Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
GitHub Actions
Go
HTML
Java
JavaScript
JSON
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Rust
Scala
Shell
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML
YAML

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

Filtered: 55 rules found

pitfall

Impact

Clean code attribute

Functions should not be defined with a variable number of arguments
Code Smell
Literal suffixes should be upper case
Code Smell
Class members annotated with "@VisibleForTesting" should not be accessed from production code
Code Smell
Avoid using boxed "Boolean" types directly in boolean expressions
Code Smell
"serialVersionUID" should not be declared blindly
Code Smell
Spring beans should be considered by "@ComponentScan"
Code Smell
"compareTo" should not be overloaded
Bug
"iterator" should not return "this"
Bug
Secure random number generators should not output predictable values
Vulnerability
Getters and setters should access the expected fields
Bug
Asserts should not be used to check the parameters of a public method
Code Smell
"Stream.peek" should be used with caution
Code Smell
Raw types should not be used
Code Smell
Constructor injection should be used instead of field injection
Bug
Threads should not be started in constructors
Code Smell
Conditionally executed code should be reachable
Bug
Whitespace and control characters in literals should be explicit
Code Smell
"null" should not be returned from a "Boolean" method
Code Smell
"Thread" should not be used where a "Runnable" argument is expected
Code Smell
Inner class calls to super class methods should be unambiguous
Code Smell
"private" and "final" methods that don't access instance data should be "static"
Code Smell
"ResultSet.isLast()" should not be used
Code Smell
"static" members should be accessed statically
Code Smell
Wildcard imports should not be used
Code Smell
Child class methods named for parent class methods should be overrides
Bug
Class names should not shadow interfaces or superclasses
Code Smell
Classes named like "Exception" should extend "Exception" or a subclass
Code Smell
"java.time" classes should be used for dates and times
Code Smell
Classes extending java.lang.Thread should provide a specific "run" behavior
Bug
Try-with-resources should be used
Code Smell
Comparators should be "Serializable"
Code Smell
"readResolve" methods should be inheritable
Code Smell
"Serializable" inner classes of "Serializable" classes should be static
Code Smell
"Serializable" classes should have a "serialVersionUID"
Code Smell
Boolean checks should not be inverted
Code Smell
Related "if/else if" statements should not have the same condition
Bug
"switch" statements and expressions should not be nested
Code Smell
Constructors should only call non-overridable methods
Code Smell
"NullPointerException" should not be explicitly thrown
Code Smell
Package declaration should match source file directory
Code Smell
"Collections.EMPTY_LIST", "EMPTY_MAP", and "EMPTY_SET" should not be used
Code Smell
Generic wildcard types should not be used in return types
Code Smell
Private fields only used as local variables in methods should become local variables
Code Smell
"StringBuilder" and "StringBuffer" should not be instantiated with a character
Bug
Octal values should not be used
Code Smell
"for" loop stop conditions should be invariant
Code Smell
Classes and enums with private members should have a constructor
Code Smell
Non-constructor methods should not have the same name as the enclosing class
Code Smell
Methods should not be named "tostring", "hashcode" or "equal"
Bug
Control structures should use curly braces
Code Smell
Classes from "sun.*" packages should not be used
Code Smell
Future keywords should not be used as names
Code Smell
The signature of "finalize()" should match that of "Object.finalize()"
Bug
Only static class initializers should be used
Code Smell
Local variables should not shadow class fields
Code Smell

"iterator" should not return "this"

intentionality - logical

reliability

Bug

pitfall

Why is this an issue?

How can I fix it?

More Info

An Iterable should not implement the Iterator interface or return this as an Iterator. The reason is that Iterator represents the iteration process itself, while Iterable represents the object we want to iterate over.

The Iterator instance encapsulates state information of the iteration process, such as the current and next element. Consequently, distinct iterations require distinct Iterator instances, for which Iterable provides the factory method Iterable.iterator().

This rule raises an issue when the Iterable.iterator() of a class implementing both Iterable and Iterator returns this.

What is the potential impact?

The Iterable.iterator() method returning the same Iterator instance many times would have the following effects:

For subsequent iterations, e.g., two subsequent for loops with iterators over the same object, only the first one would iterate, and the others would do nothing.
For nested iterations over the same object, the different iteration processes would affect each other because they only have a common, shared state.

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Available Since
9.1

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted