Throwable.printStackTrace(...) prints a Throwable and its stack trace to some stream. By default that stream
System.Err, which could inadvertently expose sensitive information.
Loggers should be used instead to print Throwables, as they have many advantages:
This rule raises an issue when printStackTrace is used without arguments, i.e. when the stack trace is printed to the default
stream.
try {
/* ... */
} catch(Exception e) {
e.printStackTrace(); // Noncompliant
}
try {
/* ... */
} catch(Exception e) {
LOGGER.log("context", e);
}