SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • ShellShell
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
Java

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

  • All rules 733
  • Vulnerability60
  • Bug175
  • Security Hotspot40
  • Code Smell458

  • Quick Fix 65
Filtered: 21 rules found
java8
    Impact
      Clean code attribute
        1. Java features should be preferred to Guava

           Code Smell
        2. "ThreadLocal.withInitial" should be preferred

           Code Smell
        3. Consumed Stream pipelines should not be reused

           Bug
        4. Intermediate Stream methods should not be left unused

           Bug
        5. "Stream.peek" should be used with caution

           Code Smell
        6. "Map.get" and value test should be replaced with single method call

           Code Smell
        7. Java 8's "Files.exists" should not be used

           Code Smell
        8. Value-based objects should not be serialized

           Code Smell
        9. Value-based classes should not be used for locking

           Bug
        10. "null" should not be used with "Optional"

           Bug
        11. "DateUtils.truncate" from Apache Commons Lang library should not be used

           Code Smell
        12. Types should be used in lambdas

           Code Smell
        13. "collect" should be used with "Streams" instead of "list::add"

           Code Smell
        14. "java.time" classes should be used for dates and times

           Code Smell
        15. Try-with-resources should be used

           Code Smell
        16. Standard functional interfaces should not be redefined

           Code Smell
        17. Annotation repetitions should not be wrapped

           Code Smell
        18. Lambdas should be replaced with method references

           Code Smell
        19. Parentheses should be removed from a single lambda parameter when its type is inferred

           Code Smell
        20. Anonymous inner classes containing only one method should become lambdas

           Code Smell
        21. Lambdas containing only one statement should not nest this statement in a block

           Code Smell

        "null" should not be used with "Optional"

        intentionality - clear
        reliability
        Bug
        • java8

        Why is this an issue?

        How can I fix it?

        More Info

        Optional acts as a container object that may or may not contain a non-null value. It is introduced in Java 8 to help avoid NullPointerException. It provides methods to check if a value is present and retrieve the value if it is present.

        Optional is used instead of null values to make the code more readable and avoid potential errors.

        It is a bad practice to use null with Optional because it is unclear whether a value is present or not, leading to confusion and potential NullPointerException errors.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube Community BuildAnalyze code in your
          on-premise CI
          Available Since
          9.1
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use