Page tree
Skip to end of metadata
Go to start of metadata

Summary: This pages lists the changes made to the "core" AIP Assessment Model between successive releases (it does not include any Assessment Model fragments included in extensions).

AIP 8.3.34 - 8.3.35

This section lists the results of a comparison between a CAST AIP 8.3.34 Assessment Model and a CAST AIP 8.3.35 Assessment Model. You can download the original compare_8334_8335.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.34 Assessment ModelChangeCAST 8.3.35 Assessment Model
7742quality-ruleAvoid SQL injectionDocumentation englishname = Avoid SQL injection vulnerabilitiesUpdatedname = Avoid SQL injection
7746quality-ruleAvoid LDAP injectionDocumentation englishname = Avoid LDAP injection vulnerabilitiesUpdatedname = Avoid LDAP injection
7748quality-ruleAvoid OS command injectionDocumentation englishname = Avoid OS command injection vulnerabilitiesUpdatedname = Avoid OS command injection
7750quality-ruleAvoid XPath injectionDocumentation englishname = Avoid XPath injection vulnerabilitiesUpdatedname = Avoid XPath injection
7752quality-ruleAvoid file path manipulationDocumentation englishname = Avoid file path manipulation vulnerabilitiesUpdatedname = Avoid file path manipulation
8044quality-ruleAvoid log forgingDocumentation englishname = Avoid log forging vulnerabilitiesUpdatedname = Avoid log forging
8044quality-ruleAvoid log forgingDocumentation englishremediationSample = String val = request.getParameter("value");\ntry {\n int value = Integer.parseI...UpdatedremediationSample = String taintedInput = request.getParameter("value");\ntry {\n int value = Integ...
8044quality-ruleAvoid log forgingDocumentation englishsample = String val = request.getParameter("value");\ntry {\n int value = Integer.parseI...Updatedsample = String taintedInput = request.getParameter("value");\ntry {\n int value = Integ...
8436quality-ruleAvoid thread injectionDocumentation englishname = Avoid thread injection vulnerabilitiesUpdatedname = Avoid thread injection
8490quality-ruleAvoid SQL injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8492quality-ruleAvoid LDAP injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8494quality-ruleAvoid OS command injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8498quality-ruleAvoid thread injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8504quality-ruleAvoid XPath injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8506quality-ruleAvoid file path manipulation through API requestsDocumentation englishname = ...ipulation vulnerabilities through API requestsUpdatedname = ...ipulation through API requests
8508quality-ruleAvoid log forging through API requestsDocumentation englishname = ...g forging vulnerabilities through API requestsUpdatedname = ...g forging through API requests
8508quality-ruleAvoid log forging through API requestsDocumentation englishremediationSample = String val; // value given by an API request\ntry {\n int value = Integer.parse...UpdatedremediationSample = String taintedInput; // value given by an API request\ntry {\n int value = Inte...
8508quality-ruleAvoid log forging through API requestsDocumentation englishsample = String val; // value given by an API request\ntry {\n int value = Integer.parse...Updatedsample = String taintedInput; // value given by an API request\ntry {\n int value = Inte...
8520quality-ruleAvoid second order regular expression injectionDocumentation englishname = ...ond order Regular expression injectionUpdatedname = ...ond order regular expression injection
8522quality-ruleAvoid regular expression injection through API requestsDocumentation englishname = Avoid Regular expression injection through API requestsUpdatedname = Avoid regular expression injection through API requests
8530quality-ruleAvoid XQuery injectionDefinitionMissingAddedactive = true, detached = false
8530quality-ruleAvoid XQuery injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8532quality-ruleAvoid second order XQuery injectionDefinitionMissingAddedactive = true, detached = false
8532quality-ruleAvoid second order XQuery injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8534quality-ruleAvoid XQuery injection through API requestsDefinitionMissingAddedactive = true, detached = false
8534quality-ruleAvoid XQuery injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.33 - 8.3.34

This section lists the results of a comparison between a CAST AIP 8.3.33 Assessment Model and a CAST AIP 8.3.34 Assessment Model. You can download the original compare_8333_8334.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.33 Assessment ModelChangeCAST 8.3.34 Assessment Model
1596quality-ruleAvoid using "nullable" Columns except in the last position in a TableDocumentation englishassociatedValueName = Column nameRemovedMissing
1596quality-ruleAvoid using "nullable" Columns except in the last position in a TableDiagnosisdiagnosisValueType = textUpdateddiagnosisValueType = no-value
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediationSample = Sample 1\n// include validation code for rawInputData --> cleanData\nresponse.add...UpdatedremediationSample = //Sample 1\n// A possibility is to sanitize the rawInputData variable\nimport org....
7740quality-ruleAvoid HTTP response splittingDocumentation englishsample = Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\nSample 2\nString header ...Updatedsample = //Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\n//Sample 2\nString hea...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishremediationSample = Sample 1\n// include validation code for rawInputData --> cleanData\nresponse.add...UpdatedremediationSample = //Sample 1\n// A possibility is to sanitize the rawInputData variable\nimport org....
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishsample = Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\nSample 2\nString header ...Updatedsample = //Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\n//Sample 2\nString hea...

AIP 8.3.32 - 8.3.33

This section lists the results of a comparison between a CAST AIP 8.3.32 Assessment Model and a CAST AIP 8.3.33 Assessment Model. You can download the original compare_8332_8333.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.32 Assessment ModelChangeCAST 8.3.33 Assessment Model
8034quality-ruleWorking-Storage variables must be initialized before being readDocumentation englishname = Variables defined in Working-Storage section must be initialized before to be re...Updatedname = Working-Storage variables must be initialized before being read

AIP 8.3.31 - 8.3.32

This section lists the results of a comparison between a CAST AIP 8.3.31 Assessment Model and a CAST AIP 8.3.32 Assessment Model. You can download the original compare_8331_8332.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.31 Assessment ModelChangeCAST 8.3.32 Assessment Model
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishdescription = ...at contain a 'break' statement in a 'for' loop. 'break' statements located in ne...Updateddescription = ...at contains multiple 'break' statement in a 'for' loop. 'break' statements locat...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishname = ...oid using a break statement in 'for' loopsUpdatedname = ...oid using multiple break statement in 'for' loops
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishrationale = ...ad. Using too many 'break' statements in 'for' loops makes them more difficult t...Updatedrationale = ...ad. Using many 'break' statements in 'for' loops makes them more difficult to re...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishsample = ... \n if (true) \n {\n break; // Violation\n }\n // ...\n}Updatedsample = ... \n if ( ... ) \n {\n // do something..\n\n break; // compliant...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishMissingAddedreference = MISRA C++:2008, 6-6-4 - For any iteration statement there shall be no more than ...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishMissingAddedremediationSample = for (int i = 0; i < 10; i++) \n{ \n if ( ... ) \n {\n // do some...

AIP 8.3.30 - 8.3.31

This section lists the results of a comparison between a CAST AIP 8.3.30 Assessment Model and a CAST AIP 8.3.31 Assessment Model. You can download the original compare_8330_8331.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.30 Assessment ModelChangeCAST 8.3.31 Assessment Model
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishdescription = ...e pattern (defined here: http://msdn.microsoft.com/en-us/library/b1yfkh5e(VS.71)...Updateddescription = ...e pattern that is 'Dispose(bool)' methods. You should keep it\ninside try of try/...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishreference = Resource Management in .NET\nby Krzysztof Cwalina\nProgram Manager - Microsoft .NE...Updatedreference = https://docs.microsoft.com/en-us/dotnet/standard/garbage-collection/implementing...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishMissingAddedoutput = This report lists all Dispose methods with no try/finally block or with no call ...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishMissingAddedremediation = keep dispose(bool) method in try-finally block and inside finally block make use...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishMissingAddedsample = protected virtual void Dispose(bool disposing) \n{\n if (disposing) \n {\n ...
7526quality-ruleAvoid using hard-coded pathsDocumentation englishdescription = ...using hardcoded paths instead of using logical file pathsUpdateddescription = ...using hard-coded paths instead of using logical file paths
7526quality-ruleAvoid using hard-coded pathsDocumentation englishname = ...using hardcoded pathsUpdatedname = ...using hard-coded paths
7526quality-ruleAvoid using hard-coded pathsDocumentation englishrationale = ...ad of hardcoded paths.Updatedrationale = ...ad of hard-coded paths.
7526quality-ruleAvoid using hard-coded pathsDocumentation englishremediation = ...ad of hardcoded paths and the standard ABAP function "FILE_GET_NAME" instead.Updatedremediation = ...ad of hard-coded paths and the standard ABAP function "FILE_GET_NAME" instead.
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishdescription = ...ode after accessing an IMS database.Updateddescription = ...ode after calling the DL/I call.
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishrationale = When accessing IMS databases it is recommended to check the return code based on...Updatedrationale = When calling the DL/I call it is recommended to check the return code based on t...
8430quality-ruleAvoid using hard-coded seed or no seed at all for random values generationDocumentation englishname = ...using hardcoded seed or no seed at all for random values generationUpdatedname = ...using hard-coded seed or no seed at all for random values generation

AIP 8.3.29 - 8.3.30

This section lists the results of a comparison between a CAST AIP 8.3.29 Assessment Model and a CAST AIP 8.3.30 Assessment Model. You can download the original compare_8329_8330.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.29 Assessment ModelChangeCAST 8.3.30 Assessment Model
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishdescription = ...Functions that are not referenced except main.\n\nNotes: \n- JavaScript eventHandle...Updateddescription = ...Functions and Procedures that are not referenced except main.\n\nNotes: \n- JavaScr...
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishname = Avoid unreferenced FunctionsUpdatedname = Avoid unreferenced Functions and Procedures
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishoutput = ... Functions\nIt provides the following information:\n Function full name.Updatedoutput = ... Functions / Procedures\nIt provides the following information:\n Function / Proc...
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishremediation = ... Function is truly unnecessary.\nRemove Functions that are not used.Updatedremediation = ... Function / Procedure is truly unnecessary.\nRemove Functions / Procedures that a...
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishMissingAddedreference = CISQ/OMG : ASCMM-MNT-20 (Unreachable Named Callable or Method Control Element)\nh...

AIP 8.3.28 - 8.3.29

This section lists the results of a comparison between a CAST AIP 8.3.28 Assessment Model and a CAST AIP 8.3.29 Assessment Model. You can download the original compare_8328_8329.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.28 Assessment ModelChangeCAST 8.3.29 Assessment Model
3570quality-ruleDELETED: Avoid using Keywords as namesQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 2RemovedMissing contribution
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7832quality-ruleAvoid unreferenced ClassesTechnologies[ABAP, Visual Basic, C++, JEE]UpdatedRemoved: [JEE]
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishoutput = - Method full name - Call stack from user input source down to the target log me...Updatedoutput = List all methods that make resource calls forged by user input It provides the ...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishreference = ....org/data/definitions/117.html Open Web Application Security Project (OWASP) ht...Updatedreference = ....org/data/definitions/117.html
8098quality-ruleAvoid uncontrolled format stringDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the foll...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishremediationSample = // Never mix trusted and untrusted dataUpdatedremediationSample = // The goal is to never mix trusted and untrusted data. // There is no generic s...
8240quality-ruleAvoid using unsecured cookieDocumentation englishdescription = The 'Secure' attribute for sensitive cookies in HTTPS sessions is not set, which...Updateddescription = This rule will check in the source code if the 'Secure' attribute for sensitive ...
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishreference = ....org/data/definitions/330.html Open Web Application Security Project (OWASP) ht...Updatedreference = ....org/data/definitions/330.html
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishoutput = List all methods that miss calling the required input validation calls It provi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishoutput = List all methods that miss calling the required input validation calls It provi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8418quality-ruleAvoid NoSQL injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8420quality-ruleAvoid second order SQL injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8434quality-ruleAvoid process controlDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8438quality-ruleAvoid code injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8440quality-ruleAvoid reflection injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8442quality-ruleAvoid resource injectionDocumentation englishdescription = ...he intended sphere of control.Updateddescription = ...he intended sphere of control. Resources may be sockets or connection strings.
8442quality-ruleAvoid resource injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8442quality-ruleAvoid resource injectionDocumentation englishremediationSample = ... int result = VALUE; serverSocket = new ServerSocket(result); ...UpdatedremediationSample = Using "socket injection" (JEE) ______________________________ ... int result = V...
8442quality-ruleAvoid resource injectionDocumentation englishsample = ... String value = request.getParameter("value"); int result = Integer.parseInt(...Updatedsample = Using "socket injection" (JEE) ______________________________ ... String value =...
8444quality-ruleAvoid resource URL manipulationDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8446quality-ruleAvoid URL redirection to untrusted siteDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8482quality-ruleAvoid cross-site scripting through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8486quality-ruleAvoid resource injection through API requestsDocumentation englishdescription = ...he intended sphere of control.Updateddescription = ...he intended sphere of control. Resources may be sockets or connection strings.
8486quality-ruleAvoid resource injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8486quality-ruleAvoid resource injection through API requestsDocumentation englishremediationSample = ... int result = VALUE; serverSocket = new ServerSocket(result); ...UpdatedremediationSample = Using "socket injection" (JEE) ______________________________ ... int result = V...
8486quality-ruleAvoid resource injection through API requestsDocumentation englishsample = ... // value is the String given by an API request int result = Integer.parseInt...Updatedsample = Using "socket injection" (JEE) ______________________________ ... // value is th...
8488quality-ruleAvoid resource URL manipulation through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8490quality-ruleAvoid SQL injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8492quality-ruleAvoid LDAP injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8494quality-ruleAvoid OS command injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8496quality-ruleAvoid process control through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8498quality-ruleAvoid thread injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8500quality-ruleAvoid code injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8502quality-ruleAvoid reflection injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8506quality-ruleAvoid file path manipulation vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8508quality-ruleAvoid log forging vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8508quality-ruleAvoid log forging vulnerabilities through API requestsDocumentation englishreference = ....org/data/definitions/117.html Open Web Application Security Project (OWASP) ht...Updatedreference = ....org/data/definitions/117.html
8510quality-ruleAvoid uncontrolled format string through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8512quality-ruleAvoid mixing trusted and untrusted data in HTTP requests through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8514quality-ruleAvoid NoSQL injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8516quality-ruleAvoid URL redirection to untrusted site through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8518quality-ruleAvoid Regular expression injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8520quality-ruleAvoid second order Regular expression injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8522quality-ruleAvoid Regular expression injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8524quality-ruleAvoid deserialization injectionDefinitionMissingAddedactive = true, detached = false
8524quality-ruleAvoid deserialization injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8526quality-ruleAvoid second order deserialization injectionDefinitionMissingAddedactive = true, detached = false
8526quality-ruleAvoid second order deserialization injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8528quality-ruleAvoid deserialization injection through API requestsDefinitionMissingAddedactive = true, detached = false
8528quality-ruleAvoid deserialization injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.27 - 8.3.28

No change between a CAST AIP 8.3.27 Assessment Model and a CAST AIP 8.3.28 Assessment Model.

AIP 8.3.26 - 8.3.27

This section lists the results of a comparison between a CAST AIP 8.3.26 Assessment Model and a CAST AIP 8.3.27 Assessment Model. You can download the original compare_8326_8327.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.26 Assessment ModelChangeCAST 8.3.27 Assessment Model
7792quality-ruleAvoid Classes with a High Number Of ChildrenDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of classes
7834quality-ruleAvoid undocumented InterfacesTechnologies[ABAP, C++, C#, VB.NET, .NET (Legacy Analyzer)]UpdatedAdded: [JEE]
7838quality-ruleAvoid undocumented MethodsTechnologies[ABAP, Visual Basic, PowerBuilder, C++, C#, VB.NET, .NET (Legacy Analyzer)]UpdatedAdded: [JEE]
7844quality-ruleAvoid undocumented ClassesTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, .NET (Legacy Analyzer), HTML5]UpdatedAdded: [JEE]
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishrationale = ...ser. The most dangerous web application vulnerabilty is known as cross-site scr...Updatedrationale = ...ser. The cross-site scripting (XSS) is a dangerous web application vulnerabilit...
8478quality-ruleAvoid Buffer Overruns when using ADD, SUBTRACT, MULTIPLY, DIVIDE & COMPUTE statement inside a loopDocumentation englishremediation = ...these statments inside a loop.Updatedremediation = ...these statements inside a loop.
8482quality-ruleAvoid cross-site scripting through API requestsDocumentation englishrationale = ...ser. The most dangerous web application vulnerabilty is known as cross-site scr...Updatedrationale = ...ser. The cross-site scripting (XSS) is a dangerous web application vulnerabilit...

AIP 8.3.25 - 8.3.26

This section lists the results of a comparison between a CAST AIP 8.3.25 Assessment Model and a CAST AIP 8.3.26 Assessment Model. You can download the original compare_8325_8326.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.25 Assessment ModelChangeCAST 8.3.26 Assessment Model
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsTechnologies[C#, VB.NET]UpdatedAdded: [JEE]
8516quality-ruleAvoid URL redirection to untrusted site through API requestsTechnologies[VB.NET, JEE]UpdatedAdded: [C#]
8518quality-ruleAvoid Regular expression injectionDefinitionMissingAddedactive = true, detached = false
8518quality-ruleAvoid Regular expression injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8520quality-ruleAvoid second order Regular expression injectionDefinitionMissingAddedactive = true, detached = false
8520quality-ruleAvoid second order Regular expression injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8522quality-ruleAvoid Regular expression injection through API requestsDefinitionMissingAddedactive = true, detached = false
8522quality-ruleAvoid Regular expression injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.24 - 8.3.25

This section lists the results of a comparison between a CAST AIP 8.3.24 Assessment Model and a CAST AIP 8.3.25 Assessment Model. You can download the original compare_8324_8325.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.24 Assessment ModelChangeCAST 8.3.25 Assessment Model
8468quality-ruleProgram semantic should respect the logic of flow executionDocumentation englishrationale = error-proneUpdatedrationale = The code contains a control flow path that does not reflect the algorithm that t...
8482quality-ruleAvoid cross-site scripting through API requestsDefinitionMissingAddedactive = true, detached = false
8482quality-ruleAvoid cross-site scripting through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8484quality-ruleAvoid HTTP response splitting through API requestsDefinitionMissingAddedactive = true, detached = false
8484quality-ruleAvoid HTTP response splitting through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8486quality-ruleAvoid resource injection through API requestsDefinitionMissingAddedactive = true, detached = false
8486quality-ruleAvoid resource injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8488quality-ruleAvoid resource URL manipulation through API requestsDefinitionMissingAddedactive = true, detached = false
8488quality-ruleAvoid resource URL manipulation through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8490quality-ruleAvoid SQL injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8490quality-ruleAvoid SQL injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8492quality-ruleAvoid LDAP injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8492quality-ruleAvoid LDAP injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8494quality-ruleAvoid OS command injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8494quality-ruleAvoid OS command injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8496quality-ruleAvoid process control through API requestsDefinitionMissingAddedactive = true, detached = false
8496quality-ruleAvoid process control through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8498quality-ruleAvoid thread injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8498quality-ruleAvoid thread injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8500quality-ruleAvoid code injection through API requestsDefinitionMissingAddedactive = true, detached = false
8500quality-ruleAvoid code injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8502quality-ruleAvoid reflection injection through API requestsDefinitionMissingAddedactive = true, detached = false
8502quality-ruleAvoid reflection injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8506quality-ruleAvoid file path manipulation vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8506quality-ruleAvoid file path manipulation vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8508quality-ruleAvoid log forging vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8508quality-ruleAvoid log forging vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 8
8510quality-ruleAvoid uncontrolled format string through API requestsDefinitionMissingAddedactive = true, detached = false
8510quality-ruleAvoid uncontrolled format string through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8512quality-ruleAvoid mixing trusted and untrusted data in HTTP requests through API requestsDefinitionMissingAddedactive = true, detached = false
8512quality-ruleAvoid mixing trusted and untrusted data in HTTP requests through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8514quality-ruleAvoid NoSQL injection through API requestsDefinitionMissingAddedactive = true, detached = false
8514quality-ruleAvoid NoSQL injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8516quality-ruleAvoid URL redirection to untrusted site through API requestsDefinitionMissingAddedactive = true, detached = false
8516quality-ruleAvoid URL redirection to untrusted site through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.23 - 8.3.24

This section lists the results of a comparison between a CAST AIP 8.3.23 Assessment Model and a CAST AIP 8.3.24 Assessment Model. You can download the original compare_8323_8324.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.23 Assessment ModelChangeCAST 8.3.24 Assessment Model
634quality-ruleAvoid using VARIANT StructuresDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = object
4576quality-ruleProvide accessors to Private FieldsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 559, propertyID = 141004
4576quality-ruleProvide accessors to Private FieldsDocumentation englishdescription = ...fields. Accessors are identified using the following java bean naming convent...Updateddescription = ...fields. Accessors are identified using the following java bean naming conventi...
4576quality-ruleProvide accessors to Private FieldsDocumentation englishrationale = ...cessors. The only exception is injected fields of classes which are managed by...Updatedrationale = ...cessors. The only exception is injected fields of classes which are managed by ...
4576quality-ruleProvide accessors to Private FieldsDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4576quality-ruleProvide accessors to Private FieldsOperationlocalSiteDiagnose = DIAG_SCOPE_JAVABEST014UpdatedlocalSiteDiagnose = null
4576quality-ruleProvide accessors to Private FieldsOperationlocalSiteCountTotal = DIAG_JAVA_PRIV_FIELD_TOTALUpdatedlocalSiteCountTotal = null
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishremediationSample = ...X classes update the same table public class TestUpdate { public static void...UpdatedremediationSample = ...X classes delete the same table public class TestDelete { public static void...
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishsample = ...class TestUpdate1 { public static void main(java.lang.String[] args) { ...Updatedsample = ...class TestDelete1 { public static void main(java.lang.String[] args) { ...
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022005, propertyID = 140999
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.Documentation englishdescription = Reports all Hibernate or JPA Entities that use many-to-many association.Updateddescription = This rule reports all Hibernate or JPA Entities that use many-to-many associatio...
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.Documentation englishname = Avoid many-to-many associationUpdatedname = Avoid Hibernate and JPA Entities using many-to-many association.
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.OperationlocalSiteDiagnose = DIAG_SCOPE_JEEAHML001UpdatedlocalSiteDiagnose = null
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.OperationlocalSiteCountViolations = count-distinctUpdatedlocalSiteCountViolations = count
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.OperationlocalSiteCountTotal = DIAG_JEE_HIBE_ASSO_TOTALUpdatedlocalSiteCountTotal = null
8240quality-ruleAvoid using unsecured cookieDocumentation englishdescription = ...he method "setSecure" ensures that the session cookie is not visible to an attac...Updateddescription = ...he method 'setSecure' ensures that the session cookie is not visible to an attac...
8438quality-ruleAvoid code injectionDocumentation englishreference = CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS C...Updatedreference = CWE-94: Improper Control of Generation of Code ('Code Injection') https://cwe.mi...
8468quality-ruleProgram semantic should respect the logic of flow executionDefinitionMissingAddedactive = true, detached = false
8468quality-ruleProgram semantic should respect the logic of flow executionQuality Contribution to 'Programming Practices - Structuredness' (61024)Missing contributionAddedcritical = true, weight = 8
8470quality-ruleAvoid using STRING without overflow checkDefinitionMissingAddedactive = true, detached = false
8470quality-ruleAvoid using STRING without overflow checkQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)Missing contributionAddedcritical = true, weight = 8
8476quality-ruleAvoid calling unsafe C library functions from COBOLDefinitionMissingAddedactive = true, detached = false
8476quality-ruleAvoid calling unsafe C library functions from COBOLQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 8
8478quality-ruleAvoid Buffer Overruns when using ADD, SUBTRACT, MULTIPLY, DIVIDE & COMPUTE statement inside a loopDefinitionMissingAddedactive = true, detached = false
8478quality-ruleAvoid Buffer Overruns when using ADD, SUBTRACT, MULTIPLY, DIVIDE & COMPUTE statement inside a loopQuality Contribution to 'Secure Coding - Time and State' (66065)Missing contributionAddedcritical = true, weight = 8
8480quality-ruleAvoid using PREPARE STMT statement (Dynamic SQL) with STRING containing HOST variablesDefinitionMissingAddedactive = true, detached = false
8480quality-ruleAvoid using PREPARE STMT statement (Dynamic SQL) with STRING containing HOST variablesQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 10

AIP 8.3.22 - 8.3.23

This section lists the results of a comparison between a CAST AIP 8.3.22 Assessment Model and a CAST AIP 8.3.23 Assessment Model. You can download the original compare_8322_8323.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.22 Assessment ModelChangeCAST 8.3.23 Assessment Model
2586quality-ruleDELETED: Utilization of "DoEvents" inside a loopActivationactive = true, detached = falseUpdateddetached = true
2586quality-ruleDELETED: Utilization of "DoEvents" inside a loopDocumentation englishname = Utilization of "DoEvents" inside a loopUpdatedname = DELETED: Utilization of "DoEvents" inside a loop
2586quality-ruleUtilization of "DoEvents" inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 8RemovedMissing contribution
8062quality-ruleAn unconditional 'throw', 'return' or 'break' shall terminate every non-empty switch-clauseDocumentation englishreference = MISRA C++Updatedreference = MISRA C++, 2008 Rule 6-4-5: An unconditional throw or break statement shall ter...
8098quality-ruleAvoid uncontrolled format stringDocumentation englishremediationSample = ...l inputs. Don't use inputs in formatters.UpdatedremediationSample = ...l inputs. Never use inputs in formatters.
8098quality-ruleAvoid uncontrolled format stringDocumentation englishsample = ...rmatter = FormatterCase(); PrintReq() {} public void execute...Updatedsample = ...rmatter = new FormatterCase(); PrintReq() {} public void exe...
8240quality-ruleAvoid using unsecured cookieDocumentation englishdescription = ...s in plaintext over an HTTP session. Using the method "setSecure" ensures that ...Updateddescription = ...s in plain text over an HTTP session. Using the method "setSecure" ensures that...

AIP 8.3.21 - 8.3.22

This section lists the results of a comparison between a CAST AIP 8.3.21 Assessment Model and a CAST AIP 8.3.22 Assessment Model. You can download the original compare_8321_8322.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.21 Assessment ModelChangeCAST 8.3.22 Assessment Model
7246quality-ruleAvoid Packages with High Efferent Coupling (CE)OperationlocalSiteCountTotal = DIAG_JAVA_ALLCLASS_INT_TOTALUpdatedlocalSiteCountTotal = DIAG_JAVA_CLASS_PACKAGES_TOTAL
7248quality-ruleAvoid Packages with High Afferent Coupling (CA)OperationlocalSiteCountTotal = DIAG_JAVA_APP_CLASS_INT_TOTALUpdatedlocalSiteCountTotal = DIAG_JAVA_CLASS_PACKAGES_TOTAL

AIP 8.3.20 - 8.3.21

This section lists the results of a comparison between a CAST AIP 8.3.20 Assessment Model and the CAST AIP 8.3.21 Assessment Model. You can download the original compare_8320_8321.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.20 Assessment ModelChangeCAST 8.3.21 Assessment Model
3570quality-ruleDELETED: Avoid using Keywords as namesActivationactive = true, detached = falseUpdatedactive = false
3570quality-ruleDELETED: Avoid using Keywords as namesDocumentation englishname = Avoid using Keywords as namesUpdatedname = DELETED: Avoid using Keywords as names
7862quality-ruleAvoid catching an exception of type Exception, RuntimeException, or ThrowableDocumentation englishreference = Exception-Handling Antipatterns by Tim McCune http://today.java.net/pub/a/today/...Updatedreference = SEI CERT Oracle Coding Standard for Java https://wiki.sei.cmu.edu/confluence/dis...

AIP 8.3.19 - 8.3.20

This section lists the results of a comparison between a CAST AIP 8.3.19 Assessment Model and the CAST AIP 8.3.20 Assessment Model. You can download the original compare_8319_8320.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.19 Assessment ModelChangeCAST 8.3.20 Assessment Model
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishremediation = Apply referential integrity through constraint::Updatedremediation = Check the statement and if so, add primary key.
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishsample = ...d_col INT PRIMARY KEY, col2 CHARACTER VARYING(20), ... )Updatedsample = ...d_col INT, col2 CHARACTER VARYING(20), ... )
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishMissingAddedreference = https://stackoverflow.com/questions/39649981/why-is-it-a-bad-idea-to-have-a-tabl...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishdescription = ...g a query that has only non-SARGable arquments expressions in where clauses or i...Updateddescription = ...g a query having 100% non-SARGable arguments expressions in where clauses or in ...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishrationale = non-SARGable WHERE clauses are performances killers : for a non-SARGable query, ...Updatedrationale = Non-SARGable WHERE clauses, having 100% Non-SARGable arguments, are performances...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishMissingAddedreference = http://dotnetvj.blogspot.com/2010/02/sargable-vs-non-sargable-queries.html

AIP 8.3.18 - 8.3.19

This section lists the results of a comparison between a CAST AIP 8.3.18 Assessment Model and the CAST AIP 8.3.19 Assessment Model. You can download the original compare_8318_8319.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.18 Assessment ModelChangeCAST 8.3.19 Assessment Model
4594quality-ruleAvoid using 'java.io.File'Documentation englishdescription = ...on Server (when web.xml or ejb-jar.xml file are present)Updateddescription = ...on Server to avoid any kind of dependencies with deployment environment of your ...
4594quality-ruleAvoid using 'java.io.File'Documentation englishrationale = ...e the application is deployed.Updatedrationale = ...e the application is deployed. Also, a program violates the Enterprise JavaBean...
4594quality-ruleAvoid using 'java.io.File'Documentation englishMissingAddedreference = https://cwe.mitre.org/data/definitions/576.html https://cwe.mitre.org/data/defi...
4594quality-ruleAvoid using 'java.io.File'Documentation englishMissingAddedsample = File f = new File(request.getParameter("fileName")) --------------- File f = n...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishoutput = This report lists all Java artifacts using 'Throwable.printStackTrace()'. It pro...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishrationale = ...up the stdout or the log file.Updatedrationale = ...up the stdout or the log file. It is recommended to use a Logger instead.
7202quality-ruleCheck usage of '==' and '!=' on objectsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022004, propertyID = 140955
7202quality-ruleCheck usage of '==' and '!=' on objectsDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7202quality-ruleCheck usage of '==' and '!=' on objectsOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM003UpdatedlocalSiteDiagnose = null
7202quality-ruleCheck usage of '==' and '!=' on objectsOperationlocalSiteCountTotal = DIAG_JAVA_NA_METH_CTOR_TOTALUpdatedlocalSiteCountTotal = null
7210quality-ruleAvoid instantiations inside loopsDocumentation englishrationale = ...iples is this: Avoid excessive object creation. This doesn't mean that you shoul...Updatedrationale = ...iples is to Avoid excessive object creation. This doesn't mean that you should g...
7210quality-ruleAvoid instantiations inside loopsDocumentation englishtotal = Total number of methods and constructorsUpdatedtotal = Number of non abstract Java Artifacts
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishdescription = This metric will detect all cases where this is - directly or not - referenced i...Updateddescription = This rule detects all cases where this is - directly or not - referenced in a co...
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishtotal = the total procedure counts all constructorsUpdatedtotal = Number of constructors
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishdescription = For JSE 4.x and previous version, all methods that are not synchronized and that...Updateddescription = Double checked locking is a software design pattern used to reduce locking overh...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishname = Avoid double checked lockingUpdatedname = Avoid double checked locking for JSE 4.x and previous version
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishoutput = This report lists all Methods that use double checked locking pattern. It provid...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishrationale = Double checked locking is a software design pattern used to reduce locking overh...Updatedrationale = Double-checked locking refers to the situation where a programmer checks to see ...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishreference = http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html http://ww...Updatedreference = https://cwe.mitre.org/data/definitions/609.html http://www.cs.umd.edu/~pugh/java...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishtotal = The total will be the total of methods that are synchronized or use the synchron...Updatedtotal = Number of methods that are synchronized or use the synchronized keyword
7504quality-rulePersistent classes should Implement hashCode() and equals()DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 532, propertyID = 140963
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishreference = ...tive-java-equals-and-hashcode/Updatedreference = ...tive-java-equals-and-hashcode/ https://projectlombok.org/features/EqualsAndHash...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishremediation = ...the case. If it is not the case, we recommend implementing it anyway to avoid is...Updatedremediation = ...the case. If it is not the case, we recommend implementing it anyway to avoid i...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishremediationSample = ... hashCode() { ... } }UpdatedremediationSample = ... hashCode() { ... } } // Use lombock annotation @EqualsAndHashCode; --...
7504quality-rulePersistent classes should Implement hashCode() and equals()DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7504quality-rulePersistent classes should Implement hashCode() and equals()OperationlocalSiteDiagnose = DIAG_SCOPE_JEEUB002UpdatedlocalSiteDiagnose = null
7504quality-rulePersistent classes should Implement hashCode() and equals()OperationlocalSiteCountTotal = DIAG_JEE_PERSISTCLS_TOTALUpdatedlocalSiteCountTotal = null
8216quality-ruleAvoid using incompatible mutationDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8216quality-ruleAvoid using incompatible mutationDocumentation englishdescription = Reports all incorrect numeric type conversions which may produce unexpected resu...Updateddescription = This rule reports all incorrect numeric type conversions which may produce unexp...
8216quality-ruleAvoid using incompatible mutationDocumentation englishname = CWE-681: Avoid numerical data corruption during incompatible mutationUpdatedname = Avoid using incompatible mutation
8216quality-ruleAvoid using incompatible mutationDocumentation englishoutput = Reports all incorrect numeric type conversions which may produce unexpected resu...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8216quality-ruleAvoid using incompatible mutationDocumentation englishtotal = All artefacts that can reference an incompatible mutation which includes methods...Updatedtotal = Number of Java artifacts that can reference an incompatible mutation which inclu...
8418quality-ruleAvoid NoSQL injectionDocumentation englishreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...Updatedreference = CWE-943: Improper Neutralization of Special Elements in Data Query Logic https:/...
8464quality-ruleAvoid Open SQL SELECT queries without WHERE condition on XXL TablesDefinitionMissingAddedactive = true, detached = false
8464quality-ruleAvoid Open SQL SELECT queries without WHERE condition on XXL TablesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = true, weight = 9
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishdescription = ...A/NONE is found in source code This rule is compliant with : CWE-780 - Use of ...Updateddescription = ...A/NONE is found in source code
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishoutput = This rule reports full name of the java method using RSA encryption algorithm wi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishrationale = ...act of predictable common textUpdatedrationale = ...act of predictable common text.
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishremediationSample = ...("RSA/ECB/PKCS1Padding", "BC");UpdatedremediationSample = ...("RSA/ECB/OAEPWithMD5AndMGF1Padding", "BC");
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishtotal = java methodUpdatedtotal = Number of Java methods

AIP 8.3.17 - 8.3.18

This section lists the results of a comparison between a CAST AIP 8.3.17 Assessment Model and the CAST AIP 8.3.18 Assessment Model. You can download the original compare_8317_8318.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.17 Assessment ModelChangeCAST 8.3.18 Assessment Model
7522quality-ruleDELETED: Avoid using literals in assignments (hardcoded values)Documentation englishname = Avoid using literals in assignments (hardcoded values)Updatedname = DELETED: Avoid using literals in assignments (hardcoded values)
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishdescription = The product mixes trusted and untrusted data in the same data structure or struc...Updateddescription = Using CAST data-flow engine, this quality rule detects paths from user input met...

AIP 8.3.16 - 8.3.17

This section lists the results of a comparison between a CAST AIP 8.3.16 Assessment Model and the CAST AIP 8.3.17 Assessment Model. You can download the original compare_8316_8317.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.16 Assessment ModelChangeCAST 8.3.17 Assessment Model
1606quality-ruleTriggers should not directly modify tables, a procedure or function should be used insteadTechnologies[Forms, PL/SQL]UpdatedAdded: [SQL]
3612quality-ruleAvoid missing release of SQL connection after an effective lifetime (C#, VB.NET)Documentation englishname = Close SQL connection ASAPUpdatedname = Avoid missing release of SQL connection after an effective lifetime (C#, VB.NET)
3612quality-ruleAvoid missing release of SQL connection after an effective lifetime (C#, VB.NET)Documentation englishreference = CISQ rules: ASCPEM-PRF-15, ASCRM-CWE-772.Updatedreference = https://cwe.mitre.org/data/definitions/772.html ASCPEM-PRF-15, ASCRM-CWE-772.
7786quality-ruleAvoid long Table or View namesTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7824quality-ruleAvoid directly throwing instance of Exception classDocumentation englishname = The exception Exception should never been thrown. Always Subclass Exception and ...Updatedname = Avoid directly throwing instance of Exception class
7840quality-ruleTrigger naming convention - prefix controlTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7840quality-ruleTrigger naming convention - prefix controlParameter #1: Trigger name prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [U_, D_, L_]
7852quality-ruleDatabase view naming convention - prefix controlTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7852quality-ruleDatabase view naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [V_, v_]
7854quality-ruleDatabase table naming convention - prefix controlTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7854quality-ruleDatabase table naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [T_, t_]
7898quality-ruleSQL Function naming convention - prefix controlTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7898quality-ruleSQL Function naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [F_, fn_]
7900quality-ruleStored Procedure naming convention - prefix controlTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7900quality-ruleStored Procedure naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [usp_, SP_, P_]
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishname = Close the outermost stream ASAPUpdatedname = Avoid missing release of stream connection after an effective lifetime
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishremediation = ...up annotation (lombok.Cleanup)Updatedremediation = ...up annotation (lombok.Cleanup) - or use a using statement (.NET only)
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishremediationSample = with finally ~~~~~~~~~~~~ private void correctWriting() throws IOException { ...UpdatedremediationSample = ------- Java ------- with finally ~~~~~~~~~~~~ private void correctWriting()...
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishsample = private void incorrectWriting() throws IOException { DataOutputStream out = ...Updatedsample = ------- Java ------- private void incorrectWriting() throws IOException { D...
8110quality-ruleAvoid not using dedicated stored procedures when processing multiple data accessesDocumentation englishdescription = ...that exceed a threshold value. The threshold for the number of data queries is ...Updateddescription = ...that exceed a threshold value.
8110quality-ruleAvoid not using dedicated stored procedures when processing multiple data accessesDocumentation englishname = Use dedicated stored procedures when multiple data accesses are needed (ASCPEM-P...Updatedname = Avoid not using dedicated stored procedures when processing multiple data access...
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDocumentation englishdescription = ...xception are said to be valid. Note: This quality rule implements the rule ASC...Updateddescription = ...xception are said to be valid.
8240quality-ruleAvoid using unsecured cookieDocumentation englishname = Sensitive cookie in HTTPS session without 'Secure' attributeUpdatedname = Avoid using unsecured cookie
8240quality-ruleAvoid using unsecured cookieDocumentation englishreference = ...017_A3-Sensitive_Data_Exposure https://www.owasp.org/index.php/Top_10-2017_A2-Br...Updatedreference = ...017_A3-Sensitive_Data_Exposure
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishname = Use of insufficiently random valuesUpdatedname = Avoid using insufficient random values for cookies
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishMissingAddedremediationSample = static SecureRandom ranGen = new SecureRandom(); String GenerateReceiptURL(Stri...
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishMissingAddedsample = static Random ranGen = new Random(); String GenerateReceiptURL(String baseUrl) ...
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishdescription = ...re key to generate a HMAC hashUpdateddescription = ...re key to generate a HMAC hash.
8434quality-ruleAvoid process controlDocumentation englishdescription = The software accesses to a library using externally-influenced input from an ups...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishdescription = The software constructs all or part of a thread parameter using externally-influ...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishrationale = ...behavior. This could allow attackers to execute unexpected, dangerous commands d...Updatedrationale = ...behavior. This could allow attackers to execute unexpected, dangerous commands ...
8438quality-ruleAvoid code injectionDocumentation englishdescription = The software constructs all or part of a dynamic evaluation using externally-inf...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8438quality-ruleAvoid code injectionDocumentation englishrationale = ...omponent. This could allow attackers to execute unexpected, dangerous commands d...Updatedrationale = ...omponent. This could allow attackers to execute unexpected, dangerous commands ...
8440quality-ruleAvoid reflection injectionDocumentation englishdescription = The application uses external input with reflection to select which classes or c...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8440quality-ruleAvoid reflection injectionDocumentation englishrationale = ...ectly on the operating system.Updatedrationale = ...ectly on the operating system. The application uses external input with reflect...
8444quality-ruleAvoid resource URL manipulationDocumentation englishdescription = The application uses external input with reflection methods manipulating resourc...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8444quality-ruleAvoid resource URL manipulationDocumentation englishrationale = ...behavior. This may enable an attacker to access or modify otherwise protected sy...Updatedrationale = ...behavior. This may enable an attacker to access or modify otherwise protected s...
8446quality-ruleAvoid URL redirection to untrusted siteDefinitionMissingAddedactive = true, detached = false
8446quality-ruleAvoid URL redirection to untrusted siteQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
1020950quality-ruleAvoid providing password in Web Service URLDefinitionMissingAddedactive = true, detached = false
1020950quality-ruleAvoid providing password in Web Service URLQuality Contribution to 'Secure Coding - Encapsulation' (66066)Missing contributionAddedcritical = true, weight = 7
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishname = ...eries with a cartesian productUpdatedname = ...eries with a cartesian product (SQL)
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishoutput = List all Artifacts which contain a cartesian join. The following information is ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishassociatedValueName = number of violation patternsUpdatedassociatedValueName = Number of violation occurrences
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishname = ...artesian product on XXL TablesUpdatedname = ...artesian product on XXL Tables (SQL)
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishoutput = The output lists all SQL Artifacts using at least one SQL query with a Cartesian...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code from schemas containing XXL t...Updatedtotal = Number of Artifacts with SQL code from schemas containing XXL tables or views.
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishremediationSample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are not XXS. F...UpdatedremediationSample = The remediation is to add index on TABLE1 (COL3, COL1).
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code from schemas containing table...Updatedtotal = Number of Artifacts with SQL code from schemas containing tables or views.
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishMissingAddedsample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are not XXS. F...
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishremediationSample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are XXL. For t...UpdatedremediationSample = The remediation is to add index on TABLE1 (COL3, COL1).
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code from schemas containing XXL t...Updatedtotal = Number of Artifacts with SQL code from schemas containing XXL tables or views.
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishMissingAddedsample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are XXL. For t...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishoutput = List all Artifacts having a non-SARGable query. The following information is pro...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishremediationSample = -- Index scan (slow) WHERE UPPER(ColumnValue) = 'SUMMER' -- not sargable predica...UpdatedremediationSample = -- Index seek (fast) WHERE ColumnValue = 'Summer' -- sargable predicate ------...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishMissingAddedsample = -- Index scan (slow) WHERE UPPER(ColumnValue) = 'SUMMER' -- not sargable predica...
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishoutput = List all Artifacts having NATURAL JOINs. The following information is provided: ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishremediationSample = The following example: SELECT first_name, department_name FROM employees NA...UpdatedremediationSample = Could be rewritten as: SELECT first_name,department_name FROM employees JOI...
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishMissingAddedsample = SELECT first_name, department_name FROM employees NATURAL JOIN departments;
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishoutput = List all Artifacts containing column numbers in ORDER BY clauses. The following ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishremediationSample = The following example: SELECT first_name, department_name FROM employees JO...UpdatedremediationSample = SELECT first_name, department_name FROM employees JOIN departments ON (empl...
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishMissingAddedsample = SELECT first_name, department_name FROM employees JOIN departments ON (empl...
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishname = ...onvention instead of ANSI-Standard joinsUpdatedname = ...onvention instead of ANSI-Standard joins (SQL)
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishoutput = List all Artifacts containing NON ANSI joins. The following information is provi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishremediationSample = The following example: SELECT first_name, department_name FROM employees, depart...UpdatedremediationSample = SELECT first_name, department_name FROM employees JOIN departments ON (empl...
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishMissingAddedsample = SELECT first_name, department_name FROM employees, departments where(employees.m...
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of parameters
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Documentation englishname = ...facts with too many parametersUpdatedname = ...facts with too many parameters (SQL)
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101018quality-ruleAvoid using the GROUP BY clauseTechnologies[SQL]UpdatedAdded: [ABAP]
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishoutput = List all Artifacts containing GROUP BY clauses. The following information is pro...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishremediationSample = The following query should be reviewed: Select T.title_id, T.def_id, T.publisher...RemovedMissing
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishMissingAddedsample = The following query should be reviewed: Select T.title_id, T.def_id, T.publisher...
1101020quality-ruleAvoid using quoted identifiersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101020quality-ruleAvoid using quoted identifiersDocumentation englishoutput = List all Artifacts containing quoted identifiers. The following information is p...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101020quality-ruleAvoid using quoted identifiersDocumentation englishremediationSample = ...DECLARE "End" NUMBER := 1; BEGIN dbms_output.put_line('A quoted identifier E...UpdatedremediationSample = ...DECLARE L_End NUMBER := 1; BEGIN dbms_output.put_line('A quoted identifier E...
1101020quality-ruleAvoid using quoted identifiersDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101020quality-ruleAvoid using quoted identifiersDocumentation englishMissingAddedsample = The following statement should be reviewed: DECLARE "End" NUMBER := 1; BEGIN ...
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishassociatedValueName = This metric displays the list of tables without Primary key constraintsUpdatedassociatedValueName = List of tables without Primary key constraints
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishname = ...oid Tables without Primary KeyUpdatedname = ...oid Tables without Primary Key (SQL)
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishremediationSample = The following statement should be reviewed: create table SQLAMDA001_7_TBL1 (cate...UpdatedremediationSample = Add a primary key: alter table SQLAMDA001_7_TBL1 add constraint SQLAMDA001_7_TBL...
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishtotal = The total procedure counts Tables.Updatedtotal = Number of Tables.
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishMissingAddedsample = The following statement should be reviewed: create table SQLAMDA001_7_TBL1 (cate...
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsTechnologies[SQL]UpdatedAdded: [ABAP]
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishassociatedValueName = This metric lists SQL Artifacts using dynamic SQL.UpdatedassociatedValueName = Number of violation occurrences
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishoutput = List all Artifacts using dynamic SQL. The following information is provided: - T...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishremediationSample = The following procedure should be reviewed: CREATE PROCEDURE SEARCH (IN V_DYNAMI...RemovedMissing
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishMissingAddedsample = The following procedure should be reviewed: CREATE PROCEDURE SEARCH (IN V_DYNAMI...
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishassociatedValueName = This metric lists SQL Artifacts without columns in insert clauses.UpdatedassociatedValueName = Number of violation occurrences
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishoutput = List all Artifacts without columns in INSERT clause. The following information i...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishremediationSample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_VALUES BEGIN...UpdatedremediationSample = Add columns in INSERT clause: CREATE PROCEDURE INSERT_VALUES BEGIN INSERT INTO...
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishMissingAddedsample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_VALUES BEGIN...
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishassociatedValueName = This metric lists SQL Artifacts with NOT EXISTS or NOT IN subqueries.UpdatedassociatedValueName = Number of violation occurrences
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishoutput = List all Artifacts with NO EXISTS and NOT IN subqueries. The following informati...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishremediationSample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_BOOK_TITLE B...UpdatedremediationSample = Replace NOT EXISTS suquerie with MINUS operator: CREATE PROCEDURE INSERT_BOOK_TI...
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishMissingAddedsample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_BOOK_TITLE B...
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsTechnologies[SQL]UpdatedAdded: [ABAP]
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of joined Tables and/or Views
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDocumentation englishname = ...Tables and or ViewsUpdatedname = ...Tables and/or Views
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishname = ...not exists independent clausesUpdatedname = ...not exists independent clauses (SQL)
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishoutput = List all Artifacts which contain independent "exists" and "not exists" clause. ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDocumentation englishoutput = List all Artifacts which contain "DISTINCT", "DISTINCTROW", "UNIQUE" modifiers i...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesTechnologies[Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, ASP.NET, JEE]UpdatedRemoved: [ASP.NET]
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDocumentation englishoutput = List all Artifacts which contain !=, !> and !< operators in SQL WHERE clauses.Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishoutput = List all Artifacts which contain OR conditions testing equality on the same iden...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishassociatedValueName = This metric lists SQL Artifacts with empty catch blocks.UpdatedassociatedValueName = Number of violation occurrences
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishname = Avoid empty catch blocksUpdatedname = Avoid empty catch blocks (SQL)
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishoutput = This report lists all SQL Artifacts with empty catch blocks. The following infor...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101042quality-ruleTable naming convention - character set control (SQL)DefinitionMissingAddedactive = true, detached = false
1101042quality-ruleTable naming convention - character set control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 1
1101044quality-ruleView naming convention - character set control (SQL)DefinitionMissingAddedactive = true, detached = false
1101044quality-ruleView naming convention - character set control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 1
1101046quality-rulePackage naming convention - prefix control (SQL)DefinitionMissingAddedactive = false, detached = false
1101046quality-rulePackage naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 5
1101048quality-rulePackage Function naming convention - prefix control (SQL)DefinitionMissingAddedactive = false, detached = false
1101048quality-rulePackage Function naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 5
1101050quality-rulePackage Stored Procedure naming convention - prefix control (SQL)DefinitionMissingAddedactive = false, detached = false
1101050quality-rulePackage Stored Procedure naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 5
1101052quality-ruleUse WHEN OTHERS in exception management (SQL)DefinitionMissingAddedactive = true, detached = false
1101052quality-ruleUse WHEN OTHERS in exception management (SQL)Quality Contribution to 'Programming Practices - Error and Exception Handling' (61014)Missing contributionAddedcritical = true, weight = 8
1101054quality-ruleNever use WHEN OTHER THEN NULLDefinitionMissingAddedactive = true, detached = false
1101054quality-ruleNever use WHEN OTHER THEN NULLQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)Missing contributionAddedcritical = true, weight = 8
1101056quality-ruleAvoid large Tables - too many columns (SQL)DefinitionMissingAddedactive = true, detached = false
1101056quality-ruleAvoid large Tables - too many columns (SQL)Quality Contribution to 'Volume - Number of Components' (61022)Missing contributionAddedcritical = false, weight = 6
1101058quality-ruleDo not mix ANSI and non-ANSI JOIN syntax in the same queryDefinitionMissingAddedactive = true, detached = false
1101058quality-ruleDo not mix ANSI and non-ANSI JOIN syntax in the same queryQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101060quality-ruleLIKE operator should not start with a wildcard characterDefinitionMissingAddedactive = true, detached = false
1101060quality-ruleLIKE operator should not start with a wildcard characterQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101062quality-ruleUse at most one statement per line (SQL)DefinitionMissingAddedactive = true, detached = false
1101062quality-ruleUse at most one statement per line (SQL)Quality Contribution to 'Documentation - Style Conformity' (61006)Missing contributionAddedcritical = false, weight = 1
1101064quality-ruleAvoid cascading Triggers (SQL)DefinitionMissingAddedactive = true, detached = false
1101064quality-ruleAvoid cascading Triggers (SQL)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)Missing contributionAddedcritical = false, weight = 4
1101066quality-ruleAvoid improperly written triangular joins with XXL tablesDefinitionMissingAddedactive = true, detached = false
1101066quality-ruleAvoid improperly written triangular joins with XXL tablesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101068quality-ruleAvoid synonym with both private and public definitionDefinitionMissingAddedactive = true, detached = false
1101068quality-ruleAvoid synonym with both private and public definitionQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 1
1101070quality-ruleAvoid explicit comparison with NULLDefinitionMissingAddedactive = true, detached = false
1101070quality-ruleAvoid explicit comparison with NULLQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101072quality-ruleTables should be aliasedDefinitionMissingAddedactive = true, detached = false
1101072quality-ruleTables should be aliasedQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 4
1101074quality-ruleTables aliases should not end with a numeric suffixDefinitionMissingAddedactive = true, detached = false
1101074quality-ruleTables aliases should not end with a numeric suffixQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 4
1101076quality-ruleColumn references should be qualifiedDefinitionMissingAddedactive = true, detached = false
1101076quality-ruleColumn references should be qualifiedQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 4
1101078quality-rulePrefer PRIVATE to PUBLIC synonymDefinitionMissingAddedactive = true, detached = false
1101078quality-rulePrefer PRIVATE to PUBLIC synonymQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 1
1101080quality-ruleAvoid orphaned synonymsDefinitionMissingAddedactive = true, detached = false
1101080quality-ruleAvoid orphaned synonymsQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 1
1101082quality-ruleAvoid looping chain of synonymsDefinitionMissingAddedactive = true, detached = false
1101082quality-ruleAvoid looping chain of synonymsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 1
1101084quality-ruleAvoid Cursors inside a loop (SQL)DefinitionMissingAddedactive = true, detached = false
1101084quality-ruleAvoid Cursors inside a loop (SQL)Quality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)Missing contributionAddedcritical = true, weight = 7
1101086quality-ruleVARCHAR2 and NVARCHAR2 should be usedDefinitionMissingAddedactive = true, detached = false
1101086quality-ruleVARCHAR2 and NVARCHAR2 should be usedQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)Missing contributionAddedcritical = false, weight = 2
1101088quality-ruleLONG and LONG RAW datatypes should no longer be usedDefinitionMissingAddedactive = true, detached = false
1101088quality-ruleLONG and LONG RAW datatypes should no longer be usedQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 8

