PL/SQL static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your PL/SQL code

All rules 189

Vulnerability4

Bug45

Security Hotspot2

Code Smell138

Filtered: 17 rules found

pitfall

Impact

Clean code attribute

Quoted identifiers should not be used

Code Smell

Why is this an issue?

Quoted identifiers are confusing to many programmers, as they look similar to string literals. Moreover, for maximum portability, identifiers should be self-descriptive and should not contain accents. Quoted identifiers can contain any character, which can be confusing.

Noncompliant code example

SET SERVEROUTPUT ON

DECLARE
  "x + y" PLS_INTEGER := 0; -- Noncompliant, quoted identifiers are confusing
  x PLS_INTEGER := 40;
  y PLS_INTEGER := 2;
  "hello" VARCHAR2(42) := 'world';  -- Noncompliant

BEGIN
  DBMS_OUTPUT.PUT_LINE("x + y"); -- Noncompliant, displays 0
  DBMS_OUTPUT.PUT_LINE("hello"); -- Noncompliant, confusing, displays "world" and not "hello"
END;
/

Compliant solution

SET SERVEROUTPUT ON

DECLARE
  my_int PLS_INTEGER := 0;
  x PLS_INTEGER := 40;
  y PLS_INTEGER := 2;
  greeting VARCHAR2(42) := 'hello';
BEGIN
  DBMS_OUTPUT.PUT_LINE(my_int);
  DBMS_OUTPUT.PUT_LINE(x + y); -- Compliant, displays 42

  DBMS_OUTPUT.PUT_LINE(greeting);
END;
/

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

In-IDE

SaaS

Self-Hosted