Hi,
I'm not quite sure this is the right place to post this, so sorry if I'm in the wrong topic.
Anyway, I'd like to suggest a new issue.
Json deserialisation using Gson can throw a JsonSyntaxException, but because this is a RuntimeException it won't give any compilation issues.
Although, since json data quite often comes from an API, it's a good practice to always check for any thrown exeptions.
Is this something that can become an issue in Sonarqube, as a Code smell or Vulnerability?
Failing code:
Gson gson = new Gson();
gson.fromJson("{\"value\": true}", MyData.class);
class MyData {
String value;
}