SonarSource Rules
  • Products

    In-IDE

    Code Quality and Security in your IDE with SonarQube Ide

    IDE extension that lets you fix coding issues before they exist!

    Discover SonarQube for IDE

    SaaS

    Code Quality and Security in the cloud with SonarQube Cloud

    Setup is effortless and analysis is automatic for most languages

    Discover SonarQube Cloud

    Self-Hosted

    Code Quality and Security Self-Hosted with SonarQube Server

    Fast, accurate analysis; enterprise scalability

    Discover SonarQube Server
  • SecretsSecrets
  • ABAPABAP
  • AnsibleAnsible
  • ApexApex
  • AzureResourceManagerAzureResourceManager
  • CC
  • C#C#
  • C++C++
  • CloudFormationCloudFormation
  • COBOLCOBOL
  • CSSCSS
  • DartDart
  • DockerDocker
  • FlexFlex
  • GitHub ActionsGitHub Actions
  • GoGo
  • HTMLHTML
  • JavaJava
  • JavaScriptJavaScript
  • JSONJSON
  • JCLJCL
  • KotlinKotlin
  • KubernetesKubernetes
  • Objective CObjective C
  • PHPPHP
  • PL/IPL/I
  • PL/SQLPL/SQL
  • PythonPython
  • RPGRPG
  • RubyRuby
  • RustRust
  • ScalaScala
  • ShellShell
  • SwiftSwift
  • TerraformTerraform
  • TextText
  • TypeScriptTypeScript
  • T-SQLT-SQL
  • VB.NETVB.NET
  • VB6VB6
  • XMLXML
  • YAMLYAML
Java

Java static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your JAVA code

  • All rules 733
  • Vulnerability60
  • Bug175
  • Security Hotspot40
  • Code Smell458

  • Quick Fix 65
Filtered: 47 rules found
tests
    Impact
      Clean code attribute
        1. Methods annotated with "@BeforeTransaction" or "@AfterTransaction" must respect the contract

           Code Smell
        2. Use appropriate @DirtiesContext modes

           Code Smell
        3. AssertJ assertions with "Consumer" arguments should contain assertion inside consumers

           Bug
        4. Mockito argument matchers should be used on all parameters

           Bug
        5. Call to Mockito method "verify", "when" or "given" should be simplified

           Code Smell
        6. Annotated Mockito objects should be initialized

           Bug
        7. Tests should use fixed data instead of randomized data

           Code Smell
        8. Similar tests should be grouped in a single Parameterized test

           Code Smell
        9. Tests should be stable

           Code Smell
        10. Spring's ModelAndViewAssert assertions should be used instead of other assertions

           Code Smell
        11. Mocking all non-private methods of a class should be avoided

           Code Smell
        12. Tests method should not be annotated with competing annotations

           Bug
        13. Test methods should not contain too many assertions

           Code Smell
        14. AssertJ "assertThatThrownBy" should not be used alone

           Code Smell
        15. Assertions should not compare an object to itself

           Bug
        16. Consecutive AssertJ "assertThat" statements should be chained

           Code Smell
        17. Assertions comparing incompatible types should not be made

           Bug
        18. AssertJ assertions "allMatch" and "doesNotContain" should also test for emptiness

           Bug
        19. Chained AssertJ assertions should be simplified to the corresponding dedicated assertion

           Code Smell
        20. AssertJ methods setting the assertion context should come before an assertion

           Bug
        21. AssertJ configuration should be applied

           Bug
        22. Methods setUp() and tearDown() should be correctly annotated starting with JUnit4

           Code Smell
        23. JUnit5 test classes and methods should not be silently ignored

           Bug
        24. Migrate your tests from JUnit4 to the new JUnit5 annotations

           Code Smell
        25. JUnit5 inner test classes should be annotated with @Nested

           Bug
        26. JUnit5 test classes and methods should have default package visibility

           Code Smell
        27. JUnit assertTrue/assertFalse should be simplified to the corresponding dedicated assertion

           Code Smell
        28. Only one method invocation is expected when testing checked exceptions

           Bug
        29. Assertion methods should not be used within the try block of a try-catch catching an Error

           Bug
        30. Only one method invocation is expected when testing runtime exceptions

           Code Smell
        31. Exception testing via JUnit @Test annotation should be avoided

           Code Smell
        32. Exception testing via JUnit ExpectedException rule should not be mixed with other assertions

           Code Smell
        33. Unit tests should throw exceptions

           Code Smell
        34. Test methods should comply with a naming convention

           Code Smell
        35. Test classes should comply with a naming convention

           Code Smell
        36. Assertion arguments should be passed in the correct order

           Code Smell
        37. Tests should be kept in a dedicated source directory

           Code Smell
        38. Assertions should be complete

           Code Smell
        39. "Thread.sleep" should not be used in tests

           Code Smell
        40. JUnit rules should be used

           Code Smell
        41. Literal boolean values and nulls should not be used in assertions

           Code Smell
        42. Tests should include assertions

           Code Smell
        43. Test assertions should include messages

           Code Smell
        44. JUnit test cases should call super methods

           Code Smell
        45. TestCases should contain tests

           Code Smell
        46. JUnit assertions should not be used in "run" methods

           Code Smell
        47. JUnit4 @Ignored and JUnit5 @Disabled annotations should be used to disable tests and should provide a rationale

           Code Smell

        JUnit5 test classes and methods should have default package visibility

        intentionality - clear
        maintainability
        Code Smell
        Quick FixIDE quick fixes available with SonarQube for IDE
        • junit
        • tests

        JUnit5 test classes and methods should generally have package visibility. To fix this issue, change their visibility to the default package visibility.

        Why is this an issue?

        How can I fix it?

        More Info

        JUnit5 is more tolerant regarding the visibility of test classes and methods than JUnit4, which required everything to be public. Test classes and methods can have any visibility except private. It is however recommended to use the default package visibility to improve readability.

        Test classes, test methods, and lifecycle methods are not required to be public, but they must not be private.

        It is generally recommended to omit the public modifier for test classes, test methods, and lifecycle methods unless there is a technical reason for doing so – for example, when a test class is extended by a test class in another package. Another technical reason for making classes and methods public is to simplify testing on the module path when using the Java Module System.

        — JUnit5 User Guide

        What is the potential impact?

        The code will be non-conventional and readability can be slightly affected.

        Exceptions

        This rule does not raise an issue when the visibility is set to private, because private test methods and classes are systematically ignored by JUnit5, without a proper warning. In this case, there is also an impact on reliability and so it is handled by the rule S5810.

          Available In:
        • SonarQube IdeCatch issues on the fly,
          in your IDE
        • SonarQube CloudDetect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories
        • SonarQube Community BuildAnalyze code in your
          on-premise CI
          Available Since
          9.1
        • SonarQube ServerAnalyze code in your
          on-premise CI
          Developer Edition
          Available Since
          9.1

        © 2008-2025 SonarSource SA. All rights reserved.

        Privacy Policy | Cookie Policy | Terms of Use