Throwable.printStackTrace(...)
prints a Throwable
and its stack trace to some stream. By default that stream
System.Err
, which could inadvertently expose sensitive information.
Loggers should be used instead to print Throwable
s, as they have many advantages:
This rule raises an issue when printStackTrace
is used without arguments, i.e. when the stack trace is printed to the default
stream.
try { /* ... */ } catch(Exception e) { e.printStackTrace(); // Noncompliant }
try { /* ... */ } catch(Exception e) { LOGGER.log("context", e); }
This rule is deprecated; use {rule:java:S4507} instead.