C-MAJOR
".equals()" should not be used to test the values of "Atomic" classes
Java
A-BUG
multi-threading
D-MINOR
Regular expression quantifiers and character classes should be used concisely
Java
C-CODE_SMELL
regex
C-MAJOR
Nullable injected fields and parameters should provide a default value
Java
A-BUG
spring
D-MINOR
Use record pattern instead of explicit field access
Java
C-CODE_SMELL
java21
C-MAJOR
Virtual threads should not run tasks that include synchronized code
Java
A-BUG
java21,multi-threading
C-MAJOR
"Math.clamp" should be used with correct ranges
Java
A-BUG
java21
C-MAJOR
"String.indexOf" should be used with correct ranges
Java
A-BUG
java21
C-MAJOR
Formatting SQL queries is security-sensitive
Java
D-SECURITY_HOTSPOT
bad-practice,cert,cwe,hibernate,spring,sql
B-CRITICAL
Secure random number generators should not output predictable values
Java
B-VULNERABILITY
cert,cwe,pitfall
B-CRITICAL
Cipher Block Chaining IVs should be unpredictable
Java
B-VULNERABILITY
cwe
B-CRITICAL
The "Object.finalize()" method should not be overridden
Java
C-CODE_SMELL
cert,unpredictable
D-MINOR
Loggers should be named for their enclosing classes
Java
C-CODE_SMELL
confusing,logging
D-MINOR
Unused local variables should be removed
Java
C-CODE_SMELL
unused
C-MAJOR
Only static class initializers should be used
Java
C-CODE_SMELL
pitfall
C-MAJOR
Reverse iteration should utilize reversed view
Java
C-CODE_SMELL
java21
C-MAJOR
Reverse view should be used instead of reverse copy in read-only cases
Java
C-CODE_SMELL
java21
C-MAJOR
Unused "private" fields should be removed
Java
C-CODE_SMELL
unused
B-CRITICAL
Encryption algorithms should be used with secure mode and padding scheme
Java
B-VULNERABILITY
cwe,privacy
C-MAJOR
Format strings should be used correctly
Java
C-CODE_SMELL
cert,confusing
B-CRITICAL
Cryptographic keys should be robust
Java
B-VULNERABILITY
cwe,privacy,rules
C-MAJOR
Exceptions should be either logged or rethrown but not both
Java
C-CODE_SMELL
error-handling,logging
C-MAJOR
"setDaemon", "setPriority" and "getThreadGroup" should not be invoked on virtual threads
Java
A-BUG
java21
C-MAJOR
Constant parameters in a "PreparedStatement" should not be set more than once
Java
C-CODE_SMELL
sql,sustainability
C-MAJOR
SQL queries should retrieve only necessary fields
Java
C-CODE_SMELL
sql,sustainability
C-MAJOR
Use batch Processing in JDBC
Java
C-CODE_SMELL
sql,sustainability
C-MAJOR
Use when instead of a single if inside a pattern match body
Java
C-CODE_SMELL
java21
B-CRITICAL
Fields in a "Serializable" class should either be transient or serializable
Java
C-CODE_SMELL
cwe,serialization
C-MAJOR
XML signatures should be validated securely
Java
B-VULNERABILITY
symbolic-execution
C-MAJOR
All branches in a conditional structure should not have exactly the same implementation
Java
A-BUG
B-CRITICAL
Passwords should not be stored in plaintext or with a fast hashing algorithm
Java
B-VULNERABILITY
cwe,spring
D-MINOR
Local variable and method parameter names should comply with a naming convention
Java
C-CODE_SMELL
convention
C-MAJOR
Proper Sensor Resource Management
Java
C-CODE_SMELL
android,leak,sustainability
C-MAJOR
Use built-in "Math.clamp" methods
Java
C-CODE_SMELL
java21
C-MAJOR
Use switch instead of if-else chain to compare a variable against multiple cases
Java
C-CODE_SMELL
java21
C-MAJOR
Exception types should not be tested using "instanceof" in catch blocks
Java
C-CODE_SMELL
cert,clumsy,error-handling
C-MAJOR
Virtual threads should be used for tasks that include heavy blocking operations
Java
A-BUG
java21,multi-threading
B-CRITICAL
String literals should not be duplicated
Java
C-CODE_SMELL
design
B-CRITICAL
Password hashing functions should use an unpredictable salt
Java
B-VULNERABILITY
cwe
C-MAJOR
Equals method should be overridden in records containing array fields
Java
A-BUG
java16
A-BLOCKER
Endpoints should not be vulnerable to reflected cross-site scripting (XSS) attacks
Java
B-VULNERABILITY
cwe
C-MAJOR
"toString()" and "clone()" methods should not return null
Java
A-BUG
cert,cwe
C-MAJOR
Boolean expressions should not be gratuitous
Java
C-CODE_SMELL
cwe,redundant,suspicious,symbolic-execution
E-INFO
Track uses of "TODO" tags
Java
C-CODE_SMELL
cwe
C-MAJOR
Similar tests should be grouped in a single Parameterized test
Java
C-CODE_SMELL
bad-practice,clumsy,tests
C-MAJOR
Track uses of "FIXME" tags
Java
C-CODE_SMELL
cwe
B-CRITICAL
Locks should be released on all paths
Java
A-BUG
cwe,multi-threading,symbolic-execution
C-MAJOR
Tests should be stable
Java
C-CODE_SMELL
design,tests,unpredictable
B-CRITICAL
Using slow regular expressions is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,regex
C-MAJOR
Conditionally executed code should be reachable
Java
A-BUG
cert,cwe,pitfall,suspicious,symbolic-execution,unused
C-MAJOR
"@Deprecated" code marked for removal should never be used
Java
C-CODE_SMELL
cert,cwe,obsolete
A-BLOCKER
A secure password should be used when connecting to a database
Java
B-VULNERABILITY
cwe
B-CRITICAL
Jump statements should not occur in "finally" blocks
Java
A-BUG
cert,cwe,error-handling
B-CRITICAL
"Random" objects should be reused
Java
A-BUG
C-MAJOR
"@Bean" methods for Singleton should not be invoked in "@Configuration" when proxyBeanMethods is false
Java
A-BUG
spring
C-MAJOR
Optional value should only be accessed after calling isPresent()
Java
A-BUG
cwe,symbolic-execution
C-MAJOR
Blocks should be synchronized on "private final" fields
Java
A-BUG
cert,cwe,multi-threading
B-CRITICAL
Cognitive Complexity of methods should not be too high
Java
C-CODE_SMELL
brain-overload
B-CRITICAL
Disabling CSRF protections is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,spring
C-MAJOR
Non-serializable objects should not be stored in "javax.servlet.http.HttpSession" instances
Java
A-BUG
cwe
C-MAJOR
The "Object.finalize()" method should not be called
Java
A-BUG
cert,cwe
C-MAJOR
Multiline blocks should be enclosed in curly braces
Java
C-CODE_SMELL
cert,cwe
D-MINOR
Delivering code in production with debug features activated is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,debug,error-handling,spring,user-experience
B-CRITICAL
"null" should not be returned from a "Boolean" method
Java
C-CODE_SMELL
cert,cwe,pitfall
B-CRITICAL
Setting JavaBean properties is security-sensitive
Java
D-SECURITY_HOTSPOT
cert,cwe
D-MINOR
Boolean literals should not be redundant
Java
C-CODE_SMELL
clumsy
C-MAJOR
Assignments should not be made from within sub-expressions
Java
C-CODE_SMELL
cert,cwe,suspicious
D-MINOR
Mutable fields should not be "public static"
Java
C-CODE_SMELL
cert,cwe,unpredictable
C-MAJOR
Beans in "@Configuration" class should have different names
Java
A-BUG
spring
C-MAJOR
"InterruptedException" and "ThreadDeath" should not be ignored
Java
A-BUG
cwe,error-handling,multi-threading
B-CRITICAL
"Object.finalize()" should remain protected (versus public) when overriding
Java
C-CODE_SMELL
cert,cwe
B-CRITICAL
JWT should be signed and verified with strong cipher algorithms
Java
B-VULNERABILITY
cwe,privacy
B-CRITICAL
Cipher algorithms should be robust
Java
B-VULNERABILITY
cwe,privacy
D-MINOR
Classes that override "clone" should be "Cloneable" and call "super.clone()"
Java
C-CODE_SMELL
cert,convention,cwe
C-MAJOR
Throwable and Error should not be caught
Java
C-CODE_SMELL
bad-practice,cert,cwe,error-handling
B-CRITICAL
A new session should be created during user authentication
Java
B-VULNERABILITY
cwe,spring
B-CRITICAL
Weak SSL/TLS protocols should not be used
Java
B-VULNERABILITY
cwe,privacy
B-CRITICAL
Using unsafe Jackson deserialization configuration is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
B-CRITICAL
Using pseudorandom number generators (PRNGs) is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
"Integer.toHexString" should not be used to build hexadecimal strings
Java
C-CODE_SMELL
cwe
D-MINOR
Creating cookies without the "HttpOnly" flag is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,privacy
C-MAJOR
Null pointers should not be dereferenced
Java
A-BUG
cert,cwe,symbolic-execution
C-MAJOR
Allowing deserialization of LDAP objects is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
"@PathVariable" annotation should be present if a path variable is used
Java
A-BUG
spring
C-MAJOR
SpEL expression should have a valid syntax
Java
A-BUG
spring
B-CRITICAL
Using non-standard cryptographic algorithms is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
B-CRITICAL
"HttpServletRequest.getRequestedSessionId()" should not be used
Java
B-VULNERABILITY
cwe
B-CRITICAL
LDAP connections should be authenticated
Java
B-VULNERABILITY
cwe
B-CRITICAL
Server hostnames should be verified during SSL/TLS connections
Java
B-VULNERABILITY
cwe,privacy,ssl
B-CRITICAL
Using weak hashing algorithms is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
D-MINOR
"@NonNull" values should not be set to null
Java
A-BUG
cert,cwe,symbolic-execution
A-BLOCKER
XML parsers should not be vulnerable to XXE attacks
Java
B-VULNERABILITY
cwe,symbolic-execution
D-MINOR
"@Deprecated" code should not be used
Java
C-CODE_SMELL
cert,cwe,obsolete
C-MAJOR
Classes should not be compared by name
Java
A-BUG
cert,cwe
C-MAJOR
Setting loose POSIX file permissions is security-sensitive
Java
D-SECURITY_HOTSPOT
cert,cwe
D-MINOR
Allowing both safe and unsafe HTTP methods is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,spring
B-CRITICAL
"HttpSecurity" URL patterns should be correctly ordered
Java
B-VULNERABILITY
spring
C-MAJOR
"@RequestMapping" methods should not be "private"
Java
C-CODE_SMELL
spring
B-CRITICAL
Zero should not be a possible denominator
Java
A-BUG
cert,cwe,denial-of-service,symbolic-execution
D-MINOR
Class variable fields should not have public accessibility
Java
C-CODE_SMELL
cwe
C-MAJOR
Strings and Boxed types should be compared using "equals()"
Java
A-BUG
cert,cwe
D-MINOR
Using hardcoded IP addresses is security-sensitive
Java
D-SECURITY_HOTSPOT
cert
D-MINOR
"public static" fields should be constant
Java
C-CODE_SMELL
cert,cwe
B-CRITICAL
Server certificates should be verified during SSL/TLS connections
Java
B-VULNERABILITY
cert,cwe,privacy,ssl
C-MAJOR
Authorizations should be based on strong decisions
Java
B-VULNERABILITY
cwe
D-MINOR
"equals(Object obj)" and "hashCode()" should be overridden in pairs
Java
A-BUG
cert,cwe
C-MAJOR
Allowing user enumeration is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,spring
C-MAJOR
Enabling file access for WebViews is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
C-MAJOR
Enabling JavaScript support for WebViews is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
B-CRITICAL
Expanding archive files without controlling resource consumption is security-sensitive
Java
D-SECURITY_HOTSPOT
cert,cwe
C-MAJOR
XML parsers should not be vulnerable to Denial of Service attacks
Java
B-VULNERABILITY
symbolic-execution
C-MAJOR
Unused assignments should be removed
Java
C-CODE_SMELL
cert,cwe,unused
D-MINOR
Exceptions should not be thrown from servlet methods
Java
B-VULNERABILITY
cert,cwe,error-handling
B-CRITICAL
"switch" statements should have "default" clauses
Java
C-CODE_SMELL
cert,cwe
C-MAJOR
Authorizing non-authenticated users to use keys in the Android KeyStore is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
A-BLOCKER
Switch cases should end with an unconditional "break" statement
Java
C-CODE_SMELL
cert,cwe,suspicious
C-MAJOR
Using unencrypted databases in mobile applications is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
C-MAJOR
Using biometric authentication without a cryptographic solution is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
Mobile database encryption keys should not be disclosed
Java
B-VULNERABILITY
android,cwe
A-BLOCKER
Hard-coded passwords are security-sensitive
Java
D-SECURITY_HOTSPOT
cert,cwe
B-CRITICAL
Using clear-text protocols is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
Using unencrypted files in mobile applications is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
C-MAJOR
Generic exceptions should never be thrown
Java
C-CODE_SMELL
cert,cwe,error-handling
D-MINOR
Math operands should be cast before assignment
Java
A-BUG
cert,cwe,overflow
C-MAJOR
Allowing requests with excessive content length is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
Methods should not have too many parameters
Java
C-CODE_SMELL
brain-overload
C-MAJOR
Standard outputs should not be used directly to log anything
Java
C-CODE_SMELL
bad-practice,cert
A-BLOCKER
Credentials should not be hard-coded
Java
B-VULNERABILITY
cwe
B-CRITICAL
Counter Mode initialization vectors should not be reused
Java
B-VULNERABILITY
cwe
A-BLOCKER
Double-checked locking should not be used
Java
A-BUG
cert,cwe,design,multi-threading,singleton
D-MINOR
Disclosing fingerprints from web application technologies is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
B-CRITICAL
Receiving intents is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
B-CRITICAL
Using publicly writable directories is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
B-CRITICAL
Insecure temporary file creation methods should not be used
Java
B-VULNERABILITY
cwe
B-CRITICAL
Accessing Android external storage is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
A-BLOCKER
Hard-coded secrets are security-sensitive
Java
D-SECURITY_HOTSPOT
cert,cwe
B-CRITICAL
Broadcasting intents is security-sensitive
Java
D-SECURITY_HOTSPOT
android,cwe
D-MINOR
Searching OS commands in PATH is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
Disabling auto-escaping in template engines is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
D-MINOR
Having a permissive Cross-Origin Resource Sharing policy is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,spring
A-BLOCKER
Resources should be closed
Java
A-BUG
cert,cwe,denial-of-service,leak,symbolic-execution
D-MINOR
Creating cookies without the "secure" flag is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe,privacy,spring
D-MINOR
Return values should not be ignored when they contain the operation status code
Java
A-BUG
cert,cwe,error-handling
C-MAJOR
Environment variables should not be defined from untrusted input
Java
B-VULNERABILITY
cwe,sans-top25-insecure
C-MAJOR
Accessing files should not lead to filesystem oracle attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
Deserialization should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
Dynamic code execution should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
Components should not be vulnerable to intent redirection
Java
B-VULNERABILITY
android
A-BLOCKER
I/O function calls should not be vulnerable to path injection attacks
Java
B-VULNERABILITY
cwe
C-MAJOR
Applications should not create session cookies from untrusted input
Java
B-VULNERABILITY
cwe
B-CRITICAL
Regular expressions should not be vulnerable to Denial of Service attacks
Java
B-VULNERABILITY
cwe,denial-of-service
A-BLOCKER
HTTP request redirections should not be open to forging attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
LDAP queries should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cert,cwe
D-MINOR
OS commands should not be vulnerable to argument injection attacks
Java
B-VULNERABILITY
cwe
C-MAJOR
XML operations should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
D-MINOR
Logging should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
OS commands should not be vulnerable to command injection attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
NoSQL operations should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
Database queries should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe,sql
B-CRITICAL
Thread suspensions should not be vulnerable to Denial of Service attacks
Java
B-VULNERABILITY
cwe,denial-of-service
C-MAJOR
JSON operations should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
C-MAJOR
Server-side requests should not be vulnerable to forging attacks
Java
B-VULNERABILITY
cwe
C-MAJOR
Constructing arguments of system commands from user input is security-sensitive
Java
D-SECURITY_HOTSPOT
cwe
C-MAJOR
Reflection should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cwe
A-BLOCKER
Extracting archives should not lead to zip slip vulnerabilities
Java
B-VULNERABILITY
cwe
A-BLOCKER
XPath expressions should not be vulnerable to injection attacks
Java
B-VULNERABILITY
cert,cwe
C-MAJOR
Field dependency injection should be avoided
Java
C-CODE_SMELL
B-CRITICAL
Try-with-resources should be used
Java
C-CODE_SMELL
cert,java8,pitfall
D-MINOR
"ActiveMQConnectionFactory" should not be vulnerable to malicious code deserialization
Java
B-VULNERABILITY
cwe
C-MAJOR
Sections of code should not be commented out
Java
C-CODE_SMELL
unused
C-MAJOR
Methods with Spring proxying annotations should be public
Java
A-BUG
spring
C-MAJOR
Methods with Spring proxy should not be called via "this"
Java
C-CODE_SMELL
E-INFO
The Singleton design pattern should be used with care
Java
C-CODE_SMELL
architecture,design
D-MINOR
"@Autowired" should be used when multiple constructors are provided
Java
C-CODE_SMELL
spring
C-MAJOR
Non-singleton Spring beans should not be injected into singleton beans
Java
C-CODE_SMELL
spring
C-MAJOR
"@Controller" should be replaced with "@RestController"
Java
C-CODE_SMELL
spring
C-MAJOR
Unused "private" methods should be removed
Java
C-CODE_SMELL
unused
D-MINOR
Bean names should adhere to the naming conventions
Java
C-CODE_SMELL
spring
C-MAJOR
"@Qualifier" should not be used on "@Bean" methods
Java
A-BUG
spring
C-MAJOR
Superfluous "@ResponseBody" annotations should be removed
Java
C-CODE_SMELL
spring
C-MAJOR
Model attributes should follow the Java identifier naming convention
Java
A-BUG
C-MAJOR
"@Autowired" should only be used on a single constructor
Java
A-BUG
spring
C-MAJOR
Two branches in a conditional structure should not have exactly the same implementation
Java
C-CODE_SMELL
design,suspicious
D-MINOR
Redundant casts should not be used
Java
C-CODE_SMELL
clumsy,redundant
C-MAJOR
Synchronization should not be done on instances of value-based classes
Java
A-BUG
cert,multi-threading
B-CRITICAL
Calls to methods should not trigger an exception
Java
A-BUG
B-CRITICAL
Accessing an array element should not trigger an ArrayIndexOutOfBoundsException
Java
A-BUG
B-CRITICAL
Unsupported methods should not be called on some collection implementations
Java
A-BUG
B-CRITICAL
Cast operations should not trigger a ClassCastException
Java
A-BUG
A-BLOCKER
Recursion should not be infinite
Java
A-BUG
suspicious
C-MAJOR
Redundant pairs of parentheses should be removed
Java
C-CODE_SMELL
confusing
C-MAJOR
"@Value" annotation should inject property or SpEL expression
Java
C-CODE_SMELL
spring
C-MAJOR
Utility classes should not have public constructors
Java
C-CODE_SMELL
design
C-MAJOR
Assertion arguments should be passed in the correct order
Java
C-CODE_SMELL
junit,suspicious,tests
C-MAJOR
Local variables should not shadow class fields
Java
C-CODE_SMELL
cert,pitfall,suspicious
D-MINOR
Empty statements should be removed
Java
C-CODE_SMELL
cert,unused
C-MAJOR
Async methods should return void or Future
Java
A-BUG
D-MINOR
Local variables should not be declared and then immediately returned or thrown
Java
C-CODE_SMELL
clumsy
C-MAJOR
Optional REST parameters should have an object type
Java
C-CODE_SMELL
D-MINOR
Unnecessary imports should be removed
Java
C-CODE_SMELL
unused
B-CRITICAL
Persistent entities should not be used as arguments of "@RequestMapping" methods
Java
B-VULNERABILITY
cwe,spring
C-MAJOR
Unused method parameters should be removed
Java
C-CODE_SMELL
cert,unused
C-MAJOR
Mergeable "if" statements should be combined
Java
C-CODE_SMELL
clumsy
E-INFO
JUnit5 test classes and methods should have default package visibility
Java
C-CODE_SMELL
junit,tests
B-CRITICAL
Methods should not be empty
Java
C-CODE_SMELL
suspicious
D-MINOR
"Collection.isEmpty()" should be used to test for emptiness
Java
C-CODE_SMELL
clumsy
C-MAJOR
A "for" loop update clause should move the counter in the right direction
Java
A-BUG
cert
D-MINOR
"switch" statements should have at least 3 "case" clauses
Java
C-CODE_SMELL
bad-practice
C-MAJOR
Raw types should not be used
Java
C-CODE_SMELL
pitfall
A-BLOCKER
XML parsers should not allow inclusion of arbitrary files
Java
B-VULNERABILITY
symbolic-execution
C-MAJOR
"for" loop stop conditions should be invariant
Java
C-CODE_SMELL
pitfall
D-MINOR
Package names should comply with a naming convention
Java
C-CODE_SMELL
convention
D-MINOR
Field names should comply with a naming convention
Java
C-CODE_SMELL
convention
B-CRITICAL
Constant names should comply with a naming convention
Java
C-CODE_SMELL
convention
C-MAJOR
OpenSAML2 should be configured to prevent authentication bypass
Java
B-VULNERABILITY
spring
D-MINOR
Nested code blocks should not be used
Java
C-CODE_SMELL
bad-practice
D-MINOR
URIs should not be hardcoded
Java
C-CODE_SMELL
android,cert
B-CRITICAL
"static" base class members should not be accessed via derived types
Java
C-CODE_SMELL
confusing
D-MINOR
Method parameters, caught exceptions and foreach variables' initial values should not be ignored
Java
A-BUG
C-MAJOR
Collections should not be modified while they are iterated
Java
A-BUG
C-MAJOR
Regexes containing characters subject to normalization should use the CANON_EQ flag
Java
C-CODE_SMELL
regex
D-MINOR
Consecutive AssertJ "assertThat" statements should be chained
Java
C-CODE_SMELL
assertj,tests
C-MAJOR
Value-based classes should not be used for locking
Java
A-BUG
java8,lock-in,multi-threading
C-MAJOR
Servlets should not have mutable instance fields
Java
A-BUG
cert,multi-threading,struts
B-CRITICAL
Regular expressions should be syntactically valid
Java
A-BUG
regex
B-CRITICAL
"default" clauses should be last
Java
C-CODE_SMELL
C-MAJOR
Regex alternatives should not be redundant
Java
A-BUG
regex
E-INFO
Deprecated code should be removed
Java
C-CODE_SMELL
obsolete
C-MAJOR
Alternatives in regular expressions should be grouped when used with anchors
Java
A-BUG
regex
C-MAJOR
Overrides should match their parent class methods in synchronization
Java
A-BUG
cert,multi-threading
D-MINOR
Exceptions in "throws" clauses should not be superfluous
Java
C-CODE_SMELL
clumsy,error-handling,redundant,unused
A-BLOCKER
Methods should not call same-class methods with incompatible "@Transactional" values
Java
A-BUG
spring
D-MINOR
Character classes should be preferred over reluctant quantifiers in regular expressions
Java
C-CODE_SMELL
regex
C-MAJOR
Reflection should not be used to check non-runtime annotations
Java
A-BUG
A-BLOCKER
Methods "wait(...)", "notify()" and "notifyAll()" should not be called on Thread instances
Java
A-BUG
multi-threading
B-CRITICAL
Whitespace and control characters in literals should be explicit
Java
C-CODE_SMELL
pitfall
C-MAJOR
"hashCode" and "toString" should not be called on array instances
Java
A-BUG
C-MAJOR
Parameters should be passed in the correct order
Java
C-CODE_SMELL
C-MAJOR
Case insensitive Unicode regular expressions should enable the "UNICODE_CASE" flag
Java
A-BUG
regex
C-MAJOR
Collections should not be passed as arguments to their own methods
Java
A-BUG
B-CRITICAL
"IllegalMonitorStateException" should not be caught
Java
C-CODE_SMELL
error-handling,multi-threading
C-MAJOR
"ResultSet.isLast()" should not be used
Java
C-CODE_SMELL
performance,pitfall,sql
C-MAJOR
"BigDecimal(double)" should not be used
Java
A-BUG
cert
C-MAJOR
Names of regular expressions named groups should be used
Java
C-CODE_SMELL
regex
C-MAJOR
"URL.hashCode" and "URL.equals" should be avoided
Java
C-CODE_SMELL
performance
D-MINOR
A "while" loop should be used instead of a "for" loop
Java
C-CODE_SMELL
clumsy
C-MAJOR
Assertions should not compare an object to itself
Java
A-BUG
tests
C-MAJOR
Try-catch blocks should not be nested
Java
C-CODE_SMELL
confusing,error-handling
C-MAJOR
Invalid "Date" values should not be used
Java
A-BUG
C-MAJOR
Character classes in regular expressions should not contain the same character twice
Java
C-CODE_SMELL
regex
C-MAJOR
Unicode Grapheme Clusters should be avoided inside regex character classes
Java
A-BUG
regex
C-MAJOR
Synchronized classes "Vector", "Hashtable", "Stack" and "StringBuffer" should not be used
Java
C-CODE_SMELL
performance
C-MAJOR
"writeObject" argument must implement "Serializable"
Java
A-BUG
serialization
C-MAJOR
AssertJ configuration should be applied
Java
A-BUG
assertj,tests
B-CRITICAL
Package declaration should match source file directory
Java
C-CODE_SMELL
pitfall
C-MAJOR
"notifyAll()" should be preferred over "notify()"
Java
A-BUG
cert,multi-threading
C-MAJOR
Return values from functions without side effects should not be ignored
Java
A-BUG
cert
C-MAJOR
AssertJ methods setting the assertion context should come before an assertion
Java
A-BUG
assertj,tests
D-MINOR
"Collections.EMPTY_LIST", "EMPTY_MAP", and "EMPTY_SET" should not be used
Java
C-CODE_SMELL
obsolete,pitfall
C-MAJOR
Synchronizing on a "Lock" object should be avoided
Java
C-CODE_SMELL
cert,clumsy,multi-threading
D-MINOR
"compareTo" results should not be checked for specific values
Java
A-BUG
unpredictable
C-MAJOR
Classes with only "static" methods should not be instantiated
Java
C-CODE_SMELL
clumsy
C-MAJOR
"static" members should be accessed statically
Java
C-CODE_SMELL
pitfall
C-MAJOR
Labels should not be used
Java
C-CODE_SMELL
confusing
D-MINOR
Chained AssertJ assertions should be simplified to the corresponding dedicated assertion
Java
C-CODE_SMELL
assertj,tests
A-BLOCKER
Files opened in append mode should not be used with "ObjectOutputStream"
Java
A-BUG
serialization,symbolic-execution
C-MAJOR
Unused type parameters should be removed
Java
C-CODE_SMELL
unused
C-MAJOR
AssertJ "assertThatThrownBy" should not be used alone
Java
C-CODE_SMELL
assertj,tests
C-MAJOR
"switch" statements should not have too many "case" clauses
Java
C-CODE_SMELL
brain-overload
D-MINOR
Return of boolean expressions should not be wrapped into an "if-then-else" statement
Java
C-CODE_SMELL
clumsy
C-MAJOR
Regular expressions should not be too complicated
Java
C-CODE_SMELL
regex
A-BLOCKER
Tests should include assertions
Java
C-CODE_SMELL
junit,tests
D-MINOR
Repeated patterns in regular expressions should not match the empty string
Java
A-BUG
regex
B-CRITICAL
Assertions comparing incompatible types should not be made
Java
A-BUG
tests
B-CRITICAL
String offset-based methods should be preferred for finding substrings from offsets
Java
C-CODE_SMELL
performance
B-CRITICAL
Instance methods should not write to "static" fields
Java
C-CODE_SMELL
multi-threading
D-MINOR
Modifiers should be declared in the correct order
Java
C-CODE_SMELL
convention
C-MAJOR
Deprecated elements should have both the annotation and the Javadoc tag
Java
C-CODE_SMELL
bad-practice,obsolete
C-MAJOR
Assertions should not be used in production code
Java
A-BUG
A-BLOCKER
"PreparedStatement" and "ResultSet" methods should be called with valid indices
Java
A-BUG
sql
D-MINOR
AssertJ assertions "allMatch" and "doesNotContains" should also test for emptiness
Java
A-BUG
assertj,tests
B-CRITICAL
"indexOf" checks should not be for positive numbers
Java
C-CODE_SMELL
suspicious
C-MAJOR
Test methods should not contain too many assertions
Java
C-CODE_SMELL
tests
C-MAJOR
Tests method should not be annotated with competing annotations
Java
A-BUG
tests
B-CRITICAL
Empty lines should not be tested with regex MULTILINE flag
Java
C-CODE_SMELL
regex
B-CRITICAL
Factory method injection should be used in "@Configuration" classes
Java
C-CODE_SMELL
performance,spring
B-CRITICAL
Mocking all non-private methods of a class should be avoided
Java
C-CODE_SMELL
mockito,tests
C-MAJOR
InputSteam.read() implementation should not return a signed byte
Java
A-BUG
D-MINOR
Exception testing via JUnit @Test annotation should be avoided
Java
C-CODE_SMELL
junit,tests
C-MAJOR
Ternary operators should not be nested
Java
C-CODE_SMELL
confusing
C-MAJOR
Exception testing via JUnit ExpectedException rule should not be mixed with other assertions
Java
C-CODE_SMELL
junit,tests
C-MAJOR
'List.remove()' should not be used in ascending 'for' loops
Java
C-CODE_SMELL
B-CRITICAL
Assertion methods should not be used within the try block of a try-catch catching an Error
Java
A-BUG
junit,tests
C-MAJOR
Inner class calls to super class methods should be unambiguous
Java
C-CODE_SMELL
pitfall
C-MAJOR
Only one method invocation is expected when testing runtime exceptions
Java
C-CODE_SMELL
junit,tests
D-MINOR
Double Brace Initialization should not be used
Java
A-BUG
leak
D-MINOR
Catches should be combined
Java
C-CODE_SMELL
clumsy
A-BLOCKER
Child class fields should not shadow parent class fields
Java
C-CODE_SMELL
confusing
B-CRITICAL
The signature of "finalize()" should match that of "Object.finalize()"
Java
A-BUG
pitfall
D-MINOR
Avoid using boxed "Boolean" types directly in boolean expressions
Java
C-CODE_SMELL
pitfall
D-MINOR
Null checks should not be used with "instanceof"
Java
C-CODE_SMELL
redundant
C-MAJOR
Nullness of parameters should be guaranteed
Java
C-CODE_SMELL
symbolic-execution
D-MINOR
Methods of "Random" that return floating point values should not be used in random integer generation
Java
C-CODE_SMELL
clumsy,performance
D-MINOR
"@CheckForNull" or "@Nullable" should not be used on primitive types
Java
C-CODE_SMELL
D-MINOR
Public constants and fields initialized at declaration should be "static final" rather than merely "final"
Java
C-CODE_SMELL
convention
C-MAJOR
Silly equality checks should not be made
Java
A-BUG
cert,unused
C-MAJOR
Vararg method arguments should not be confusing
Java
C-CODE_SMELL
B-CRITICAL
"Cloneables" should implement "clone"
Java
C-CODE_SMELL
api-design,convention
A-BLOCKER
"wait(...)" should be used instead of "Thread.sleep(...)" when a lock is held
Java
A-BUG
cert,multi-threading,performance
D-MINOR
Simple string literal should be used for single line strings
Java
C-CODE_SMELL
java14
B-CRITICAL
Only one method invocation is expected when testing checked exceptions
Java
A-BUG
junit,tests
B-CRITICAL
"Object.wait(...)" and "Condition.await(...)" should be called inside a "while" loop
Java
C-CODE_SMELL
cert,multi-threading
C-MAJOR
Unused labels should be removed
Java
C-CODE_SMELL
cert,unused
D-MINOR
Escape sequences should not be used in text blocks
Java
C-CODE_SMELL
java14
D-MINOR
Unnecessary boxing and unboxing should be avoided
Java
A-BUG
clumsy
C-MAJOR
JUnit assertTrue/assertFalse should be simplified to the corresponding dedicated assertion
Java
C-CODE_SMELL
junit,tests
C-MAJOR
Whitespace for text block indent should be consistent
Java
C-CODE_SMELL
java14
A-BLOCKER
Printf-style format strings should not lead to unexpected behavior at runtime
Java
A-BUG
cert
C-MAJOR
Dissimilar primitive wrappers should not be used with the ternary operator without explicit casting
Java
A-BUG
D-MINOR
Overriding methods should do more than simply call the same method in the super class
Java
C-CODE_SMELL
clumsy,redundant
B-CRITICAL
"equals" method parameters should not be marked "@Nonnull"
Java
C-CODE_SMELL
D-MINOR
Static non-final field names should comply with a naming convention
Java
C-CODE_SMELL
convention
B-CRITICAL
"runFinalizersOnExit" should not be called
Java
A-BUG
cert
D-MINOR
"Iterator.next()" methods should throw "NoSuchElementException"
Java
A-BUG
error-handling,unpredictable
C-MAJOR
"Object.wait()", "Object.notify()" and "Object.notifyAll()" should only be called from synchronized code
Java
A-BUG
multi-threading
B-CRITICAL
Classes should not access their own subclasses during class initialization
Java
A-BUG
cert
D-MINOR
Primitive wrappers should not be instantiated only for "toString" or "compareTo" calls
Java
C-CODE_SMELL
clumsy,performance
C-MAJOR
"Double.longBitsToDouble" should take "long" as argument
Java
A-BUG
B-CRITICAL
Regex boundaries should not be used in a way that can never be matched
Java
A-BUG
regex
D-MINOR
Case insensitive string comparisons should be made without intermediate upper or lower casing
Java
C-CODE_SMELL
clumsy,performance
D-MINOR
Test classes should comply with a naming convention
Java
C-CODE_SMELL
convention,tests
C-MAJOR
Regular expressions should not overflow the stack
Java
A-BUG
regex
B-CRITICAL
"ScheduledThreadPoolExecutor" should not have 0 core threads
Java
A-BUG
C-MAJOR
Constructors of an "abstract" class should not be declared "public"
Java
C-CODE_SMELL
design
C-MAJOR
Values should not be uselessly incremented
Java
A-BUG
unused
D-MINOR
"String.valueOf()" should not be appended to a "String"
Java
C-CODE_SMELL
clumsy
C-MAJOR
String operations with predictable outcomes should be avoided
Java
A-BUG
clumsy
B-CRITICAL
Regex patterns following a possessive quantifier should not always fail
