Allow to ignore failures for some signature files only about forbidden-apis HOT 3 OPEN

The latter should result in warnings but not in hard errors.

I think it should result in hard errors, always. If you know the use is justified, you'll have to add SuppressForbidden to the piece of code that uses those APIs. This is an explicit step (and you can grep your code for those annotations). Realistically, nobody looks at the log scroll...

from forbidden-apis.

The latter should result in warnings but not in hard errors.

I think it should result in hard errors, always

That is a matter of policy. The ignoreFailures property exists, so obviously it is useful for some people.

If you know the use is justified, you'll have to add SuppressForbidden to the piece of code that uses those APIs. This is an explicit step (and you can grep your code for those annotations.

That is one option but not the only one. Note that I am not talking about “forbidden APIs that can be used in exceptional cases”, which is a perfect use case for annotations, but about APIs that are not recommended (but allowed), have known pitfalls, etc, where a warning is ok but failing the build would be too much.

Realistically, nobody looks at the log scroll...

Then ignoreFailures would not exist.

In any case what I am proposing here is a way to add flexibility to an existing option, in a backwards compatible way. If someone does not want to use it, they don’t need to.

from forbidden-apis.

The ignoreFailures property exists, so obviously it is useful for some people.

Maybe - I didn't add it, Uwe did. I just expressed my opinion. :)

from forbidden-apis.