This block of commented-out lines of code should be removed. Open
//log.info("Starting to analyze ..........");
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Programmers should not comment out code as it bloats programs and reduces readability.
Unused code should be deleted and can be retrieved from source control history if required.
Save and re-use this "Random". Open
Random rand = new Random();
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Creating a new Random
object each time a random value is needed is inefficient and may produce numbers which are not random depending
on the JDK. For better efficiency and randomness, create a single Random
, then store, and reuse it.
The Random()
constructor tries to set the seed with a distinct value every time. However there is no guarantee that the seed will be
random or even uniformly distributed. Some JDK will use the current time as seed, which makes the generated numbers not random at all.
This rule finds cases where a new Random
is created each time a method is invoked and assigned to a local random variable.
Noncompliant Code Example
public void doSomethingCommon() { Random rand = new Random(); // Noncompliant; new instance created with each invocation int rValue = rand.nextInt(); //...
Compliant Solution
private Random rand = SecureRandom.getInstanceStrong(); // SecureRandom is preferred to Random public void doSomethingCommon() { int rValue = this.rand.nextInt(); //...
Exceptions
A class which uses a Random
in its constructor or in a static main
function and nowhere else will be ignored by this
rule.
See
- OWASP Top 10 2017 Category A6 - Security Misconfiguration
Identical blocks of code found in 2 locations. Consider refactoring. Open
public String analyze() {
// Initializing session and protocol
//log.info("Starting to analyze ..........");
init(pcapPath);
graphParser = context.getBean(ProtocolGraphParser.class);
- Read upRead up
- Create a ticketCreate a ticket
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 93.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Identical blocks of code found in 2 locations. Consider refactoring. Open
private void init(String pcapPath) {
this.session = context.getBean(Session.class);
Random rand = new Random();
session.init("session_" + rand.nextInt(), pcapPath);
log.info("Session init complete!!");
- Read upRead up
- Create a ticketCreate a ticket
Duplicated Code
Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:
Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.
When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).
Tuning
This issue has a mass of 70.
We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.
The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.
If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.
See codeclimate-duplication
's documentation for more information about tuning the mass threshold in your .codeclimate.yml
.
Refactorings
- Extract Method
- Extract Class
- Form Template Method
- Introduce Null Object
- Pull Up Method
- Pull Up Field
- Substitute Algorithm
Further Reading
- Don't Repeat Yourself on the C2 Wiki
- Duplicated Code on SourceMaking
- Refactoring: Improving the Design of Existing Code by Martin Fowler. Duplicated Code, p76
Extra separation in import group before 'lombok.Getter' Open
import lombok.Getter;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Extra separation in import group before 'org.springframework.context.annotation.Scope' Open
import org.springframework.context.annotation.Scope;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'in.ac.bits.protocolanalyzer.protocol.ProtocolChecker' import. Should be before 'org.springframework.web.context.WebApplicationContext'. Open
import in.ac.bits.protocolanalyzer.protocol.ProtocolChecker;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'org.json.JSONObject' import. Should be before 'org.springframework.stereotype.Component'. Open
import org.json.JSONObject;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'org.springframework.beans.factory.annotation.Autowired' import. Should be before 'org.springframework.stereotype.Component'. Open
import org.springframework.beans.factory.annotation.Autowired;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'in.ac.bits.protocolanalyzer.analyzer.Session' import. Should be before 'org.springframework.web.context.WebApplicationContext'. Open
import in.ac.bits.protocolanalyzer.analyzer.Session;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
All overloaded methods should be placed next to each other. Placing non-overloaded methods in between overloaded methods with the same type is a violation. Previous overloaded method located at line '47'. Open
private void init(String pcapPath) {
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that overloaded methods are grouped together. Overloaded methods have the samename but different signatures where the signature can differ by the number of inputparameters or type of input parameters or both.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'org.springframework.beans.factory.annotation.Qualifier' import. Should be before 'org.springframework.stereotype.Component'. Open
import org.springframework.beans.factory.annotation.Qualifier;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'in.ac.bits.protocolanalyzer.protocol.ProtocolGraphParser' import. Should be before 'org.springframework.web.context.WebApplicationContext'. Open
import in.ac.bits.protocolanalyzer.protocol.ProtocolGraphParser;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Extra separation in import group before 'org.json.JSONObject' Open
import org.json.JSONObject;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Extra separation in import group before 'in.ac.bits.protocolanalyzer.analyzer.Session' Open
import in.ac.bits.protocolanalyzer.analyzer.Session;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.
Wrong lexicographical order for 'in.ac.bits.protocolanalyzer.protocol.Protocol' import. Should be before 'org.springframework.web.context.WebApplicationContext'. Open
import in.ac.bits.protocolanalyzer.protocol.Protocol;
- Read upRead up
- Create a ticketCreate a ticket
- Exclude checks
Checks that the groups of import declarations appear in the order specifiedby the user. If there is an import but its group is not specified in theconfiguration such an import should be placed at the end of the import list.
This documentation is written and maintained by the Checkstyle community and is covered under the same license as the Checkstyle project.