SONARJAVA-4698 Fix false positive in S1191 when variable is named "sun"

Rule S1191 was incorrectly reporting issues when a variable (field,
parameter, or local variable) was named "sun", even though its type
was not from the sun.* package.

The fix adds semantic type checking to verify that the expression's
type actually comes from a sun.* package before reporting an issue.
This prevents false positives while maintaining detection of real
sun.* package usage.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: benzonico

java-checks-test-sources/default/src/main/files/non-compiling/checks/SunPackagesUsedCheckSample.java

@@ -1,13 +1,15 @@
 import java.util.ArrayList;
 
 class SunPackagesUsedCheckSample {
+  private Object sun; // variable named "sun"
+
   private void f() {
     java.util.List a;
     sun.Foo b; // Noncompliant
 //  ^^^^^^^
     sun.Foo.toto.asd c; // secondary
 //  ^^^^^^^^^^^^^^^^<
-    
+
   }
 
   public Object uselessMethod() {
@@ -16,4 +18,18 @@ public Object uselessMethod() {
     }
     return null;
   }
+
+  // SONARJAVA-4698: False positive when variable is named "sun"
+  public void fooWithFieldNamedSun() {
+    sun.toString(); // Compliant - FP: "sun" is a field of type Object, not a sun.* package class
+  }
+
+  public void barWithParameterNamedSun(Object sun) {
+    sun.toString(); // Compliant - FP: "sun" is a parameter of type Object, not a sun.* package class
+  }
+
+  public void bazWithLocalVariableNamedSun() {
+    Object sun = new Object();
+    sun.toString(); // Compliant - FP: "sun" is a local variable of type Object, not a sun.* package class
+  }
 }

java-checks/src/main/java/org/sonar/java/checks/SunPackagesUsedCheck.java

@@ -66,7 +66,7 @@ private void reportIssueWithSecondaries(JavaFileScannerContext context) {
   @Override
   public void visitMemberSelectExpression(MemberSelectExpressionTree tree) {
     String reference = ExpressionsHelper.concatenate(tree);
-    if (!isExcluded(reference) && isSunClass(reference)) {
+    if (!isExcluded(reference) && isSunClass(reference) && isActuallySunPackage(tree)) {
       reportedTrees.add(tree);
     }
   }
@@ -75,6 +75,19 @@ private static boolean isSunClass(String reference) {
     return reference.startsWith("sun.");
   }
 
+  private static boolean isActuallySunPackage(MemberSelectExpressionTree tree) {
+    // Check if the expression's type actually comes from a sun.* package
+    // This prevents false positives when a variable is named "sun"
+    var type = tree.expression().symbolType();
+    if (type.isUnknown()) {
+      // If we can't determine the type, we should still check to avoid missing real issues
+      // In this case, rely on the string-based check
+      return true;
+    }
+    String fullyQualifiedName = type.fullyQualifiedName();
+    return fullyQualifiedName.startsWith("sun.");
+  }
+
   private boolean isExcluded(String reference) {
     for (String str : excludePackages) {
       if (!str.isEmpty() && reference.startsWith(str)) {