Remediations for issues identified by SAST tools.
- Add missing
@Override
to overriding and implementing methods - Add
serialVersionUID
to aSerializable
class when missing - Atomic Boolean, Integer, and Long equality checks compare their values
- Avoid boxed boolean expressions
BigDecimal
rounding constants toRoundingMode
enums- Boolean checks should not be inverted
- CaseInsensitive comparisons do not alter case
- Catch clause should do more than just rethrow
- Chain
StringBuilder.append()
calls - Change
StringBuilder
andStringBuffer
character constructor argument toString
- Changes code to use Java 17's
instanceof
pattern matching - Code cleanup
- Combine semantically equal catch blocks
- Common static analysis issues
- Control flow statement indentation
- Covariant equals
- Default comes last
- Don't use final on local variables
- Enum values should be compared with "=="
- Equals avoids null
- Explicit initialization
Externalizable
classes have no-arguments constructor- Fall through
- Finalize classes with private constructors
- Finalize local variables
- Finalize method arguments
- Finalize private fields
- Fix
String#format
andString#formatted
expressions - Fix missing braces
- Hidden field
- Hide utility class constructor
- Inline variable
- Java API best practices
- Jump statements should not be redundant
- Method name casing
- Modifier order
- Nested enums are not static
- No C-style array declarations
- No double brace initialization
- No multiple variable declarations
- No primitive wrappers for #toString() or #compareTo(..)
- Operator wrapping
- Prefer
while
overfor
loops - Properly use declaration-site type variance
- Properly use declaration-site type variance for well-known types
- Redundant file creation
- Reformat local variable names to camelCase
- Reformat private field names to camelCase
- Remove JavaDoc
@param
,@return
, and@throws
with no description - Remove Nullable and CheckForNull annotations from primitives
- Remove
Object.finalize()
invocations - Remove
System.out#println
statements - Remove Unneeded Assertions
- Remove author tags from JavaDocs
- Remove catch for a checked exception if the try block does not throw that exception
- Remove empty blocks
- Remove extra semicolons
- Remove
finalize()
method - Remove garbage collection invocations
- Remove redundant casts
- Remove unneeded block
- Remove unused local variables
- Remove unused private fields
- Remove unused private methods
- Removes from code Java 14's
instanceof
pattern matching - Rename caught exceptions in empty catch blocks to
ignored
- Rename methods named
hashcode
,equal
, ortostring
- Rename packages to lowercase
- Replace
Optional#isPresent()
withOptional#ifPresent()
- Replace Stream.toList() with Stream.collect(Collectors.toList())
- Replace StringBuilder.append() with String
- Replace calls to
Thread.run()
withThread.start()
- Replace deprecated Runtime.Exec() methods
- Replace duplicate
String
literals - Replace invocations of
Collections#sort(List, Comparator)
withList#sort(Comparator)
- Replace
java.util.Set#removeAll(java.util.Collection)
withjava.util.Collection#forEach(Set::remove)
- Replace
java.util.Stack
withjava.util.Deque
- Replace
org.apache.commons.lang3.Validate#notNull
withObjects#requireNonNull
- Replace
org.apache.commons.lang3.Validate#notNull
withObjects#requireNonNull
- Replace
org.apache.commons.lang3.Validate#notNull
withObjects#requireNonNull
- Replace redundant String format invocations that are wrapped with PrintStream operations
- Replace referential equality operators with Object equals method invocations when the operands both override
Object.equals(Object obj)
- Replace text block with regular string
- Replaces
Object.notify()
withObject.notifyAll()
- Set charset encoding explicitly when calling
String#getBytes
- Simplify compound statement
- Simplify consecutive assignments
- Simplify constant if branch execution
- Simplify
java.time.Duration
units - Simplify lambda blocks to expressions
- Static methods not final
- Typecast parenthesis padding
- Unnecessary String#toString()
- Unnecessary String#valueOf(..)
- Unnecessary close in try-with-resources
- Unnecessary explicit type arguments
- Unnecessary throws
- Unwrap
@Repeatable
annotations - Upper case literal suffixes
- Use
Collection
interfaces - Use
Collection#isEmpty()
instead of comparingsize()
- Use
Collections#emptyList()
,emptyMap()
, andemptySet()
- Use
Map#containsKey
- Use
StandardCharset
constants - Use
String.equals()
on String literals - Use
String::replace()
when fist parameter is not a real regular expression - Use
System.lineSeparator()
- Use comparison rather than equality checks in for conditions
- Use diamond operator
- Use explicit types on lambda arguments
- Use
indexOf(String, int)
- Use lambda expressions instead of anonymous classes
- Use method references in lambda
- Use primitive wrapper
valueOf
method - Use the builder pattern where possible
- Write octal values as decimal
finalize()
calls superfor
loop counters incremented in updatefor
loop counters should use postfix operatorsindexOf
should not compare greater than zeroindexOf()
replaceable bycontains()
switch
statements should have at least 3case
clauses