Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarLint
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarCloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
Go
HTML
Java
JavaScript
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Scala
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML

PL/SQL static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your PL/SQL code

Tags

Impact

Clean code attribute

Inserts should include values for non-null columns
Bug
Variables should be declared only once in a scope
Bug
Size should be specified for string variables
Bug
Predefined exceptions should not be overridden
Bug
"NOT NULL" variables should be initialized
Bug
"NCHAR" and "NVARCHAR2" size should not be specified in bytes
Bug
"END LOOP" should be followed by a semicolon
Bug
Constraints should not be applied to types that cannot be constrained
Bug
Improper constraint forms should not be used
Bug
Scale should not be specified for float types
Bug
Constant declarations should contain initialization assignments
Bug
"RAISE_APPLICATION_ERROR" should only be used with error codes from -20,000 to -20,999
Bug
"FETCH ... BULK COLLECT INTO" should not be used without a "LIMIT" clause
Bug
Anchored types should not be constrained
Bug
"DELETE" and "UPDATE" statements should contain "WHERE" clauses
Bug
"FORALL" statements should use the "SAVE EXCEPTIONS" clause
Bug
Pipelined functions should have at least one "PIPE ROW" statement and not return an expression (PLS-00633)
Bug
"COMMIT" should not be used inside a loop
Bug
Individual "WHERE" clause conditions should not be unconditionally true or false
Bug
Nullable subqueries should not be used in "NOT IN" conditions
Bug
"COMMIT" and "ROLLBACK" should not be called from non-autonomous transaction triggers
Bug
Positional and named arguments should not be mixed in invocations
Bug
Functions should end with "RETURN" statements
Bug
Collections should not be iterated in "FOR" loops
Bug
Output parameters should be assigned
Bug
"ROWNUM" should not be used at the same query level as "ORDER BY"
Bug
All branches in a conditional structure should not have exactly the same implementation
Bug
Strings should only be moved to variables or columns which are large enough to hold them
Bug
"WHERE" clause conditions should not be contradictory
Bug
Unary prefix operators should not be repeated
Bug
DML events clauses should not include multiple "OF" clauses
Bug
"PACKAGE BODY" initialization sections should not contain "RETURN" statements
Bug
"NULL" should not be compared directly
Bug
"MLSLABEL" should not be used
Bug
"VARCHAR2" and "NVARCHAR2" should be used
Bug
Related "IF/ELSIF" statements and "WHEN" clauses in a "CASE" should not have the same condition
Bug
Identical expressions should not be used on both sides of a binary operator
Bug
All code should be reachable
Bug
Loops with at most one iteration should be refactored
Bug
Variables and columns should not be self-assigned
Bug
"IF" statement conditions should not evaluate unconditionally to "TRUE" or to "FALSE"
Bug
The "result_cache" hint should be avoided
Bug
"SYNCHRONIZE" should not be used
Bug
"FORMS_DDL('COMMIT')" and "FORMS_DDL('ROLLBACK')" should not be used
Bug
Explicitly opened cursors should be closed
Bug

Nullable subqueries should not be used in "NOT IN" conditions

intentionality - complete

reliability

Bug

CriticalSonarSource default severity
click to learn more

Why is this an issue?

A WHERE clause condition that uses NOT IN with a subquery will have unexpected results if that subquery returns NULL. On the other hand NOT EXISTS subqueries work reliably under the same conditions.

This rule raises an issue when NOT IN is used with a subquery where the selected column is nullable.

Noteworthy

This rule raises issues only when a Data Dictionary is provided during the analysis. See https://docs.sonarqube.org/latest/analysis/languages/plsql/

Noncompliant code example

SELECT *
FROM my_table
WHERE my_column NOT IN (SELECT nullable_column FROM another_table)  -- Noncompliant; "nullable_column" may contain 'NULL' value and the whole SELECT query will return nothing

Compliant solution

SELECT *
FROM my_table
WHERE NOT EXISTS (SELECT 1 FROM another_table WHERE nullable_column = my_table.my_column)

SELECT *
FROM my_table
WHERE my_column NOT IN (SELECT nullable_column FROM another_table WHERE nullable_column IS NOT NULL)

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Developer
Edition

© 2008-2024 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Sonar helps developers write Clean Code.
Privacy Policy | Cookie Policy

In-IDE

SaaS

Self-Hosted