Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

Secrets
ABAP
Ansible
Apex
AzureResourceManager
C
C#
C++
CloudFormation
COBOL
CSS
Dart
Docker
Flex
Go
HTML
Java
JavaScript
JCL
Kotlin
Kubernetes
Objective C
PHP
PL/I
PL/SQL
Python
RPG
Ruby
Scala
Swift
Terraform
Text
TypeScript
T-SQL
VB.NET
VB6
XML

PL/SQL static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your PL/SQL code

Tags

Impact

Clean code attribute

"SYNCHRONIZE" should not be used
Bug
"FORMS_DDL('COMMIT')" and "FORMS_DDL('ROLLBACK')" should not be used
Bug
Output parameters should be assigned
Bug
"ROWNUM" should not be used at the same query level as "ORDER BY"
Bug
All branches in a conditional structure should not have exactly the same implementation
Bug
Strings should only be moved to variables or columns which are large enough to hold them
Bug
"COMMIT" should not be used inside a loop
Bug
Individual "WHERE" clause conditions should not be unconditionally true or false
Bug
Nullable subqueries should not be used in "NOT IN" conditions
Bug
"WHERE" clause conditions should not be contradictory
Bug
Inserts should include values for non-null columns
Bug
Unary prefix operators should not be repeated
Bug
Variables should be declared only once in a scope
Bug
DML events clauses should not include multiple "OF" clauses
Bug
"COMMIT" and "ROLLBACK" should not be called from non-autonomous transaction triggers
Bug
Size should be specified for string variables
Bug
"PACKAGE BODY" initialization sections should not contain "RETURN" statements
Bug
Positional and named arguments should not be mixed in invocations
Bug
Predefined exceptions should not be overridden
Bug
"NULL" should not be compared directly
Bug
"NOT NULL" variables should be initialized
Bug
"NCHAR" and "NVARCHAR2" size should not be specified in bytes
Bug
"MLSLABEL" should not be used
Bug
"END LOOP" should be followed by a semicolon
Bug
Constraints should not be applied to types that cannot be constrained
Bug
Improper constraint forms should not be used
Bug
Functions should end with "RETURN" statements
Bug
Collections should not be iterated in "FOR" loops
Bug
Scale should not be specified for float types
Bug
Constant declarations should contain initialization assignments
Bug
"VARCHAR2" and "NVARCHAR2" should be used
Bug
"RAISE_APPLICATION_ERROR" should only be used with error codes from -20,000 to -20,999
Bug
"FETCH ... BULK COLLECT INTO" should not be used without a "LIMIT" clause
Bug
Anchored types should not be constrained
Bug
Related "IF/ELSIF" statements and "WHEN" clauses in a "CASE" should not have the same condition
Bug
Identical expressions should not be used on both sides of a binary operator
Bug
All code should be reachable
Bug
Loops with at most one iteration should be refactored
Bug
Variables and columns should not be self-assigned
Bug
"DELETE" and "UPDATE" statements should contain "WHERE" clauses
Bug
Explicitly opened cursors should be closed
Bug
"IF" statement conditions should not evaluate unconditionally to "TRUE" or to "FALSE"
Bug
"FORALL" statements should use the "SAVE EXCEPTIONS" clause
Bug
The "result_cache" hint should be avoided
Bug
Pipelined functions should have at least one "PIPE ROW" statement and not return an expression (PLS-00633)
Bug

Nullable subqueries should not be used in "NOT IN" conditions

intentionality - complete

reliability

Bug

Why is this an issue?

How can I fix it?

A WHERE clause condition that uses NOT IN with a subquery will have unexpected results if that subquery returns NULL. On the other hand NOT EXISTS subqueries work reliably under the same conditions.

This rule raises an issue when NOT IN is used with a subquery where the selected column is nullable.

Noteworthy

This rule raises issues only when a Data Dictionary is provided during the analysis. See https://docs.sonarqube.org/latest/analysis/languages/plsql/

Available In:

Catch issues on the fly,
in your IDE

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
9.1

© 2008-2025 SonarSource SA. All rights reserved. SONAR, SONARSOURCE, SONARQUBE, and CLEAN AS YOU CODE are trademarks of SonarSource SA.

Sonar helps developers write Clean Code.
Privacy Policy | Cookie Policy | Terms of Use

In-IDE

SaaS

Self-Hosted