Sign upLogin

Adobe-Consulting-Services/acs-aem-commons

View on GitHub
Star

Showing 1,632 of 1,632 total issues

Provide the parametrized type for this generic.
Open

    private void extractFieldComponents(Class clazz) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/form/AbstractContainerComponent.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Provide the parametrized type for this generic.
Open

        for (Enum e : enumClass.getEnumConstants()) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/model/AbstractReport.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Catch Exception instead of Throwable.
Open

            } catch (Throwable e){
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/impl/GenericReportExcelServlet.java by sonar-java

Throwable is the superclass of all errors and exceptions in Java. Error is the superclass of all errors, which are not meant to be caught by applications.

Catching either Throwable or Error will also catch OutOfMemoryError and InternalError, from which an application should not attempt to recover.

Noncompliant Code Example

try { /* ... */ } catch (Throwable t) { /* ... */ }
try { /* ... */ } catch (Error e) { /* ... */ }

Compliant Solution

try { /* ... */ } catch (RuntimeException e) { /* ... */ }
try { /* ... */ } catch (MyException e) { /* ... */ }

See

Provide the parametrized type for this generic.
Open

    private void appendArray(ModifiableValueMap resourceProperties, Map.Entry entry) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/DataImporter.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Rename this method to not match a restricted identifier.
Open

    private void record(ReportRowStatus status, String path, String title) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/AssetFolderCreator.java by sonar-java

Even if it is technically possible, Restricted Identifiers should not be used as identifiers. This is only possible for compatibility reasons, using it in Java code is confusing and should be avoided.

Note that this applies to any version of Java, including the one where these identifiers are not yet restricted, to avoid future confusion.

This rule reports an issue when restricted identifiers:

  • var
  • yield
  • record

are used as identifiers.

Noncompliant Code Example

var var = "var"; // Noncompliant: compiles but this code is confusing
var = "what is this?";

int yield(int i) { // Noncompliant
  return switch (i) {
    case 1: yield(0); // This is a yield from switch expression, not a recursive call.
    default: yield(i-1);
  };
}

String record = "record"; // Noncompliant

Compliant Solution

var myVariable = "var";

int minusOne(int i) {
  return switch (i) {
    case 1: yield(0);
    default: yield(i-1);
  };
}

String myRecord = "record";

See

Provide the parametrized type for this generic.
Open

        ArrayList<ProcessInstance> processes = new ArrayList();
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/impl/ControlledProcessManagerServlet.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Remove these unused method parameters.
Open

    protected Map<String, String> getAdditionalParams(WorkItem workItem, WorkflowSession workflowSession,
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/email/process/impl/SendTemplatedEmailProcess.java by sonar-java

Unused parameters are misleading. Whatever the values passed to such parameters, the behavior will be the same.

Noncompliant Code Example

void doSomething(int a, int b) {     // "b" is unused
  compute(a);
}

Compliant Solution

void doSomething(int a) {
  compute(a);
}

Exceptions

The rule will not raise issues for unused parameters:

  • that are annotated with @javax.enterprise.event.Observes
  • in overrides and implementation methods
  • in interface default methods
  • in non-private methods that only throw or that have empty bodies
  • in annotated methods, unless the annotation is @SuppressWarning("unchecked") or @SuppressWarning("rawtypes"), in which case the annotation will be ignored
  • in overridable methods (non-final, or not member of a final class, non-static, non-private), if the parameter is documented with a proper javadoc. 
@Override
void doSomething(int a, int b) {     // no issue reported on b
  compute(a);
}

public void foo(String s) {
  // designed to be extended but noop in standard case
}

protected void bar(String s) {
  //open-closed principle
}

public void qix(String s) {
  throw new UnsupportedOperationException("This method should be implemented in subclasses");
}

/**
 * @param s This string may be use for further computation in overriding classes
 */
protected void foobar(int a, String s) { // no issue, method is overridable and unused parameter has proper javadoc
  compute(a);
}

See

  • CERT, MSC12-C. - Detect and remove code that has no effect or is never executed

Define and throw a dedicated exception instead of using a generic one.
Open

   protected void activate(final EndpointConfiguration config) throws Exception {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/adobeio/service/impl/EndpointServiceImpl.java by sonar-java

Using such generic exceptions as Error, RuntimeException, Throwable, and Exception prevents calling methods from handling true, system-generated exceptions differently than application-generated errors.

Noncompliant Code Example

public void foo(String bar) throws Throwable {  // Noncompliant
  throw new RuntimeException("My Message");     // Noncompliant
}

Compliant Solution

public void foo(String bar) {
  throw new MyOwnRuntimeException("My Message");
}

Exceptions

Generic exceptions in the signatures of overriding methods are ignored, because overriding method has to follow signature of the throw declaration in the superclass. The issue will be raised on superclass declaration of the method (or won't be raised at all if superclass is not part of the analysis).

@Override
public void myMethod() throws Exception {...}

Generic exceptions are also ignored in the signatures of methods that make calls to methods that throw generic exceptions.

public void myOtherMethod throws Exception {
  doTheThing();  // this method throws Exception
}

See

Define and throw a dedicated exception instead of using a generic one.
Open

    protected final void doActivate(ComponentContext context) throws Exception {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/http/headers/impl/ResourceTypeBasedDispatcherMaxAgeHeaderFilter.java by sonar-java

Using such generic exceptions as Error, RuntimeException, Throwable, and Exception prevents calling methods from handling true, system-generated exceptions differently than application-generated errors.

Noncompliant Code Example

public void foo(String bar) throws Throwable {  // Noncompliant
  throw new RuntimeException("My Message");     // Noncompliant
}

Compliant Solution

public void foo(String bar) {
  throw new MyOwnRuntimeException("My Message");
}

Exceptions

Generic exceptions in the signatures of overriding methods are ignored, because overriding method has to follow signature of the throw declaration in the superclass. The issue will be raised on superclass declaration of the method (or won't be raised at all if superclass is not part of the analysis).

@Override
public void myMethod() throws Exception {...}

Generic exceptions are also ignored in the signatures of methods that make calls to methods that throw generic exceptions.

public void myOtherMethod throws Exception {
  doTheThing();  // this method throws Exception
}

See

Change this condition so that it does not always evaluate to "false"
Open

            if (packagesRemoved > 0) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/packagegarbagecollector/PackageGarbageCollectionJob.java by sonar-java

Conditional expressions which are always true or false can lead to dead code. Such code is always buggy and should never be used in production.

Noncompliant Code Example

a = false;
if (a) { // Noncompliant
  doSomething(); // never executed
}

if (!a || b) { // Noncompliant; "!a" is always "true", "b" is never evaluated
  doSomething();
} else {
  doSomethingElse(); // never executed
}

Exceptions

This rule will not raise an issue in either of these cases:

  • When the condition is a single final boolean 
final boolean debug = false;
//...
if (debug) {
  // Print something
}
  • When the condition is literally true or false. 
if (true) {
  // do something
}

In these cases it is obvious the code is as intended.

See

Refactor this method to reduce its Cognitive Complexity from 16 to the 15 allowed.
Open

    public JobResult process(Job job) {
Severity: Critical
Found in bundle/src/main/java/com/adobe/acs/commons/packagegarbagecollector/PackageGarbageCollectionJob.java by sonar-java

Cognitive Complexity is a measure of how hard the control flow of a method is to understand. Methods with high Cognitive Complexity will be difficult to maintain.

See

Remove this unused method parameter "action".
Open

    public final void onEnd(final Agent agent, final ReplicationAction action, final ReplicationResult result) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/replication/dispatcher/impl/ReplicationResultListener.java by sonar-java

Unused parameters are misleading. Whatever the values passed to such parameters, the behavior will be the same.

Noncompliant Code Example

void doSomething(int a, int b) {     // "b" is unused
  compute(a);
}

Compliant Solution

void doSomething(int a) {
  compute(a);
}

Exceptions

The rule will not raise issues for unused parameters:

  • that are annotated with @javax.enterprise.event.Observes
  • in overrides and implementation methods
  • in interface default methods
  • in non-private methods that only throw or that have empty bodies
  • in annotated methods, unless the annotation is @SuppressWarning("unchecked") or @SuppressWarning("rawtypes"), in which case the annotation will be ignored
  • in overridable methods (non-final, or not member of a final class, non-static, non-private), if the parameter is documented with a proper javadoc. 
@Override
void doSomething(int a, int b) {     // no issue reported on b
  compute(a);
}

public void foo(String s) {
  // designed to be extended but noop in standard case
}

protected void bar(String s) {
  //open-closed principle
}

public void qix(String s) {
  throw new UnsupportedOperationException("This method should be implemented in subclasses");
}

/**
 * @param s This string may be use for further computation in overriding classes
 */
protected void foobar(int a, String s) { // no issue, method is overridable and unused parameter has proper javadoc
  compute(a);
}

See

  • CERT, MSC12-C. - Detect and remove code that has no effect or is never executed

Correct this "&" to "&&" and extract the right operand to a variable if it should always be evaluated.
Open

        return StringUtils.isNotBlank(replicationActionType) && !paths.isEmpty() & !getAgents().isEmpty();
Severity: Blocker
Found in bundle/src/main/java/com/adobe/acs/commons/replication/dispatcher/impl/DispatcherFlushModelImpl.java by sonar-java

The use of non-short-circuit logic in a boolean context is likely a mistake - one that could cause serious program errors as conditions are evaluated under the wrong circumstances.

Noncompliant Code Example

if(getTrue() | getFalse()) { ... } // Noncompliant; both sides evaluated

Compliant Solution

if(getTrue() || getFalse()) { ... } // true short-circuit logic

See

  • CERT, EXP46-C. - Do not use a bitwise operator with a Boolean-like operand

Provide the parametrized type for this generic.
Open

        for (Constructor constructor : c.getConstructors()) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/util/IntrospectionUtil.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Define and throw a dedicated exception instead of using a generic one.
Open

    protected void queryPayloads(ActionManager manager) throws Exception {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/BulkWorkflow.java by sonar-java

Using such generic exceptions as Error, RuntimeException, Throwable, and Exception prevents calling methods from handling true, system-generated exceptions differently than application-generated errors.

Noncompliant Code Example

public void foo(String bar) throws Throwable {  // Noncompliant
  throw new RuntimeException("My Message");     // Noncompliant
}

Compliant Solution

public void foo(String bar) {
  throw new MyOwnRuntimeException("My Message");
}

Exceptions

Generic exceptions in the signatures of overriding methods are ignored, because overriding method has to follow signature of the throw declaration in the superclass. The issue will be raised on superclass declaration of the method (or won't be raised at all if superclass is not part of the analysis).

@Override
public void myMethod() throws Exception {...}

Generic exceptions are also ignored in the signatures of methods that make calls to methods that throw generic exceptions.

public void myOtherMethod throws Exception {
  doTheThing();  // this method throws Exception
}

See

Provide the parametrized type for this generic.
Open

    List<EnumMap<ReportColumns, Object>> reportRows = new ArrayList();
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/impl/processes/cfi/ContentFragmentImport.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

This branch's code block is the same as the block for the branch on line 125.
Open

                && !StringUtils.contains(request.getPathInfo(), ".html")) {
            // If extension is provided it must be .html
            return false;
        } else if (StringUtils.endsWith(request.getHeader("Referer"), "/editor.html" + request.getRequestURI())) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/http/injectors/AbstractHtmlRequestInjector.java by sonar-java

Having two cases in a switch statement or two branches in an if chain with the same implementation is at best duplicate code, and at worst a coding error. If the same logic is truly needed for both instances, then in an if chain they should be combined, or for a switch, one should fall through to the other.

Noncompliant Code Example

switch (i) {
  case 1:
    doFirstThing();
    doSomething();
    break;
  case 2:
    doSomethingDifferent();
    break;
  case 3:  // Noncompliant; duplicates case 1's implementation
    doFirstThing();
    doSomething();
    break;
  default:
    doTheRest();
}

if (a >= 0 && a < 10) {
  doFirstThing();
  doTheThing();
}
else if (a >= 10 && a < 20) {
  doTheOtherThing();
}
else if (a >= 20 && a < 50) {
  doFirstThing();
  doTheThing();  // Noncompliant; duplicates first condition
}
else {
  doTheRest();
}

Exceptions

Blocks in an if chain that contain a single line of code are ignored, as are blocks in a switch statement that contain a single line of code with or without a following break.

if (a == 1) {
  doSomething();  //no issue, usually this is done on purpose to increase the readability
} else if (a == 2) {
  doSomethingElse();
} else {
  doSomething();
}

But this exception does not apply to if chains without else-s, or to switch-es without default clauses when all branches have the same single line of code. In case of if chains with else-s, or of switch-es with default clauses, rule {rule:java:S3923} raises a bug. 

if (a == 1) {
  doSomething();  //Noncompliant, this might have been done on purpose but probably not
} else if (a == 2) {
  doSomething();
}

Provide the parametrized type for this generic.
Open

        List convertedValues = new ArrayList();
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/util/AnnotatedFieldDeserializer.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Provide the parametrized type for this generic.
Open

            return Enum.valueOf((Class<Enum>) clazz, value);
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/util/AnnotatedFieldDeserializer.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;

Provide the parametrized type for this generic.
Open

    public static boolean hasMultipleValues(Class clazz) {
Severity: Major
Found in bundle/src/main/java/com/adobe/acs/commons/mcp/util/IntrospectionUtil.java by sonar-java

Generic types shouldn't be used raw (without type parameters) in variable declarations or return values. Doing so bypasses generic type checking, and defers the catch of unsafe code to runtime.

Noncompliant Code Example

List myList; // Noncompliant
Set mySet; // Noncompliant

Compliant Solution

List<String> myList;
Set<? extends Number> mySet;
Severity
Category
Status
Source
Language