# ADR-0008 - Use NullAway for null checking

## Date

2025-08-06

## Context

Our codebase uses `null` extensively to represent an absence of value or optionality of the argument.
We utilize nullness annotations in Java code and somewhat rely on IDE warnings to guide us.
However, the Java code we have is not fully annotated, which causes several consequences:
* IDE warnings can be misleading

        // Test presence of flags
        assertTrue((flags & SecurityInfo.OWNER_SECURITY_INFO) != 0);
        assertTrue((flags & SecurityInfo.DACL_SECURITY_INFO) != 0);

        // Test absence of flags
        assertTrue((flags & SecurityInfo.GROUP_SECURITY_INFO) == 0);
        assertTrue((flags & SecurityInfo.SACL_SECURITY_INFO) == 0);
    }

    @Test
    @DisplayName("Test interface extends Decodable")

  ALLOWS_NULL_QUERIES,
  ALLOWS_NULL_VALUES(ALLOWS_NULL_QUERIES),

  /**
   * Indicates that a collection disallows certain elements (other than {@code null}, whose validity
   * as an element is indicated by the presence or absence of {@link #ALLOWS_NULL_VALUES}). From the
   * documentation for {@link Collection}:
   *
   * <blockquote>
   *
   * "Some collection implementations have restrictions on the elements that they may contain. For

    assertEquals("message", record.getMessage());
    assertSame(EXCEPTION, record.getThrown());
  }

  public void testConcurrentModification() throws Exception {
    // Tests for the absence of a bug where logging while iterating over the
    // stored log records causes a ConcurrentModificationException
    assertTrue(handler.getStoredLogRecords().isEmpty());
    ExampleClassUnderTest.foo();

  ALLOWS_NULL_QUERIES,
  ALLOWS_NULL_VALUES(ALLOWS_NULL_QUERIES),

  /**
   * Indicates that a collection disallows certain elements (other than {@code null}, whose validity
   * as an element is indicated by the presence or absence of {@link #ALLOWS_NULL_VALUES}). From the
   * documentation for {@link Collection}:
   *
   * <blockquote>
   *
   * "Some collection implementations have restrictions on the elements that they may contain. For

import org.codehaus.plexus.interpolation.InterpolationException;
import org.codehaus.plexus.util.StringUtils;

/**
 * Determines profile activation based on the existence/absence of some file.
 * File name interpolation support is limited to <code>${project.basedir}</code>
 * system properties and user properties.
 *
 * @see ActivationFile

     IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION,
     WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR
     PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS,
     ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT
     KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT
     ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU.

  }

  /** Equivalent to {@code add(-1)}. */
  public void decrement() {
    add(-1L);
  }

  /**
   * Returns the current sum. The returned value is NOT an atomic snapshot; invocation in
   * the absence of concurrent updates returns an accurate result, but concurrent updates that occur
   * while the sum is being calculated might not be incorporated.
   *
   * @return the sum
   */
  @Override
  public long sum() {

  }

  /** Equivalent to {@code add(-1)}. */
  public void decrement() {
    add(-1L);
  }

  /**
   * Returns the current sum. The returned value is NOT an atomic snapshot; invocation in
   * the absence of concurrent updates returns an accurate result, but concurrent updates that occur
   * while the sum is being calculated might not be incorporated.
   *
   * @return the sum
   */
  @Override
  public long sum() {

     * fail. Use a custom [HostnameVerifier] to ignore such problems.
     *
     * Other TLS features are still used but provide no security benefits in absence of the above
     * gaps. For example, an insecure TLS connection is capable of negotiating HTTP/2 with ALPN and
     * it also has a regular-looking handshake.
     *