Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Filtered: 55 rules found

pitfall

Impact

Clean code attribute

Functions should not be defined with a variable number of arguments
Code Smell
Literal suffixes should be upper case
Code Smell
Class members annotated with "@VisibleForTesting" should not be accessed from production code
Code Smell
Avoid using boxed "Boolean" types directly in boolean expressions
Code Smell
"serialVersionUID" should not be declared blindly
Code Smell
Spring beans should be considered by "@ComponentScan"
Code Smell
"compareTo" should not be overloaded
Bug
"iterator" should not return "this"
Bug
Secure random number generators should not output predictable values
Vulnerability
Getters and setters should access the expected fields
Bug
Asserts should not be used to check the parameters of a public method
Code Smell
"Stream.peek" should be used with caution
Code Smell
Raw types should not be used
Code Smell
Constructor injection should be used instead of field injection
Bug
Threads should not be started in constructors
Code Smell
Conditionally executed code should be reachable
Bug
Whitespace and control characters in literals should be explicit
Code Smell
"null" should not be returned from a "Boolean" method
Code Smell
"Thread" should not be used where a "Runnable" argument is expected
Code Smell
Inner class calls to super class methods should be unambiguous
Code Smell
"private" and "final" methods that don't access instance data should be "static"
Code Smell
"ResultSet.isLast()" should not be used
Code Smell
"static" members should be accessed statically
Code Smell
Wildcard imports should not be used
Code Smell
Child class methods named for parent class methods should be overrides
Bug
Class names should not shadow interfaces or superclasses
Code Smell
Classes named like "Exception" should extend "Exception" or a subclass
Code Smell
"java.time" classes should be used for dates and times
Code Smell
Classes extending java.lang.Thread should provide a specific "run" behavior
Bug
Try-with-resources should be used
Code Smell
Comparators should be "Serializable"
Code Smell
"readResolve" methods should be inheritable
Code Smell
"Serializable" inner classes of "Serializable" classes should be static
Code Smell
"Serializable" classes should have a "serialVersionUID"
Code Smell
Boolean checks should not be inverted
Code Smell
Related "if/else if" statements should not have the same condition
Bug
"switch" statements and expressions should not be nested
Code Smell
Constructors should only call non-overridable methods
Code Smell
"NullPointerException" should not be explicitly thrown
Code Smell
Package declaration should match source file directory
Code Smell
"Collections.EMPTY_LIST", "EMPTY_MAP", and "EMPTY_SET" should not be used
Code Smell
Generic wildcard types should not be used in return types
Code Smell
Private fields only used as local variables in methods should become local variables
Code Smell
"StringBuilder" and "StringBuffer" should not be instantiated with a character
Bug
Octal values should not be used
Code Smell
"for" loop stop conditions should be invariant
Code Smell
Classes and enums with private members should have a constructor
Code Smell
Non-constructor methods should not have the same name as the enclosing class
Code Smell
Methods should not be named "tostring", "hashcode" or "equal"
Bug
Control structures should use curly braces
Code Smell
Classes from "sun.*" packages should not be used
Code Smell
Future keywords should not be used as names
Code Smell
The signature of "finalize()" should match that of "Object.finalize()"
Bug
Only static class initializers should be used
Code Smell
Local variables should not shadow class fields
Code Smell

"Stream.peek" should be used with caution

consistency - conventional

maintainability

Code Smell

java8
pitfall

Why is this an issue?

More Info

According to its JavaDocs, the intermediate Stream operation java.util.Stream.peek() “exists mainly to support debugging” purposes.

A key difference with other intermediate Stream operations is that the Stream implementation is free to skip calls to peek() for optimization purpose. This can lead to peek() being unexpectedly called only for some or none of the elements in the Stream.

As a consequence, relying on peek() without careful consideration can lead to error-prone code.

This rule raises an issue for each use of peek() to be sure that it is challenged and validated by the team to be meant for production debugging/logging purposes.

Noncompliant code example

Stream.of("one", "two", "three", "four")
         .filter(e -> e.length() > 3)
         .peek(e -> System.out.println("Filtered value: " + e)); // Noncompliant

Compliant solution

Stream.of("one", "two", "three", "four")
         .filter(e -> e.length() > 3)
         .foreach(e -> System.out.println("Filtered value: " + e));

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Available Since
9.1

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted