Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

ABAP static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your ABAP code

Filtered: 23 rules found

sql

Impact

Clean code attribute

"LIKE" clauses should not be used without wildcards
Code Smell
"WHERE" clause conditions should not be contradictory
Bug
"JOIN" should be used instead of nested "SELECT" statements
Code Smell
"SELECT INTO TABLE" should be used
Code Smell
Open SQL "SELECT" statements should have an "ORDER BY" clause
Bug
"EXIT" and "CHECK" statements should not be used in "SELECT" loops
Code Smell
Duplications in driver tables should deleted before the tables are used
Code Smell
Empty driver tables should not be used in a "SELECT/FOR ALL ENTRIES" clause
Bug
SQL "LIKE" clauses should not start with wildcard characters
Code Smell
A SQL "SELECT" statement should not involve too many tables
Code Smell
Native SQL should not be statically embedded
Code Smell
SQL "BYPASSING BUFFER" clause should not be used
Bug
SQL aggregate functions should not be used to prevent bypassing the SAP buffer
Code Smell
To "SELECT", "INSERT" or "DELETE" several lines in databases, internal tables should be used in place of loop control structure
Code Smell
SQL "DISTINCT" operator should not be used to prevent bypassing the SAP buffering
Code Smell
Columns to be read with a "SELECT" statement should be clearly defined
Code Smell
The "LIKE" operator should be used very carefully in SQL "WHERE" condition
Code Smell
SQL "UPDATE dbtab SET ..." statements should have a "WHERE" clause
Bug
Subqueries and "JOIN" clauses should not be used
Code Smell
Having dynamic clauses for SQL "SELECT" statements is security-sensitive
Security Hotspot
Having SQL "SELECT" statements without "WHERE" conditions is security-sensitive
Security Hotspot
"DELETE FROM dbtab" statements should have a "WHERE" clause
Bug
SQL EXISTS subqueries should not be used
Code Smell

Subqueries and "JOIN" clauses should not be used

intentionality - efficient

maintainability

Code Smell

performance
sql

Why is this an issue?

JOIN bypasses the SAP table buffer. Buffered tables should be accessed with the simplest SELECT statements possible so as not to risk bypassing the buffer.

If one of the tables in a JOIN is buffered, it would be an advantage to first import the required entries using a SELECT into an internal table itab, and then for example, using the statement SELECT ... FOR ALL ENTRIES IN itab to access further tables.

Noncompliant code example

For JOIN clauses:

SELECT s~carrid s~carrname p~connid
       INTO CORRESPONDING FIELDS OF TABLE itab
       FROM scarr AS s
       LEFT OUTER JOIN spfli AS p ON s~carrid   =  p~carrid
            AND p~cityfrom = p_cityfr.

For subqueries

SELECT  carrname
  INTO  TABLE name_tab
  FROM  scarr
  WHERE EXISTS ( select  *
                   FROM  spfli
                   WHERE carrid   =  scarr~carrid AND
                         cityfrom = 'NEW YORK'        ).

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted