Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Tags

Impact

Clean code attribute

Use when instead of a single if inside a pattern match body
Code Smell
"Math.clamp" should be used with correct ranges
Bug
Use switch instead of if-else chain to compare a variable against multiple cases
Code Smell
"@Controller" should be replaced with "@RestController"
Code Smell
"@Qualifier" should not be used on "@Bean" methods
Bug
Use of the "@Async" annotation on methods declared within a "@Configuration" class in Spring Boot
Bug
Nullable injected fields and parameters should provide a default value
Bug
Hash-based collections with known capacity should be initialized with the proper related static method.
Code Smell
Permitted types of a sealed class should be omitted if they are declared in the same file
Code Smell
Chained AssertJ assertions should be simplified to the corresponding dedicated assertion
Code Smell
JUnit5 test classes and methods should not be silently ignored
Bug
JUnit5 test classes and methods should have default package visibility
Code Smell
Avoid using boxed "Boolean" types directly in boolean expressions
Code Smell
"ThreadLocal" variables should be cleaned up when no longer used
Bug
Strings and Boxed types should be compared using "equals()"
Bug
"StandardCharsets" constants should be preferred
Code Smell
"@CheckForNull" or "@Nullable" should not be used on primitive types
Code Smell
"equals" method parameters should not be marked "@Nonnull"
Code Smell
Week Year ("YYYY") should not be used for date formatting
Bug
Exceptions should not be created without being thrown
Bug
Assertion arguments should be passed in the correct order
Code Smell
"static" base class members should not be accessed via derived types
Code Smell
".isEmpty" should be used to test for the emptiness of StringBuffers/Builders
Code Smell
Arguments to "append" should not be concatenated
Code Smell
"Collection.toArray()" should be passed an array of the proper type
Bug
"notifyAll()" should be preferred over "notify()"
Bug
"private" and "final" methods that don't access instance data should be "static"
Code Smell
The diamond operator ("<>") should be used
Code Smell
"toString()" and "clone()" methods should not return null
Bug
"static" members should be accessed statically
Code Smell
"compareTo" results should not be checked for specific values
Bug
Unnecessary boxing and unboxing should be avoided
Bug
Catches should be combined
Code Smell
Constructors should not be used to instantiate "String", "BigInteger", "BigDecimal" and primitive-wrapper classes
Code Smell
"hashCode" and "toString" should not be called on array instances
Bug
"BigDecimal(double)" should not be used
Bug
Redundant casts should not be used
Code Smell
"toString()" should never be called on a String object
Code Smell
Multiple variables should not be declared on the same line
Code Smell
Variables should not be self-assigned
Bug
Lambdas should be replaced with method references
Code Smell
Local variables should not be declared and then immediately returned or thrown
Code Smell
Unused local variables should be removed
Code Smell
Private fields only used as local variables in methods should become local variables
Code Smell
Declarations should use Java collection interfaces such as "List" rather than specific implementation classes such as "LinkedList"
Code Smell
"Thread.run()" should not be called directly
Bug
Array designators "[]" should be on the type, not the variable
Code Smell
Array designators "[]" should be located after the type in method signatures
Code Smell
Methods should not be empty
Code Smell
Unused method parameters should be removed
Code Smell
Empty arrays and collections should be returned instead of null
Code Smell
"@Override" should be used on overriding and implementing methods
Code Smell
Primitive wrappers should not be instantiated only for "toString" or "compareTo" calls
Code Smell
"Collection.isEmpty()" should be used to test for emptiness
Code Smell
"String.valueOf()" should not be appended to a "String"
Code Smell
Unused "private" methods should be removed
Code Smell
Strings literals should be placed on the left side when checking for equality
Code Smell
Exceptions in "throws" clauses should not be superfluous
Code Smell
Unnecessary imports should be removed
Code Smell
Boolean literals should not be redundant
Code Smell
Modifiers should be declared in the correct order
Code Smell
Empty statements should be removed
Code Smell
Close curly brace and the next "else", "catch" and "finally" keywords should be located on the same line
Code Smell
Unused "private" fields should be removed
Code Smell
Mergeable "if" statements should be combined
Code Smell

Avoid using boxed "Boolean" types directly in boolean expressions

intentionality - complete

maintainability

Code Smell

Quick FixIDE quick fixes available with SonarQube for IDE

pitfall

Why is this an issue?

More Info

When boxed type java.lang.Boolean is used as an expression to determine the control flow (as described in Java Language Specification §4.2.5 The boolean Type and boolean Values) it will throw a NullPointerException if the value is null (as defined in Java Language Specification §5.1.8 Unboxing Conversion).

It is safer to avoid such conversion altogether and handle the null value explicitly.

Note, however, that no issues will be raised for Booleans that have already been null-checked or are marked @NonNull/@NotNull.

Noncompliant code example

Boolean b = getBoolean();
if (b) {  // Noncompliant, it will throw NPE when b == null
  foo();
} else {
  bar();
}

Compliant solution

Boolean b = getBoolean();
if (Boolean.TRUE.equals(b)) {
  foo();
} else {
  bar();  // will be invoked for both b == false and b == null
}


Boolean b = getBoolean();
if(b != null){
  String test = b ? "test" : "";
}

Exceptions

The issue is not raised if the expression is annotated @NonNull / @NotNull. This is useful if a boxed type is an instantiation of a generic type parameter and cannot be avoided.

List<Boolean> list = new ArrayList<>();
list.add(true);
list.add(false);
list.forEach((@NonNull Boolean value) -> {
  // Compliant
  if(value) {
    System.out.println("yes");
  }
});

@NonNull Boolean someMethod() { /* ... */ }

// Compliant
if(someMethod()) { /* ... */ }

@NonNull Boolean boxedNonNull = Boolean.TRUE;

// Compliant
if(boxedNonNull) { /* ... */ }

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Available Since
9.1

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted