SONARJAVA-6100 : Implement rule S8450 - Use IO.readln() for console input instead of BufferedReader boilerplate (#5460)

Author: rombirli

its/autoscan/src/test/java/org/sonar/java/it/AutoScanTest.java

@@ -199,7 +199,7 @@ public void javaCheckTestSources() throws Exception {
     softly.assertThat(newDiffs).containsExactlyInAnyOrderElementsOf(knownDiffs.values());
     softly.assertThat(newTotal).isEqualTo(knownTotal);
     softly.assertThat(rulesCausingFPs).hasSize(10);
-    softly.assertThat(rulesNotReporting).hasSize(17);
+    softly.assertThat(rulesNotReporting).hasSize(18);
 
     /**
      * 4. Check total number of differences (FPs + FNs)

its/autoscan/src/test/resources/autoscan/autoscan-diff-by-rules.json

@@ -2878,5 +2878,11 @@
     "hasTruePositives": false,
     "falseNegatives": 0,
     "falsePositives": 0
+  },
+  {
+    "ruleKey": "S8450",
+    "hasTruePositives": false,
+    "falseNegatives": 0,
+    "falsePositives": 0
   }
 ]

its/autoscan/src/test/resources/autoscan/diffs/diff_S8450.json

@@ -0,0 +1,6 @@
+{
+  "ruleKey": "S8450",
+  "hasTruePositives": false,
+  "falseNegatives": 0,
+  "falsePositives": 0
+}

java-checks-test-sources/default/src/main/files/non-compiling/checks/BufferedReaderBoilerplateCheckSample.java

@@ -0,0 +1,60 @@
+package checks;
+
+import java.io.BufferedReader;
+import java.io.IO;
+import java.io.InputStreamReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.Reader;
+
+class BufferedReaderBoilerplateCheckSample {
+  void noncompliantBasic() throws IOException {
+    BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); // Noncompliant {{Use "IO.readln()" instead of this "BufferedReader" boilerplate.}}
+    String line = reader.readLine();
+  }
+
+  void compliantBasic() throws IOException {
+    String line = IO.readln();
+  }
+
+  void noncompliantWithPrompt() throws IOException {
+    System.out.print("Enter text: ");
+    BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); // Noncompliant
+    String line = reader.readLine();
+  }
+
+  void noncompliantInTryCatch() {
+    try {
+      BufferedReader reader = new BufferedReader(new InputStreamReader(System.in)); // Noncompliant
+      String line = reader.readLine();
+    } catch (IOException ioe) {
+      ioe.printStackTrace();
+    }
+  }
+
+  void noncompliantInTryWithResources() throws IOException {
+    try (BufferedReader reader = new BufferedReader(new InputStreamReader(System.in))) { // Noncompliant
+      String line = reader.readLine();
+    }
+  }
+
+  void noncompliantInlineUsage() throws IOException {
+    String line = new BufferedReader(new InputStreamReader(System.in)).readLine(); // Noncompliant
+  }
+
+  void compliantWithFileStream(InputStream fileStream) throws IOException {
+    BufferedReader reader = new BufferedReader(new InputStreamReader(fileStream)); // Compliant - not wrapping System.in
+    String line = reader.readLine();
+  }
+
+  void compliantWithExistingReader(Reader existingReader) throws IOException {
+    BufferedReader reader = new BufferedReader(existingReader); // Compliant - not wrapping System.in via InputStreamReader
+    String line = reader.readLine();
+  }
+
+  void compliantNoSystemIn() throws IOException {
+    InputStream other = new java.io.ByteArrayInputStream(new byte[0]);
+    BufferedReader reader = new BufferedReader(new InputStreamReader(other)); // Compliant - not System.in
+    String line = reader.readLine();
+  }
+}

java-checks/src/main/java/org/sonar/java/checks/BufferedReaderBoilerplateCheck.java

@@ -0,0 +1,74 @@
+/*
+ * SonarQube Java
+ * Copyright (C) 2012-2025 SonarSource Sàrl
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.java.checks;
+
+import java.util.List;
+import org.sonar.check.Rule;
+import org.sonar.java.checks.methods.AbstractMethodDetection;
+import org.sonar.plugins.java.api.JavaVersion;
+import org.sonar.plugins.java.api.JavaVersionAwareVisitor;
+import org.sonar.plugins.java.api.semantic.MethodMatchers;
+import org.sonar.plugins.java.api.tree.ExpressionTree;
+import org.sonar.plugins.java.api.tree.MemberSelectExpressionTree;
+import org.sonar.plugins.java.api.tree.NewClassTree;
+import org.sonar.plugins.java.api.tree.Tree;
+
+@Rule(key = "S8450")
+public class BufferedReaderBoilerplateCheck extends AbstractMethodDetection implements JavaVersionAwareVisitor {
+
+  private static final MethodMatchers BUFFERED_READER_CONSTRUCTOR = MethodMatchers.create()
+    .ofTypes("java.io.BufferedReader")
+    .constructor()
+    .addParametersMatcher("java.io.Reader")
+    .build();
+
+  private static final MethodMatchers INPUT_STREAM_READER_CONSTRUCTOR = MethodMatchers.create()
+    .ofTypes("java.io.InputStreamReader")
+    .constructor()
+    .addParametersMatcher("java.io.InputStream")
+    .build();
+
+  @Override
+  public boolean isCompatibleWithJavaVersion(JavaVersion version) {
+    return version.isJava25Compatible();
+  }
+
+  @Override
+  public List<Tree.Kind> nodesToVisit() {
+    return List.of(Tree.Kind.NEW_CLASS);
+  }
+
+  @Override
+  protected MethodMatchers getMethodInvocationMatchers() {
+    return BUFFERED_READER_CONSTRUCTOR;
+  }
+
+  @Override
+  protected void onConstructorFound(NewClassTree newClassTree) {
+    if (newClassTree.arguments().get(0) instanceof NewClassTree innerNewClass
+      && INPUT_STREAM_READER_CONSTRUCTOR.matches(innerNewClass)
+      && isSystemIn(innerNewClass.arguments().get(0))) {
+      reportIssue(newClassTree, "Use \"IO.readln()\" instead of this \"BufferedReader\" boilerplate.");
+    }
+  }
+
+  private static boolean isSystemIn(ExpressionTree expression) {
+    return expression instanceof MemberSelectExpressionTree memberSelect
+      &&"in".equals(memberSelect.identifier().name())
+      && memberSelect.expression().symbolType().is("java.lang.System");
+  }
+}

java-checks/src/test/java/org/sonar/java/checks/BufferedReaderBoilerplateCheckTest.java

@@ -0,0 +1,44 @@
+/*
+ * SonarQube Java
+ * Copyright (C) 2012-2025 SonarSource Sàrl
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.java.checks;
+
+import org.junit.jupiter.api.Test;
+import org.sonar.java.checks.verifier.CheckVerifier;
+
+import static org.sonar.java.checks.verifier.TestUtils.nonCompilingTestSourcesPath;
+
+class BufferedReaderBoilerplateCheckTest {
+
+  @Test
+  void test() {
+    CheckVerifier.newVerifier()
+      .onFile(nonCompilingTestSourcesPath("checks/BufferedReaderBoilerplateCheckSample.java"))
+      .withCheck(new BufferedReaderBoilerplateCheck())
+      .withJavaVersion(25)
+      .verifyIssues();
+  }
+
+  @Test
+  void test_jav24() {
+    CheckVerifier.newVerifier()
+      .onFile(nonCompilingTestSourcesPath("checks/BufferedReaderBoilerplateCheckSample.java"))
+      .withCheck(new BufferedReaderBoilerplateCheck())
+      .withJavaVersion(24)
+      .verifyNoIssues();
+  }
+
+}

sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S8450.html

@@ -0,0 +1,51 @@
+<p>The <code>java.io.IO</code> class provides simple methods for interactive console I/O. For standard console input, <code>IO.readln()</code> should
+be preferred over the traditional, more verbose <code>BufferedReader</code>.</p>
+<h2>Why is this an issue?</h2>
+<p>Traditionally, reading a line from the console required significant boilerplate code, involving <code>InputStreamReader</code>,
+<code>BufferedReader</code>, and explicit <code>IOException</code> handling. This pattern is not only verbose but also error-prone and harder to
+read.</p>
+<p>The modern <code>IO.readln()</code> method:</p>
+<ul>
+  <li> Reduces boilerplate by providing a single-method call for reading lines. </li>
+  <li> Eliminates the need for explicit checked exception handling for standard console input. </li>
+  <li> Allows for an optional prompt string, combining the "print" and "read" steps into one cohesive operation. </li>
+  <li> Avoids the resource management overhead (like <code>try-with-resources</code>) required for manual stream wrappers. </li>
+</ul>
+<h2>How to fix it</h2>
+<p>Replace manual stream wrapping of <code>System.in</code> with the static <code>IO.readln()</code> method. If you are using a version of Java where
+<code>IO</code> is automatically imported (such as in JShell or modern entry points), you can call <code>readln()</code> directly; otherwise, use
+<code>import static java.io.IO.readln;</code>.</p>
+<h3>Code examples</h3>
+<h4>Noncompliant code example</h4>
+<pre data-diff-id="1" data-diff-type="noncompliant">
+import java.io.BufferedReader;
+import java.io.InputStreamReader;
+import java.io.IOException;
+
+void main() {
+    try {
+        System.out.print("Enter text: ");
+        BufferedReader reader = new BufferedReader(new InputStreamReader(System.in));
+        String line = reader.readLine(); // Noncompliant: verbose boilerplate
+        System.out.println(line);
+    } catch (IOException ioe) {
+        ioe.printStackTrace();
+    }
+}
+</pre>
+<h4>Compliant solution</h4>
+<pre data-diff-id="1" data-diff-type="compliant">
+import static java.io.IO.readln;
+
+void main() {
+    // Compliant: concise and readable console input
+    String line = readln("Enter text: ");
+    System.out.println(line);
+}
+</pre>
+<h2>Resources</h2>
+<h3>Documentation</h3>
+<ul>
+  <li> <a href="https://openjdk.org/jeps/512">JEP 512: Compact Source Files and Instance Main Methods</a> </li>
+</ul>
+

sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/S8450.json

@@ -0,0 +1,23 @@
+{
+  "title": "Prefer \"IO.readln()\" over \"BufferedReader\" boilerplate",
+  "type": "CODE_SMELL",
+  "status": "ready",
+  "remediation": {
+    "func": "Constant\/Issue",
+    "constantCost": "5min"
+  },
+  "tags": [
+    "java25"
+  ],
+  "defaultSeverity": "Minor",
+  "ruleSpecification": "RSPEC-8450",
+  "sqKey": "S8450",
+  "scope": "All",
+  "quickfix": "unknown",
+  "code": {
+    "impacts": {
+      "MAINTAINABILITY": "LOW"
+    },
+    "attribute": "CONVENTIONAL"
+  }
+}

sonar-java-plugin/src/main/resources/org/sonar/l10n/java/rules/java/Sonar_way_profile.json

@@ -522,6 +522,7 @@
     "S8432",
     "S8433",
     "S8444",
-    "S8445"
+    "S8445",
+    "S8450"
   ]
 }