Method getExpiration has a Cognitive Complexity of 22 (exceeds 5 allowed). Consider refactoring. Open
public static Long getExpiration(final URLConnection connection, final long baseTime) {
final String cacheControl = connection.getHeaderField("Cache-Control");
if (cacheControl != null) {
final StringTokenizer tok = new StringTokenizer(cacheControl, ",");
while (tok.hasMoreTokens()) {- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Method getExpiration has 36 lines of code (exceeds 25 allowed). Consider refactoring. Open
public static Long getExpiration(final URLConnection connection, final long baseTime) {
final String cacheControl = connection.getHeaderField("Cache-Control");
if (cacheControl != null) {
final StringTokenizer tok = new StringTokenizer(cacheControl, ",");
while (tok.hasMoreTokens()) {Method getCharset has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring. Open
public static String getCharset(final URLConnection connection) {
final String contentType = connection.getContentType();
if (contentType == null) {
return getDefaultCharset(connection);
}- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Avoid too many return statements within this method. Open
return 0L;Refactor this method to reduce its Cognitive Complexity from 22 to the 15 allowed. Open
public static Long getExpiration(final URLConnection connection, final long baseTime) {- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a method is to understand. Methods with high Cognitive Complexity will be difficult to maintain.
See
Make "PATTERN_RFC1123" an instance variable. Open
public static final DateFormat PATTERN_RFC1123 = new SimpleDateFormat("EEE, dd MMM yyyy HH:mm:ss zzz", Locale.US);- Read upRead up
- Exclude checks
Not all classes in the standard Java library were written to be thread-safe. Using them in a multi-threaded manner is highly likely to cause data problems or exceptions at runtime.
This rule raises an issue when an instance of Calendar, DateFormat, javax.xml.xpath.XPath, or
javax.xml.validation.SchemaFactory is marked static.
Noncompliant Code Example
public class MyClass {
private static SimpleDateFormat format = new SimpleDateFormat("HH-mm-ss"); // Noncompliant
private static Calendar calendar = Calendar.getInstance(); // Noncompliant
Compliant Solution
public class MyClass {
private SimpleDateFormat format = new SimpleDateFormat("HH-mm-ss");
private Calendar calendar = Calendar.getInstance();
Define and throw a dedicated exception instead of using a generic one. Open
public static URL createURL(final URL baseUrl, final String relativeUrl) throws Exception {- Read upRead up
- Exclude checks
Using such generic exceptions as Error, RuntimeException, Throwable, and Exception prevents
calling methods from handling true, system-generated exceptions differently than application-generated errors.
Noncompliant Code Example
public void foo(String bar) throws Throwable { // Noncompliant
throw new RuntimeException("My Message"); // Noncompliant
}
Compliant Solution
public void foo(String bar) {
throw new MyOwnRuntimeException("My Message");
}
Exceptions
Generic exceptions in the signatures of overriding methods are ignored, because overriding method has to follow signature of the throw declaration in the superclass. The issue will be raised on superclass declaration of the method (or won't be raised at all if superclass is not part of the analysis).
@Override
public void myMethod() throws Exception {...}
Generic exceptions are also ignored in the signatures of methods that make calls to methods that throw generic exceptions.
public void myOtherMethod throws Exception {
doTheThing(); // this method throws Exception
}
See
- MITRE, CWE-397 - Declaration of Throws for Generic Exception
- CERT, ERR07-J. - Do not throw RuntimeException, Exception, or Throwable
Add a private constructor to hide the implicit public one. Open
public class Urls {- Read upRead up
- Exclude checks
Utility classes, which are collections of static members, are not meant to be instantiated. Even abstract utility classes, which can
be extended, should not have public constructors.
Java adds an implicit public constructor to every class which does not define at least one explicitly. Hence, at least one non-public constructor should be defined.
Noncompliant Code Example
class StringUtils { // Noncompliant
public static String concatenate(String s1, String s2) {
return s1 + s2;
}
}
Compliant Solution
class StringUtils { // Compliant
private StringUtils() {
throw new IllegalStateException("Utility class");
}
public static String concatenate(String s1, String s2) {
return s1 + s2;
}
}
Exceptions
When class contains public static void main(String[] args) method it is not considered as utility class and will be ignored by this
rule.