Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Filtered: 35 rules found

performance

Impact

Clean code attribute

Hash-based collections with known capacity should be initialized with the proper related static method.
Code Smell
"String#replace" should be preferred to "String#replaceAll"
Code Smell
"ThreadLocal" variables should be cleaned up when no longer used
Bug
"read(byte[],int,int)" should be overridden
Code Smell
String offset-based methods should be preferred for finding substrings from offsets
Code Smell
"write(byte[],int,int)" should be overridden
Code Smell
Functional Interfaces should be as specialised as possible
Code Smell
Regex patterns should not be created needlessly
Code Smell
Collection contents should be used
Code Smell
Java 8's "Files.exists" should not be used
Code Smell
"Arrays.stream" should be used for primitive arrays
Code Smell
Factory method injection should be used in "@Configuration" classes
Code Smell
"StringBuilder" data should be used
Code Smell
Multiple loops over the same set should be combined
Code Smell
".isEmpty" should be used to test for the emptiness of StringBuffers/Builders
Code Smell
Arguments to "append" should not be concatenated
Code Smell
"entrySet()" should be iterated when both the key and value are needed
Code Smell
"DateUtils.truncate" from Apache Commons Lang library should not be used
Code Smell
Inner classes which do not reference their owning classes should be "static"
Code Smell
"Preconditions" and logging arguments should not require evaluation
Code Smell
"deleteOnExit" should not be used
Code Smell
"wait(...)" should be used instead of "Thread.sleep(...)" when a lock is held
Bug
Collection methods with O(n) performance should be used carefully
Code Smell
"ResultSet.isLast()" should not be used
Code Smell
Methods of "Random" that return floating point values should not be used in random integer generation
Code Smell
Objects should not be created only to invoke "getClass"
Code Smell
Parsing should be used to convert "Strings" to primitives
Code Smell
Constructors should not be used to instantiate "String", "BigInteger", "BigDecimal" and primitive-wrapper classes
Code Smell
"URL.hashCode" and "URL.equals" should be avoided
Code Smell
Strings should not be concatenated using '+' in a loop
Code Smell
Sets with elements that are enum values should be replaced with EnumSet
Code Smell
Maps with keys that are enum values should use the EnumMap implementation
Code Smell
Primitive wrappers should not be instantiated only for "toString" or "compareTo" calls
Code Smell
Case insensitive string comparisons should be made without intermediate upper or lower casing
Code Smell
Synchronized classes "Vector", "Hashtable", "Stack" and "StringBuffer" should not be used
Code Smell

Arguments to "append" should not be concatenated

intentionality - efficient

maintainability

Code Smell

Quick FixIDE quick fixes available with SonarQube for IDE

performance
clumsy

Why is this an issue?

More Info

The use of a StringBuilder or StringBuffer makes String assembly more efficient than plain concatenation when you perform a large number of appends. Using String concatenation within StringBuilder.append defeats the purpose of the StringBuilder. If you concatenate only a few strings, use direct String concatenation. Otherwise, replace String concatenation with calls to append.

This rule applies to String concatenations performed repeatedly, inside loops. In such scenarios, the performance penalty associated with inefficient StringBuilder.append usage can multiply significantly.

Noncompliant code example

StringBuilder sb = new StringBuilder();
for (String name : names) {
  sb.append("Hello : " + name); // Noncompliant
}

Compliant solution

StringBuilder sb = new StringBuilder();
for (String name : names) {
  sb.append("Hello : ").append(name);
}

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

In-IDE

SaaS

Self-Hosted