Java
A-BUG
regex
C-MAJOR
Constructors should not be used to instantiate "String", "BigInteger", "BigDecimal" and primitive-wrapper classes
Java
C-CODE_SMELL
performance
C-MAJOR
"Enumeration" should not be implemented
Java
C-CODE_SMELL
obsolete
C-MAJOR
Empty arrays and collections should be returned instead of null
Java
C-CODE_SMELL
cert
C-MAJOR
Expressions used in "assert" should not produce side effects
Java
A-BUG
cert
C-MAJOR
Objects should not be created only to invoke "getClass"
Java
C-CODE_SMELL
performance
C-MAJOR
Classes extending java.lang.Thread should provide a specific "run" behavior
Java
A-BUG
multi-threading,pitfall
D-MINOR
Exception classes should have final fields
Java
C-CODE_SMELL
error-handling
C-MAJOR
Loop conditions should be true at least once
Java
A-BUG
B-CRITICAL
Exceptions should not be thrown in finally blocks
Java
C-CODE_SMELL
cert,error-handling,suspicious
D-MINOR
Parsing should be used to convert "Strings" to primitives
Java
C-CODE_SMELL
performance
C-MAJOR
"@Override" should be used on overriding and implementing methods
Java
C-CODE_SMELL
bad-practice
C-MAJOR
"entrySet()" should be iterated when both the key and value are needed
Java
C-CODE_SMELL
performance
C-MAJOR
"Preconditions" and logging arguments should not require evaluation
Java
C-CODE_SMELL
performance
C-MAJOR
Intermediate Stream methods should not be left unused
Java
A-BUG
java8,symbolic-execution
D-MINOR
"read(byte[],int,int)" should be overridden
Java
C-CODE_SMELL
performance
C-MAJOR
Consumed Stream pipelines should not be reused
Java
A-BUG
java8,symbolic-execution
D-MINOR
Multiple variables should not be declared on the same line
Java
C-CODE_SMELL
cert,convention
C-MAJOR
Variables should not be self-assigned
Java
A-BUG
cert
C-MAJOR
"Class.forName()" should not load JDBC 4.0+ drivers
Java
C-CODE_SMELL
obsolete
B-CRITICAL
Method overrides should not change contracts
Java
C-CODE_SMELL
suspicious
C-MAJOR
Inappropriate regular expressions should not be used
Java
A-BUG
C-MAJOR
Non-existent operators like "=+" should not be used
Java
A-BUG
B-CRITICAL
"for" loop increment clauses should modify the loops' counters
Java
C-CODE_SMELL
confusing
C-MAJOR
Loops with at most one iteration should be refactored
Java
A-BUG
D-MINOR
Strings should not be concatenated using '+' in a loop
Java
C-CODE_SMELL
performance
C-MAJOR
Identical expressions should not be used on both sides of a binary operator
Java
A-BUG
cert
D-MINOR
Maps with keys that are enum values should use the EnumMap implementation
Java
C-CODE_SMELL
performance
A-BLOCKER
Assertions should be complete
Java
C-CODE_SMELL
assertj,mockito,tests
D-MINOR
"catch" clauses should do more than rethrow
Java
C-CODE_SMELL
clumsy,error-handling,finding,unused
C-MAJOR
"Map.get" and value test should be replaced with single method call
Java
C-CODE_SMELL
java8,symbolic-execution
A-BLOCKER
"clone" should not be overridden
Java
C-CODE_SMELL
suspicious
C-MAJOR
JUnit5 test classes and methods should not be silently ignored
Java
A-BUG
junit,tests
D-MINOR
Nested "enum"s should not be declared static
Java
C-CODE_SMELL
redundant
B-CRITICAL
Interfaces should not solely consist of constants
Java
C-CODE_SMELL
bad-practice
A-BLOCKER
"@SpringBootApplication" and "@ComponentScan" should not be used in the default package
Java
A-BUG
spring
C-MAJOR
"Arrays.stream" should be used for primitive arrays
Java
C-CODE_SMELL
performance
A-BLOCKER
"@Controller" classes that use "@SessionAttributes" must call "setComplete" on their "SessionStatus" objects
Java
A-BUG
spring
B-CRITICAL
Generic wildcard types should not be used in return types
Java
C-CODE_SMELL
pitfall
D-MINOR
"equals(Object obj)" should be overridden along with the "compareTo(T obj)" method
Java
C-CODE_SMELL
D-MINOR
Private fields only used as local variables in methods should become local variables
Java
C-CODE_SMELL
pitfall
A-BLOCKER
"switch" statements should not contain non-case labels
Java
C-CODE_SMELL
suspicious
A-BLOCKER
Methods returns should not be invariant
Java
C-CODE_SMELL
symbolic-execution
C-MAJOR
"Thread.run()" should not be called directly
Java
A-BUG
cert,cwe,multi-threading
C-MAJOR
"null" should not be used with "Optional"
Java
A-BUG
java8
D-MINOR
The upper bound of type variables and wildcards should not be "final"
Java
C-CODE_SMELL
B-CRITICAL
Execution of the Garbage Collector should be triggered only by the JVM
Java
C-CODE_SMELL
bad-practice,unpredictable
D-MINOR
Arrays should not be created for varargs parameters
Java
C-CODE_SMELL
clumsy
D-MINOR
"Math.abs" and negation should not be used on numbers that could be "MIN_VALUE"
Java
A-BUG
suspicious
C-MAJOR
"read" and "readLine" return values should be used
Java
A-BUG
C-MAJOR
Non-constructor methods should not have the same name as the enclosing class
Java
C-CODE_SMELL
pitfall
D-MINOR
The value returned from a stream read should be checked
Java
A-BUG
cert
D-MINOR
Methods should not return constants
Java
C-CODE_SMELL
confusing
C-MAJOR
"readObject" should not be "synchronized"
Java
C-CODE_SMELL
confusing
B-CRITICAL
Derived exceptions should not hide their parents' catch blocks
Java
C-CODE_SMELL
C-MAJOR
Methods should not be named "tostring", "hashcode" or "equal"
Java
A-BUG
pitfall
D-MINOR
The default unnamed package should not be used
Java
C-CODE_SMELL
convention
C-MAJOR
"Thread" should not be used where a "Runnable" argument is expected
Java
C-CODE_SMELL
multi-threading,pitfall
D-MINOR
Type parameters should not shadow other type parameters
Java
C-CODE_SMELL
C-MAJOR
Java features should be preferred to Guava
Java
C-CODE_SMELL
java8,java9
B-CRITICAL
Methods setUp() and tearDown() should be correctly annotated starting with JUnit4
Java
C-CODE_SMELL
junit,tests
A-BLOCKER
Unnecessary bit operations should not be performed
Java
C-CODE_SMELL
suspicious
C-MAJOR
Non-thread-safe fields should not be static
Java
A-BUG
multi-threading
C-MAJOR
Getters and setters should be synchronized in pairs
Java
A-BUG
cert,multi-threading
B-CRITICAL
Conditionals should start on new lines
Java
C-CODE_SMELL
suspicious
B-CRITICAL
A conditionally executed single line should be denoted by indentation
Java
C-CODE_SMELL
confusing,suspicious
C-MAJOR
Unary prefix operators should not be repeated
Java
A-BUG
C-MAJOR
DateTimeFormatters should not use mismatched year and week numbers
Java
A-BUG
D-MINOR
Declarations should use Java collection interfaces such as "List" rather than specific implementation classes such as "LinkedList"
Java
C-CODE_SMELL
bad-practice
C-MAJOR
"StringBuilder" and "StringBuffer" should not be instantiated with a character
Java
A-BUG
pitfall
C-MAJOR
Unused "private" classes should be removed
Java
C-CODE_SMELL
unused
C-MAJOR
"Stream.peek" should be used with caution
Java
C-CODE_SMELL
java8,pitfall
C-MAJOR
Week Year ("YYYY") should not be used for date formatting
Java
A-BUG
suspicious
C-MAJOR
"equals" method overrides should accept "Object" parameters
Java
A-BUG
suspicious
C-MAJOR
Exceptions should not be created without being thrown
Java
A-BUG
error-handling
C-MAJOR
Collection sizes and array length comparisons should make sense
Java
A-BUG
D-MINOR
An iteration on a Collection should be performed on the type handled by the Collection
Java
C-CODE_SMELL
bad-practice,clumsy
D-MINOR
"StandardCharsets" constants should be preferred
Java
C-CODE_SMELL
clumsy,java7
B-CRITICAL
Class members annotated with "@VisibleForTesting" should not be accessed from production code
Java
C-CODE_SMELL
pitfall
D-MINOR
Jump statements should not be redundant
Java
C-CODE_SMELL
clumsy,redundant
D-MINOR
"close()" calls should not be redundant
Java
C-CODE_SMELL
redundant
D-MINOR
AWS region should not be set with a hardcoded String
Java
C-CODE_SMELL
aws
D-MINOR
Boolean checks should not be inverted
Java
C-CODE_SMELL
pitfall
C-MAJOR
A field should not duplicate the name of its containing class
Java
C-CODE_SMELL
brain-overload
C-MAJOR
Superfluous curly brace quantifiers should be avoided
Java
C-CODE_SMELL
regex
C-MAJOR
Non-capturing groups without quantifier should not be used
Java
C-CODE_SMELL
regex
C-MAJOR
Single-character alternations in regular expressions should be replaced with character classes
Java
C-CODE_SMELL
regex
C-MAJOR
Character classes in regular expressions should not contain only one character
Java
C-CODE_SMELL
regex
D-MINOR
Lambdas should not invoke other lambdas synchronously
Java
C-CODE_SMELL
aws
C-MAJOR
String multiline concatenation should be replaced with Text Blocks
Java
C-CODE_SMELL
java15
D-MINOR
"ThreadLocal.withInitial" should be preferred
Java
C-CODE_SMELL
java8
C-MAJOR
Credentials Provider should be set explicitly when creating a new "AwsClient"
Java
C-CODE_SMELL
aws,startup-time
C-MAJOR
Region should be set explicitly when creating a new "AwsClient"
Java
C-CODE_SMELL
aws,startup-time
B-CRITICAL
Regex lookahead assertions should not be contradictory
Java
A-BUG
regex
D-MINOR
Consumer Builders should be used
Java
C-CODE_SMELL
aws
C-MAJOR
Hash-based collections with known capacity should be initialized with the proper related static method.
Java
C-CODE_SMELL
performance
B-CRITICAL
Back references in regular expressions should only refer to capturing groups that are matched before the reference
Java
A-BUG
regex
C-MAJOR
Reusable resources should be initialized at construction time of Lambda functions
Java
C-CODE_SMELL
aws
C-MAJOR
Reluctant quantifiers in regular expressions should be followed by an expression that can't match the empty string
Java
C-CODE_SMELL
regex
C-MAJOR
"ThreadLocal" variables should be cleaned up when no longer used
Java
A-BUG
leak,performance
D-MINOR
"toString()" should never be called on a String object
Java
C-CODE_SMELL
clumsy,finding
D-MINOR
Lambdas should be replaced with method references
Java
C-CODE_SMELL
java8
D-MINOR
Parentheses should be removed from a single lambda parameter when its type is inferred
Java
C-CODE_SMELL
java8
D-MINOR
Call to Mockito method "verify", "when" or "given" should be simplified
Java
C-CODE_SMELL
clumsy,mockito,tests
C-MAJOR
Related "if/else if" statements should not have the same condition
Java
A-BUG
cert,pitfall,unused
C-MAJOR
"DateUtils.truncate" from Apache Commons Lang library should not be used
Java
C-CODE_SMELL
java8,performance
C-MAJOR
The regex escape sequence \cX should only be used with characters in the @-_ range
Java
A-BUG
regex
D-MINOR
JUnit rules should be used
Java
C-CODE_SMELL
junit,tests,unused
C-MAJOR
"Thread.sleep" should not be used in tests
Java
C-CODE_SMELL
bad-practice,tests
D-MINOR
Annotation repetitions should not be wrapped
Java
C-CODE_SMELL
java8
C-MAJOR
JUnit4 @Ignored and JUnit5 @Disabled annotations should be used to disable tests and should provide a rationale
Java
C-CODE_SMELL
bad-practice,confusing,junit,suspicious,tests
C-MAJOR
"Iterator.hasNext()" should not call "Iterator.next()"
Java
A-BUG
C-MAJOR
Anonymous inner classes containing only one method should become lambdas
Java
C-CODE_SMELL
java8
A-BLOCKER
Methods and field names should not be the same or differ only by capitalization
Java
C-CODE_SMELL
confusing
C-MAJOR
"Object.wait" should not be called on objects that implement "java.util.concurrent.locks.Condition"
Java
C-CODE_SMELL
suspicious
D-MINOR
Lambdas containing only one statement should not nest this statement in a block
Java
C-CODE_SMELL
java8
D-MINOR
Loops should not contain more than a single "break" or "continue" statement
Java
C-CODE_SMELL
brain-overload
C-MAJOR
Indexes to passed to "String" operations should be within the string's bounds
Java
A-BUG
D-MINOR
Abstract methods should not be redundant
Java
C-CODE_SMELL
confusing
A-BLOCKER
JUnit test cases should call super methods
Java
C-CODE_SMELL
junit,tests
C-MAJOR
Inheritance tree of classes should not be too deep
Java
C-CODE_SMELL
design
D-MINOR
"private" methods called only by inner classes should be moved to those classes
Java
C-CODE_SMELL
confusing
A-BLOCKER
Loops should not be infinite
Java
A-BUG
cert,symbolic-execution
B-CRITICAL
JUnit assertions should not be used in "run" methods
Java
C-CODE_SMELL
junit,tests
D-MINOR
Fields in non-serializable classes should not be "transient"
Java
C-CODE_SMELL
serialization,unused
D-MINOR
Composed "@RequestMapping" variants should be preferred
Java
C-CODE_SMELL
spring
A-BLOCKER
TestCases should contain tests
Java
C-CODE_SMELL
confusing,junit,tests,unused
C-MAJOR
Raw byte values should not be used in bitwise operations in combination with shifts
Java
A-BUG
cert
D-MINOR
"Serializable" inner classes of non-serializable outer classes should be "static"
Java
A-BUG
cert,serialization
C-MAJOR
Do not perform unnecessary mathematical operations
Java
C-CODE_SMELL
clumsy
C-MAJOR
Custom serialization methods should have required signatures
Java
A-BUG
cert
E-INFO
Methods should not perform too many tasks (aka Brain method)
Java
C-CODE_SMELL
architecture,design
D-MINOR
Ints and longs should not be shifted by zero or more than their number of bits-1
Java
A-BUG
B-CRITICAL
"readResolve" methods should be inheritable
Java
C-CODE_SMELL
pitfall
C-MAJOR
"Externalizable" classes should have no-arguments constructors
