Manual:Coding conventions/Java

This page describes the coding conventions used within files of the MediaWiki codebase written in Java. See also the general conventions that apply to all program languages, including Java.

Build
Maven is used as a build tool. All projects should inherit from the discovery-parent-pom. It configures a number of static analysis tools and linters that will help in keeping projects coherent. Code conventions are embodied in the checkstyle configuration used by that pom.xml and will not be repeated here. The README file in that project describes how to use this parent pom.

Java projects hosted on Gerrit should be built by Jenkins by using the -maven-java8-docker template. Other templates are available to publish documentation and to manage the release process.

Java projects should be analyzed by [ https://sonarcloud.io/organizations/wmftest SonarCloud].

Java version
Most of our projects are at the moment targeting Java 8. We are in the process of transitioning to Java 11.

[ https://sdkman.io/ SDKMAN] can help you manage multiple JDK and easily switch between them.

Libraries
A number of libraries are commonly used throughout our various Java projects. Using the same libraries for similar use cases can help coherence across projects. That being said, use the list below as suggestions, not as a hard rule.

Guava
Guava is used on a number of projects. Note that in some cases, we have dependencies that themselves rely on outdated Guava versions, which prevents us from using the latest version.The features of Guava that we use the most are:


 * Preconditions
 * Immutable Collections
 * Caches

Lombok
While [ https://projectlombok.org/features/all Lombok] is not strictly a library, it provides very useful syntactic sugar to Java. Since Lombok is an annotation processor executed at compile time, Lombok has no runtime dependencies and is thus not creating compatibility issues.

Lombok can be further configured by adding a file at the package level, which might be particularly useful to make it play nice with Jackson. An example of such configuration:

lombok.equalsAndHashCode.callSuper = call lombok.extern.findbugs.addSuppressFBWarnings = true lombok.addLombokGeneratedAnnotation = true lombok.anyConstructor.addConstructorProperties = true
 * 1) disable SpotBugs, it does not like generated code by lombok
 * 1) useful for jackson that will be able to use the all args constructor when deserializing

A few particularly useful features:


 * @Data: makes it easy to generate DTO / DO, taking care of all this getters / setters and having a proper, valid and.
 * @SneakyThrows: a better way of dealing with checked exceptions than wrapping them in an unchecked exception.

Depending on your IDE, you might need to install a lombok plugin. See [ https://www.projectlombok.org/setup/overview documentation for your specific IDE].

JSR 305
JSR 305 provides annotations to better document expected behaviour and help detect bugs. Those annotations are only compile time dependencies and not required at runtime, they don't generate dependency issues.

In particular:


 * @Nonnull / @Nullable - specifies that a method parameter or return value should be non-null or nullable.
 * @ParametersAreNonnullByDefault - all parameters on this class / package / method are expected to be non null unless otherwise specified.
 * @Immutable: this class is immutable.
 * @ThreadSafe / @NotThreadSafe: this class is or is not thread safe.

JSON / XML
[ https://github.com/FasterXML/jackson Jackson] is used for most JSON and XML parsing / serialization, with the use of [ https://github.com/FasterXML/jackson-annotations annotations].

HTTP client
[ https://hc.apache.org/ Apache HttpComponents] is used as an HTTP client.

As much as possible a single instance of should be shared within an application. A custom User-Agent string should be configured.

Unit Testing Framework
We mostly use [ https://junit.org/ JUnit] as a testing framework. Some projects are using [ https://junit.org/junit4/ JUnit 4], while others are using JUnit 5. Some projects have dependencies on component specific testing libraries that don't support [ https://junit.org/junit5/ JUnit 5] yet. For projects that don't have this limitation, JUnit 5 should be preferred.

Mocking
[ https://site.mockito.org/ Mockito] is used as a mocking framework where needed.

HTTP Mocking
[ https://wiremock.org/docs/ WireMock] is used as an HTTP mock server, which allows testing code that relies on HTTP interactions. Note that WireMock makes it easy to also test various faults (delays, timeout, etc...).

Assertions
[ https://assertj.github.io/doc/ AssertJ] is our main assertion framework. In almost all cases AssertJ should be preferred over plain, JUnit assertions or Hamcrest.

Unit vs Integration Tests
We follow the usual naming conventions to identify [ https://maven.apache.org/surefire/maven-surefire-plugin/examples/inclusion-exclusion.html unit tests] vs [ https://maven.apache.org/surefire/maven-failsafe-plugin/examples/inclusion-exclusion.html integration tests].

Managing and defensive programming
As much as possible, values should be avoided. Null Objects should be preferred. Parameters should be expected to be non null and not explicitly checked, unless they come from an untrusted caller. Parameters should be marked with /  to allow static analysis tools to validate nullity.

Context
[ https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/io/Serializable.html Serialization] and the use of serialVersionUID is [ https://github.com/projectlombok/lombok/wiki/WHY-NOT:-serialVersionUID complex topic]. In short:


 * when a class is serialized, it's is part of the serialization
 * when a class is deserialized, the serialized is compared with the target class, if they don't match, deserialization fails
 * can be set manually, otherwise it is auto computed by the serialization runtime, the UID will change if the structure of the class changes, it might be different across different JRE vendors or versions

Leaving the runtime to compute the can lead to cases where class versions should be compatible but still fail deserialization.

Manually setting the can lead to cases where class versions should not be compatible but still successfully deserialize, leading to silent problems (when the class structure has changed, but the  has not been updated).

guidelines
should be manually defined only when:


 * classes are expected to be deserialized (not if they just need to extend Serializable)
 * the class or JVM version might change between serialization and deserialization

If manually defined, should start at  and be incremented on each change to the class structure. The range from to  is considered non-generated by the [ https://github.com/mebigfatguy/fb-contrib/blob/spotbugs/src/main/java/com/mebigfatguy/fbcontrib/detect/ImmatureClass.java#L44 FindBugs'  rules]