Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

ABAP static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your ABAP code

Filtered: 18 rules found

performance

Impact

Clean code attribute

Native SQL should not be statically embedded

intentionality - clear

maintainability

Code Smell

MajorSonarSource default severity
click to learn more

Why is this an issue?

The EXEC SQL ... END-EXEC statement can be used to embed Native SQL statically in ABAP programs.

According to the SAP documentation:

Alongside ADBC, it is also possible to embed Native SQL statically between EXEC SQL and ENDEXEC in ABAP programs. The recommendation, however, is to use ADBC. While the static embedding of Native SQL offers exclusively static access to the Native SQL interface, ADBC makes modern object-orientated and dynamic access possible. New developments and improvements, such as optimized performance using bulk access across internal tables, are now made only for ADBC.

The existing static embedding of Native SQL statements is still supported but should no longer be used in new programs.

Noncompliant code example

EXEC SQL.
      CREATE TABLE abap_docu_demo_mytab (
               val1 char(10) NOT NULL,
               val2 char(10) NOT NULL,
               PRIMARY KEY (val1)      )
ENDEXEC.

Compliant solution

NEW cl_sql_statement( )->execute_ddl(
      `CREATE TABLE ` && dbname   &&
      `( val1 char(10) NOT NULL,` &&
      `  val2 char(10) NOT NULL,` &&
      `  PRIMARY KEY (val1) )` ).

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Developer
Edition

In-IDE

SaaS

Self-Hosted