Java
A-BUG
C-MAJOR
Nested blocks of code should not be left empty
Java
C-CODE_SMELL
suspicious
A-BLOCKER
"wait" should not be called when multiple locks are held
Java
A-BUG
deadlock,multi-threading
D-MINOR
Interface names should comply with a naming convention
Java
C-CODE_SMELL
convention
C-MAJOR
"writeObject" should not be the only "synchronized" code in a class
Java
C-CODE_SMELL
confusing
D-MINOR
Type parameter names should comply with a naming convention
Java
C-CODE_SMELL
convention
D-MINOR
"write(byte[],int,int)" should be overridden
Java
C-CODE_SMELL
performance
C-MAJOR
"iterator" should not return "this"
Java
A-BUG
pitfall
C-MAJOR
Classes named like "Exception" should extend "Exception" or a subclass
Java
C-CODE_SMELL
convention,error-handling,pitfall
A-BLOCKER
"ThreadGroup" should not be used
Java
C-CODE_SMELL
cert,design,suspicious
D-MINOR
"compareTo" should not return "Integer.MIN_VALUE"
Java
A-BUG
D-MINOR
Array designators "[]" should be on the type, not the variable
Java
C-CODE_SMELL
convention
C-MAJOR
Reflection should not be used to increase accessibility of classes, methods, or fields
Java
C-CODE_SMELL
cert
D-MINOR
Arrays and lists should not be copied using loops
Java
C-CODE_SMELL
clumsy
D-MINOR
Array designators "[]" should be located after the type in method signatures
Java
C-CODE_SMELL
convention
B-CRITICAL
JUnit5 inner test classes should be annotated with @Nested
Java
A-BUG
junit,tests
C-MAJOR
Static fields should not be updated in constructors
Java
C-CODE_SMELL
D-MINOR
Subclasses that add fields to classes that override "equals" should also override "equals"
Java
C-CODE_SMELL
suspicious
C-MAJOR
Classes from "sun.*" packages should not be used
Java
C-CODE_SMELL
lock-in,pitfall
A-BLOCKER
Future keywords should not be used as names
Java
C-CODE_SMELL
obsolete,pitfall
C-MAJOR
Child class methods named for parent class methods should be overrides
Java
A-BUG
pitfall
A-BLOCKER
Short-circuit logic should be used in boolean contexts
Java
C-CODE_SMELL
cert
D-MINOR
Class names should comply with a naming convention
Java
C-CODE_SMELL
convention
C-MAJOR
Inappropriate "Collection" calls should not be made
Java
A-BUG
cert
D-MINOR
The non-serializable super class of a "Serializable" class should have a no-argument constructor
Java
A-BUG
serialization
B-CRITICAL
Class names should not shadow interfaces or superclasses
Java
C-CODE_SMELL
pitfall
D-MINOR
Method names should comply with a naming convention
Java
C-CODE_SMELL
convention
C-MAJOR
Collection constructors should not be used as java.util.function.Function
Java
C-CODE_SMELL
E-INFO
Classes should not depend on an excessive number of classes (aka Monster Class)
Java
C-CODE_SMELL
architecture,design
D-MINOR
"Collection.toArray()" should be passed an array of the proper type
Java
A-BUG
D-MINOR
The diamond operator ("<>") should be used
Java
C-CODE_SMELL
clumsy
C-MAJOR
"compareTo" should not be overloaded
Java
A-BUG
pitfall
C-MAJOR
AssertJ assertions with "Consumer" arguments should contain assertion inside consumers
Java
A-BUG
tests
D-MINOR
Non-primitive fields should not be "volatile"
Java
A-BUG
cert,multi-threading
C-MAJOR
"volatile" variables should not be used with compound operators
Java
A-BUG
cert,multi-threading
B-CRITICAL
Map "computeIfAbsent()" and "computeIfPresent()" should not be used to add "null" values.
Java
A-BUG
C-MAJOR
Assignments should not be redundant
Java
C-CODE_SMELL
redundant,symbolic-execution
C-MAJOR
"java.nio.Files#delete" should be preferred
Java
C-CODE_SMELL
api-design,error-handling
C-MAJOR
Deprecated annotations should include explanations
Java
C-CODE_SMELL
java9
C-MAJOR
"else" statements should be clearly matched with an "if"
Java
C-CODE_SMELL
confusing
C-MAJOR
Records should be used instead of ordinary classes when representing immutable data structure
Java
C-CODE_SMELL
java16
D-MINOR
Switch arrow labels should not use redundant keywords
Java
C-CODE_SMELL
java14
C-MAJOR
Regular expressions should not contain multiple spaces
Java
C-CODE_SMELL
regex
E-INFO
Comma-separated labels should be used in Switch with colon case
Java
C-CODE_SMELL
java14
C-MAJOR
Redundant constructors/methods should be avoided in records
Java
C-CODE_SMELL
java16
C-MAJOR
Operator "instanceof" should be used instead of "A.class.isInstance()"
Java
C-CODE_SMELL
C-MAJOR
Methods should not have identical implementations
Java
C-CODE_SMELL
confusing,duplicate,suspicious
D-MINOR
Pattern Matching for "instanceof" operator should be used instead of simple "instanceof" + cast
Java
C-CODE_SMELL
java16
C-MAJOR
"Stream.toList()" method should be used instead of "collectors" when unmodifiable list needed
Java
C-CODE_SMELL
java16
D-MINOR
Text blocks should not be used in complex expressions
Java
C-CODE_SMELL
B-CRITICAL
Members ignored during record serialization should not be used
Java
A-BUG
java16
C-MAJOR
Map values should not be replaced unconditionally
Java
A-BUG
suspicious
D-MINOR
Permitted types of a sealed class should be omitted if they are declared in the same file
Java
C-CODE_SMELL
java17
C-MAJOR
Reflection should not be used to increase accessibility of records' fields
Java
A-BUG
java16
D-MINOR
'serialVersionUID' field should not be set to '0L' in records
Java
C-CODE_SMELL
java16
C-MAJOR
Restricted Identifiers should not be used as Identifiers
Java
C-CODE_SMELL
D-MINOR
Functional Interfaces should be as specialised as possible
Java
C-CODE_SMELL
performance
D-MINOR
"Stream" call chains should be simplified when possible
Java
C-CODE_SMELL
clumsy
D-MINOR
"enum" fields should not be publicly mutable
Java
C-CODE_SMELL
bad-practice
C-MAJOR
"getClass" should not be used for synchronization
Java
A-BUG
cert,multi-threading
D-MINOR
Packages containing only "package-info.java" should be removed
Java
C-CODE_SMELL
unused
C-MAJOR
Assignment of lazy-initialized members should be the last step with double-checked locking
Java
A-BUG
cert,multi-threading
C-MAJOR
Min and max used in combination should not always return the same value
Java
A-BUG
symbolic-execution
B-CRITICAL
"String#replace" should be preferred to "String#replaceAll"
Java
C-CODE_SMELL
performance,regex
D-MINOR
"equals(Object obj)" should test the argument's type
Java
A-BUG
B-CRITICAL
Getters and setters should access the expected fields
Java
A-BUG
pitfall
D-MINOR
Classes should not be empty
Java
C-CODE_SMELL
clumsy
C-MAJOR
Regular expressions should not contain empty groups
Java
C-CODE_SMELL
regex
C-MAJOR
Asserts should not be used to check the parameters of a public method
Java
C-CODE_SMELL
pitfall