SonarSource Rules

Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarLint
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarCloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Vulnerability57

Security Hotspot38

Filtered: 2 rules found

jee

Impact

Clean code attribute

JEE applications should not "getClassLoader"

intentionality - clear

reliability

Bug

MinorSonarSource default severity
click to learn more

Why is this an issue?

Using the standard getClassLoader() may not return the right class loader in a JEE context. Instead, go through the currentThread.

Noncompliant code example

ClassLoader cl = this.getClass().getClassLoader();  // Noncompliant

Compliant solution

ClassLoader cl = Thread.currentThread().getContextClassLoader();

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI