Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

C# static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C# code

Filtered: 3 rules found

sql

Impact

Clean code attribute

SQL keywords should be delimited by whitespace

intentionality - complete

reliability

Bug

Why is this an issue?

When concatenating strings, it is very easy to forget a whitespace.

In some scenarios this might cause runtime errors, one of which is while creating an SQL query via concatenation:

string select = "SELECT p.FirstName, p.LastName, p.PhoneNumber" +
        "FROM Person as p" +    // Noncompliant: concatenation results in "p.PhoneNumberFROM"
        "WHERE p.Id = @Id";     // Noncompliant: concatenation results in "pWHERE"

This rule raises an issue when the spacing around SQL keywords appears to be missing, making the concatenated string invalid SQL syntax. It would require the user to add the appropriate whitespaces:

string select = "SELECT p.FirstName, p.LastName, p.PhoneNumber" +
        " FROM Person as p" +
        " WHERE p.Id = @Id";

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Available Since
9.1

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted