this mode we treat non annotated third party method params as if they were \
     annotated as nullable."
 and nullsafe_third_party_signatures =
@ -2996,8 +2994,8 @@ and nullsafe_disable_field_not_initialized_in_nonstrict_classes =
  !nullsafe_disable_field_not_initialized_in_nonstrict_classes
-and nullsafe_optimistic_third_party_params_in_non_strict =
+and nullsafe_optimistic_third_party_in_default_mode =
-  !nullsafe_optimistic_third_party_params_in_non_strict
+  !nullsafe_optimistic_third_party_in_default_mode
 and nullsafe_third_party_signatures = !nullsafe_third_party_signatures
--- a/infer/src/base/Config.mli
+++ b/infer/src/base/Config.mli
@ -401,7 +401,7 @@ val nullsafe_annotation_graph : bool
 val nullsafe_disable_field_not_initialized_in_nonstrict_classes : bool
-val nullsafe_optimistic_third_party_params_in_non_strict : bool
+val nullsafe_optimistic_third_party_in_default_mode : bool
 val nullsafe_third_party_signatures : string option
--- a/infer/src/nullsafe/AssignmentRule.ml
+++ b/infer/src/nullsafe/AssignmentRule.ml
@ -49,8 +49,9 @@ module ReportableViolation = struct
  let from nullsafe_mode ({lhs; rhs} as violation) =
    let falls_under_optimistic_third_party =
-      Config.nullsafe_optimistic_third_party_params_in_non_strict
+      Config.nullsafe_optimistic_third_party_in_default_mode
      && NullsafeMode.equal nullsafe_mode Default
      (* Treat third party params as if they were [@Nullable] *)
      && Nullability.equal (AnnotatedNullability.get_nullability lhs) ThirdPartyNonnull
    in
    let is_non_reportable =
--- a/infer/src/nullsafe/ErrorRenderingUtils.ml
+++ b/infer/src/nullsafe/ErrorRenderingUtils.ml
@ -150,12 +150,8 @@ let mk_recommendation_for_third_party_field nullsafe_mode field =
  match nullsafe_mode with
  | NullsafeMode.Strict ->
      F.sprintf "access %s via a nullsafe strict getter" field
-  | NullsafeMode.Local _ ->
+  | NullsafeMode.Local _ | NullsafeMode.Default ->
      F.sprintf "access %s via a nullsafe getter" field
  | NullsafeMode.Default ->
      Logging.die InternalError
        "mk_recommendation_for_third_party_field:: Should not happen: we should tolerate third \
         party in default mode"
 let get_info object_origin nullsafe_mode untrusted_kind =
--- a/infer/src/nullsafe/Nullability.ml
+++ b/infer/src/nullsafe/Nullability.ml
@ -68,8 +68,10 @@ let is_considered_nonnull ~nullsafe_mode nullability =
      | NullsafeMode.Local NullsafeMode.Trust.All ->
          UncheckedNonnull
      | NullsafeMode.Default ->
-          (* In default mode, we trust everything, even not annotated third party. *)
+          (* We trust all internal method declarations, and, if specified separately,
-          ThirdPartyNonnull
+             even not annotated third party. *)
          if Config.nullsafe_optimistic_third_party_in_default_mode then ThirdPartyNonnull
          else UncheckedNonnull
    in
    is_subtype ~subtype:nullability ~supertype:least_required