Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Flex static code analysis

Unique rules to find Bugs, Security Hotspots, and Code Smells in your FLEX code

Tags

Impact

Clean code attribute

"default" clauses should be first or last
Code Smell
Delivering code in production with debug features activated is security-sensitive
Security Hotspot
All branches in a conditional structure should not have exactly the same implementation
Bug
Flex parser failure
Code Smell
"MovieClip.onEnterFrame" event handler should not be used
Code Smell
Objects should not be instantiated inside a loop
Code Smell
The "trace" function should not be used
Vulnerability
Cases in a "switch" should not have the same condition
Bug
Two branches in a conditional structure should not have exactly the same implementation
Code Smell
"switch" statements should not be nested
Code Smell
Classes should not have too many fields
Code Smell
Method visibility should be explicitly declared
Bug
Cyclomatic Complexity of functions should not be too high
Code Smell
Unused local variables should be removed
Code Smell
Classes that extend "Event" should override "Event.clone()"
Bug
The element type of an array field should be specified
Code Smell
Security.allowDomain(...) should only be used in a tightly focused manner
Vulnerability
Constructors should not dispatch events
Bug
The flash.system.Security.exactSettings property should never be set to false
Vulnerability
"LocalConnection" should be configured to narrowly specify the domains with which local connections to other Flex application are allowed
Vulnerability
"ManagedEvents" tags should have companion "Event" tags
Bug
Event types should be defined in metadata tags
Code Smell
Event names should not be hardcoded in event listeners
Code Smell
Package definition should be separate from Class definition
Code Smell
Multiple "++" or "--" unary operators should not be used in a single arithmetic expression
Bug
Track lack of copyright and license headers
Code Smell
Classes should not have too many methods
Code Smell
Constructor bodies should be as lightweight as possible
Code Smell
Dynamic classes should not be used
Code Smell
Constructors should not have a "void" return type
Code Smell
"public static" fields should be constant
Code Smell
"Alert.show(...)" should not be used
Vulnerability
"===" and "!==" should be used instead of "==" and "!="
Code Smell
Only "while", "do" and "for" statements should be labelled
Code Smell
Statements should end with semicolons
Code Smell
The special "star" type should not be used
Code Smell
Variables of the "Object" type should not be used
Code Smell
Track breaches of an XPath rule
Code Smell
Functions should not have too many lines of code
Code Smell
Control flow statements "if", "for", "while" and "switch" should not be nested too deeply
Code Smell
"with" statements should not be used
Bug
Statements, operators and keywords specific to ActionScript 2 should not be used
Code Smell
Octal values should not be used
Code Smell
Loggers should be "private static const" and should share naming convention
Code Smell
Cyclomatic Complexity of classes should not be too high
Code Smell
"switch" statements should have "default" clauses
Code Smell
"switch" statements should have at least 3 "case" clauses
Code Smell
Switch cases should end with an unconditional "break" statement
Code Smell
"for" loop stop conditions should be invariant
Code Smell
Sections of code should not be commented out
Code Smell
Track comments matching a regular expression
Code Smell
Statements should be on separate lines
Code Smell
Package names should comply with a naming convention
Code Smell
Methods should not be empty
Code Smell
Overriding methods should do more than simply call the same method in the super class
Code Smell
Public classes, methods, properties and metadata should be documented with ASDoc
Code Smell
Unused function parameters should be removed
Code Smell
Public constants and fields initialized at declaration should be "const static" rather than merely "const"
Code Smell
Local variable and function parameter names should comply with a naming convention
Code Smell
Field names should comply with a naming convention
Code Smell
"switch case" clauses should not have too many lines of code
Code Smell
Constant names should comply with a naming convention
Code Smell
Useless "if(true) {...}" and "if(false){...}" blocks should be removed
Bug
Unused "private" functions should be removed
Code Smell
Functions should not contain too many return statements
Code Smell
Boolean literals should not be redundant
Code Smell
Local variables should not shadow class fields
Code Smell
Empty statements should be removed
Code Smell
Nested blocks of code should not be left empty
Code Smell
Functions should not have too many parameters
Code Smell
Unused "private" fields should be removed
Code Smell
Mergeable "if" statements should be combined
Code Smell
Lines should not be too long
Code Smell
Class names should comply with a naming convention
Code Smell
A function should have a single point of exit at the end of the function
Code Smell
Function names should comply with a naming convention
Code Smell

Functions should not have too many parameters

adaptability - focused

maintainability

Code Smell

This rule is deprecated, and will eventually be removed.

Why is this an issue?

Functions with a long parameter list are difficult to use because maintainers must figure out the role of each parameter and keep track of their position.

function setCoordinates(var x1, var y1, var z1, var x2, var y2, var z2) { // Noncompliant
    // ...
}

The solution can be to:

Split the function into smaller ones

// Each function does a part of what the original setCoordinates function was doing, so confusion risks are lower
void setOrigin(var x, var y, var z) {
   // ...
}

void setSize(var width, var height, var depth) {
   // ...
}

Find a better data structure for the parameters that group data in a way that makes sense for the specific application domain

struct Point { // In geometry, Point is a logical structure to group data
    var x;
    var y;
    var z;
};

function setCoordinates(var p1, var p2) {
    // ...
}

This rule raises an issue when a function has more parameters than the provided threshold.

Available In:

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Available Since
9.1

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted