org.sonar.server.rule.ws.search-example.json Maven / Gradle / Ivy
{
"total": 4,
"p": 1,
"ps": 3,
"rules": [
{
"key": "squid:S1067",
"repo": "squid",
"name": "Expressions should not be too complex",
"createdAt": "2013-03-27T08:52:40+0100",
"htmlDesc": "\nThe complexity of an expression is defined by the number of &&, || and condition ? ifTrue : ifFalse operators it contains.\nA single expression's complexity should not become too high to keep the code readable.\n
\n\nThe following code, with a maximum complexity of 3:
\n\n\nif (condition1 && condition2 && condition3 && condition4) { /* ... */ } // Non-Compliant\n\n\ncould be refactored into something like:
\n\n\nif (relevantMethodName1() && relevantMethodName2()) { /* ... */ } // Compliant\n\n/* ... */\n\nprivate boolean relevantMethodName1() {\n return condition1 && condition2;\n}\n\nprivate boolean relevantMethodName2() {\n return condition3 && condition4;\n}\n",
"severity": "MAJOR",
"status": "READY",
"internalKey": "S1067",
"isTemplate": false,
"tags": [],
"sysTags": ["brain-overload"],
"lang": "java",
"langName": "Java",
"type": "CODE_SMELL",
"params": [
{
"key": "max",
"desc": "Maximum number of allowed conditional operators in an expression",
"defaultValue": "3"
}
]
},
{
"key": "squid:ClassCyclomaticComplexity",
"repo": "squid",
"name": "Avoid too complex class",
"createdAt": "2013-03-27T08:52:40+0100",
"htmlDesc": "The Cyclomatic Complexity is measured by the number of (&&, ||)\n\toperators and (if, while, do, for, ?:, catch, switch, case, return,\n\tthrow) statements in the body of a class plus one for each constructor,\n\tmethod (but not getter/setter), static initializer, or instance\n\tinitializer in the class. The last return stament in method, if exists,\n\tis not taken into account.
\n\n\tEven when the Cyclomatic Complexity of a class is very high, this\n\tcomplexity might be well distributed among all methods. Nevertheless,\n\tmost of the time, a very complex class is a class which breaks the Single\n\t\tResponsibility Principle and which should be re-factored to be split\n\tin several classes.\n
",
"severity": "MAJOR",
"status": "READY",
"internalKey": "ClassCyclomaticComplexity",
"isTemplate": false,
"tags": [],
"sysTags": ["brain-overload"],
"lang": "java",
"langName": "Java",
"type": "BUG",
"params": [
{
"key": "max",
"desc": "Maximum complexity allowed.",
"defaultValue": "200"
}
]
},
{
"key": "squid:MethodCyclomaticComplexity",
"repo": "squid",
"name": "Methods should not be too complex",
"createdAt": "2013-03-27T08:52:40+0100",
"htmlDesc": "The Cyclomatic Complexity is measured by the number of\n\t(&&, ||) operators and (if, while, do, for, ?:, catch, switch,\n\tcase, return, throw) statements in the body of a class plus one for\n\teach constructor, method (but not getter/setter), static initializer,\n\tor instance initializer in the class. The last return stament in\n\tmethod, if exists, is not taken into account.
\n\n\tEven when the Cyclomatic Complexity of a class is very high, this\n\tcomplexity might be well distributed among all methods. Nevertheless,\n\tmost of the time, a very complex class is a class which breaks the Single\n\t\tResponsibility Principle and which should be re-factored to be split\n\tin several classes.\n
",
"severity": "MAJOR",
"status": "READY",
"internalKey": "MethodCyclomaticComplexity",
"isTemplate": false,
"tags": [],
"sysTags": ["brain-overload"],
"lang": "java",
"langName": "Java",
"type": "VULNERABILITY",
"params": [
{
"key": "max",
"desc": "Maximum complexity allowed.",
"defaultValue": "10"
}
]
},
{
"key": "squid:XPath",
"repo": "squid",
"name": "XPath rule",
"createdAt": "2013-03-27T08:52:40+0100",
"htmlDesc": "\nThis rule allows to define some homemade Java rules with help of an XPath expression.\n
\n\n\nIssues are created depending on the return value of the XPath expression. If the XPath expression returns:\n
\n\n - a single or list of AST nodes, then a line issue with the given message is created for each node
\n - a boolean, then a file issue with the given message is created only if the boolean is true
\n - anything else, no issue is created
\n
\n\n\nHere is an example of an XPath expression to log an issue on each if statement : //ifStatement\n
",
"severity": "MAJOR",
"status": "READY",
"internalKey": "XPath",
"isTemplate": true,
"tags": [ ],
"sysTags": [ ],
"mdNote": "\nThe tree produced by the firstOf() matcher is hard to work with from checks when alternatives are not named.\n
\n\n\nConsider the following rule:\n
\n\n\nb.rule(COMPILATION_UNIT).is(\n b.firstOf( /* Non-Compliant */\n \"FOO\",\n \"BAR\"));\n
\n\n\nIf, from a check, one wants to forbid the usage of the \"BAR\" alternative,\nthe easiest option will be to verify that the value of the first token is \"BAR\",\ni.e. \"BAR\".equals(compilationUnitNode.getTokenValue()).\n
\n\n\nThis is not maintainable, for at least two reasons:\n
\n\n\n - The grammar might evolve to also accept \"bar\" in lowercase, which will break
\"BAR\".equals(...) \n - The grammar might evolve to optionally accept \"hello\" before the
firstOf(), which will break compilationUnitNode.getTokenValue() \n
\n\n\nInstead, it is much better to rewrite the grammar as:\n
\n\n\nb.rule(COMPILATION_UNIT).is(\n firstOf( /* Compliant */\n FOO,\n BAR));\nb.rule(FOO).is(\"FOO\");\nb.rule(BAR).is(\"BAR\");\n
\n\n\nThe same check which forbids \"BAR\" would be written as: compilationUnitNode.hasDirectChildren(BAR).\nThis allows both of the previous grammar evolutions to be made without impacting the check at all.\n
",
"htmlNote": "<p>
The tree produced by the <code>firstOf()</code> matcher is hard to work with from checks when alternatives are not named.
</p>
<p>
Consider the following rule:
</p>
<pre>
b.rule(COMPILATION_UNIT).is(
b.firstOf( /* Non-Compliant */
"FOO",
"BAR"));
</pre>
<p>
If, from a check, one wants to forbid the usage of the "BAR" alternative,
the easiest option will be to verify that the value of the first token is "BAR",
i.e. <code>"BAR".equals(compilationUnitNode.getTokenValue())</code>.
</p>
<p>
This is not maintainable, for at least two reasons:
</p>
<ul>
<li>The grammar might evolve to also accept "bar" in lowercase, which will break <code>"BAR".equals(...)</code></li>
<li>The grammar might evolve to optionally accept "hello" before the <code>firstOf()</code>, which will break <code>compilationUnitNode.getTokenValue()</code></li>
</ul>
<p>
Instead, it is much better to rewrite the grammar as:
</p>
<pre>
b.rule(COMPILATION_UNIT).is(
firstOf( /* Compliant */
FOO,
BAR));
b.rule(FOO).is("FOO");
b.rule(BAR).is("BAR");
</pre>
<p>
The same check which forbids "BAR" would be written as: <code>compilationUnitNode.hasDirectChildren(BAR)</code>.
This allows both of the previous grammar evolutions to be made without impacting the check at all.
</p>",
"noteLogin": "eric.hartmann",
"lang": "java",
"langName": "Java",
"type": "CODE_SMELL",
"params": [
{
"key": "xpathQuery",
"desc": "The XPath query",
"defaultValue": ""
},
{
"key": "message",
"desc": "The violation message",
"defaultValue": "The XPath expression matches this piece of code"
}
]
},
{
"key": "squid:XPath_1369910135",
"repo": "squid",
"name": "firstOf() alternatives should be rules or token types",
"createdAt": "2013-05-30T10:35:35+0200",
"htmlDesc": "\r\nThe tree produced by the firstOf() matcher is hard to work with from checks when alternatives are not named.\r\n
\r\n\r\n\r\nConsider the following rule:\r\n
\r\n\r\n\r\nb.rule(COMPILATION_UNIT).is(\r\n b.firstOf( /* Non-Compliant */\r\n \"FOO\",\r\n \"BAR\"));\r\n
\r\n\r\n\r\nIf, from a check, one wants to forbid the usage of the \"BAR\" alternative,\r\nthe easiest option will be to verify that the value of the first token is \"BAR\",\r\ni.e. \"BAR\".equals(compilationUnitNode.getTokenValue()).\r\n
\r\n\r\n\r\nThis is not maintainable, for at least two reasons:\r\n
\r\n\r\n\r\n - The grammar might evolve to also accept \"bar\" in lowercase, which will break
\"BAR\".equals(...) \r\n - The grammar might evolve to optionally accept \"hello\" before the
firstOf(), which will break compilationUnitNode.getTokenValue() \r\n
\r\n\r\n\r\nInstead, it is much better to rewrite the grammar as:\r\n
\r\n\r\n\r\nb.rule(COMPILATION_UNIT).is(\r\n firstOf( /* Compliant */\r\n FOO,\r\n BAR));\r\nb.rule(FOO).is(\"FOO\");\r\nb.rule(BAR).is(\"BAR\");\r\n
\r\n\r\n\r\nThe same check which forbids \"BAR\" would be written as: compilationUnitNode.hasDirectChildren(BAR).\r\nThis allows both of the previous grammar evolutions to be made without impacting the check at all.\r\n
",
"severity": "MAJOR",
"status": "READY",
"internalKey": "XPath",
"isTemplate": false,
"templateKey": "squid:XPath",
"tags": [ ],
"sysTags": [ ],
"lang": "java",
"langName": "Java",
"type": "CODE_SMELL",
"params": [
{
"key": "xpathQuery",
"desc": "The XPath query",
"defaultValue": "//expression[primary/qualifiedIdentifier[count(IDENTIFIER) = 2]/IDENTIFIER[2]/@tokenValue = 'firstOf' and primary/identifierSuffix/arguments/expression[not(primary) or primary[not(qualifiedIdentifier) or identifierSuffix]]]"
},
{
"key": "message",
"desc": "The violation message",
"defaultValue": "Refactor this firstOf() to only use a rule or token type for each alternative."
}
]
}
],
"actives": {
"squid:MethodCyclomaticComplexity": [
{
"qProfile": "Sonar way with Findbugs:java",
"inherit": "NONE",
"severity": "MAJOR",
"params": [
{
"key": "max",
"value": "10"
}
]
},
{
"qProfile": "Sonar way:java",
"inherit": "NONE",
"severity": "MAJOR",
"params": [
{
"key": "max",
"value": "10"
}
]
}
],
"squid:S1067": [
{
"qProfile": "Sonar way with Findbugs:java",
"inherit": "NONE",
"severity": "MAJOR",
"params": [
{
"key": "max",
"value": "3"
}
]
},
{
"qProfile": "Sonar way:java",
"inherit": "NONE",
"severity": "MAJOR",
"params": [
{
"key": "max",
"value": "3"
}
]
}
],
"squid:ClassCyclomaticComplexity": [
{
"qProfile": "Sonar way with Findbugs:java",
"inherit": "NONE",
"severity": "MAJOR",
"params": [
{
"key": "max",
"value": "200"
}
]
},
{
"qProfile": "Sonar way:java",
"inherit": "NONE",
"severity": "MAJOR",
"params": [
{
"key": "max",
"value": "200"
}
]
}
]
},
"facets": [
{
"name": "tags",
"values": [
{
"val": "complexity",
"count": 141
},
{
"val": "java8",
"count": 42
},
{
"val": "javadoc",
"count": 13
}
]
},
{
"name": "languages",
"values": [
{
"val": "java",
"count": 563
}
]
},
{
"name": "repositories",
"values": [
{
"val": "findbugs",
"count": 419
},
{
"val": "squid",
"count": 138
},
{
"val": "common-java",
"count": 6
}
]
}
]
}