AIP 8.3.15 - 8.3.16

This section lists the results of a comparison between a CAST AIP 8.3.15 Assessment Model and the CAST AIP 8.3.16 Assessment Model. You can download the original compare_8315_8316.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.15 Assessment ModelChangeCAST 8.3.16 Assessment Model
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishdescription = ... programs using the SEARCH statement without the ALL addition, with only one WHE...Updateddescription = ... programs containing SEARCH ALL statements not using the sort key of the table.
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishname = Avoid using SEARCH without the ALL additionUpdatedname = Using SEARCH ALL only with sorted data
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishoutput = This report lists all Cobol Programs that use SEARCH statements without the ALL ...Updatedoutput = Associated to each COBOL Program with violations, the Quality Rule provides: - T...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishrationale = A binary search is a very efficient search when you are dealing with a large tab...Updatedrationale = To use the SEARCH ALL statement to search a table, the table must specify the AS...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishreference = Sort the table data either in Ascending or Descending order and use a SEARCH AL...Updatedreference = https://www.ibm.com/support/knowledgecenter/SS6SGM_4.1.1/com.ibm.cobol.aix.doc/P...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishremediationSample = B-200-LOOP. ... ... processing not related to search ... ... SEA...UpdatedremediationSample = DATA DIVISION. WORKING-STORAGE SECTION. 01 VARIABLE OCCURS 83 ASCENDING KEY I...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishsample = B-200-LOOP. ... ... processing not related to search ... ... SET...Updatedsample = Case 1: Use incorrect key DATA DIVISION. WORKING-STORAGE SECTION. 01 VARIABLE ...
7522quality-ruleAvoid using literals in assignments (hardcoded values)Activationactive = true, detached = falseUpdateddetached = true
7522quality-ruleAvoid using literals in assignments (hardcoded values)Quality Contribution to 'Architecture - OS and Platform Independence' (61004)critical = false, weight = 7RemovedMissing contribution
7524quality-ruleAvoid using BREAK or BREAK-POINT statementDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 3, propertyID = 140969
7524quality-ruleAvoid using BREAK or BREAK-POINT statementOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPPPUB002UpdatedlocalSiteDiagnose = null
7524quality-ruleAvoid using BREAK or BREAK-POINT statementOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIFAC_TOTALUpdatedlocalSiteCountTotal = null
7528quality-ruleNever use the ON CHANGE OF statementDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 3, propertyID = 140970
7528quality-ruleNever use the ON CHANGE OF statementOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPPPUB001UpdatedlocalSiteDiagnose = null
7528quality-ruleNever use the ON CHANGE OF statementOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIFAC_TOTALUpdatedlocalSiteCountTotal = null
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140973
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPSQLCPLEX006UpdatedlocalSiteDiagnose = null
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIF_T_TOTALUpdatedlocalSiteCountTotal = null
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140974
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPEECL001UpdatedlocalSiteDiagnose = null
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsOperationlocalSiteCountTotal = DIAG_ABAP_SQLARTIFACTS_TOTALUpdatedlocalSiteCountTotal = null
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 8, propertyID = 140975
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPPPUB003UpdatedlocalSiteDiagnose = null
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsOperationlocalSiteCountTotal = DIAG_ABAP_ATLOOP_TOTALUpdatedlocalSiteCountTotal = null
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140978
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESDP002UpdatedlocalSiteDiagnose = null
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFOperationlocalSiteCountTotal = DIAG_ABAP_OSQLARTIFACTS_TOTALUpdatedlocalSiteCountTotal = null
7544quality-ruleAvoid using SELECT ... ENDSELECT statementDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140979
7544quality-ruleAvoid using SELECT ... ENDSELECT statementOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESDP004UpdatedlocalSiteDiagnose = null
7544quality-ruleAvoid using SELECT ... ENDSELECT statementOperationlocalSiteCountTotal = DIAG_ABAP_OSQLARTIFACTS_TOTALUpdatedlocalSiteCountTotal = null
7592quality-ruleAvoid using "ORDER BY" in SELECTSDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140980
7592quality-ruleAvoid using "ORDER BY" in SELECTSOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESQL007UpdatedlocalSiteDiagnose = null
7592quality-ruleAvoid using "ORDER BY" in SELECTSOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIF_T_TOTALUpdatedlocalSiteCountTotal = null
7594quality-ruleAvoid using "SELECT DISTINCT", use DELETE-ADJACENTDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140981
7594quality-ruleAvoid using "SELECT DISTINCT", use DELETE-ADJACENTOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESQL008UpdatedlocalSiteDiagnose = null
7594quality-ruleAvoid using "SELECT DISTINCT", use DELETE-ADJACENTOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIF_T_TOTALUpdatedlocalSiteCountTotal = null
7672quality-ruleAvoid using EXIT statement in IncludeDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 9, propertyID = 140983
7672quality-ruleAvoid using EXIT statement in IncludeOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPCACC001UpdatedlocalSiteDiagnose = null
7672quality-ruleAvoid using EXIT statement in IncludeOperationlocalSiteCountTotal = DIAG_ABAP_ANA_INCLUDE_TOTALUpdatedlocalSiteCountTotal = null
7740quality-ruleAvoid HTTP response splittingDocumentation englishdescription = Using CAST data-flow engine, this metric detects paths from user input methods t...Updateddescription = The application uses HTTP headers, but it does not correctly neutralizes CR and ...
7740quality-ruleAvoid HTTP response splittingDocumentation englishname = Avoid cross-site scripting vulnerabilitiesUpdatedname = Avoid HTTP response splitting
7740quality-ruleAvoid HTTP response splittingDocumentation englishrationale = The most dangerous web application vulnerability is known as cross-site scriptin...Updatedrationale = CR and LF characters in an HTTP header may give attackers control of the remaini...
7740quality-ruleAvoid HTTP response splittingDocumentation englishreference = CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...Updatedreference = CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Respon...
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediation = ...thorized sanitization methods.Updatedremediation = ...thorized sanitization methods. To avoid the creation of XSS flaws, the Open Web...
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediationSample = Sample 1 <% String eid = request.getParameter("eid"); %> ... //include validatio...UpdatedremediationSample = Sample 1 // include validation code for rawInputData --> cleanData response.add...
7740quality-ruleAvoid HTTP response splittingDocumentation englishsample = Sample 1 <% String eid = request.getParameter("eid"); %> ... Employee ID: <%= ei...Updatedsample = Sample 1 response.addHeader(HEADER_NAME, rawInputData); Sample 2 String header ...
7740quality-ruleAvoid HTTP response splittingDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-89.Updatedreference = ...php/Top_10-2017_A1-Injection CISQ rule: ASCSM-CWE-89.
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007Updatedreference = ...php/Top_10-2017_A1-Injection
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishreference = ...2007 CISQ: ASCSM-CWE-078Updatedreference = ...2007 CISQ rule: ASCSM-CWE-078.
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007Updatedreference = ...php/Top_10-2017_A1-Injection
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = XPath xPath = XPathFactory.newInstance().newXPath(); InputSource inputXml = new ...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishMissingAddedsample = XPath xPath = XPathFactory.newInstance().newXPath(); InputSource inputXml = new ...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishreference = CWE-73: External Control of File Name or Path https://cwe.mitre.org/data/definit...Updatedreference = CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Trave...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7832quality-ruleAvoid unreferenced ClassesTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedRemoved: [C#, VB.NET, .NET (Legacy Analyzer)]
7882quality-ruleAvoid using Native SQLDiagnosisscopeID = 3, propertyID = 137357UpdatedpropertyID = 140984
7908quality-ruleAvoid unreferenced MethodsTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedRemoved: [C#, VB.NET, .NET (Legacy Analyzer)]
7912quality-ruleAvoid unreferenced Data MembersTechnologies[ABAP, C++, C, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedRemoved: [C#, VB.NET, .NET (Legacy Analyzer)]
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishreference = ....org/data/definitions/117.htmlUpdatedreference = ....org/data/definitions/117.html Open Web Application Security Project (OWASP) ht...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8098quality-ruleAvoid uncontrolled format stringDocumentation englishreference = ...134.html ASCSM 1.0, Automated Source Code Security Measure, Object Management G...Updatedreference = ...134.html Open Web Application Security Project (OWASP) https://www.owasp.org/in...
8098quality-ruleAvoid uncontrolled format stringDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8222quality-ruleAvoid hard-coded credentialsDocumentation englishreference = ....org/data/definitions/259.htmlUpdatedreference = ....org/data/definitions/259.html Open Web Application Security Project (OWASP) ht...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishtotal = Number of methods containing credential parameter(s)Updatedtotal = Number of potentially vulnerable methods
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishreference = ....org/data/definitions/501.htmlUpdatedreference = ....org/data/definitions/501.html Open Web Application Security Project (OWASP) ht...
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishreference = ...614.html https://www.owasp.org/index.php/Top_10_2013-A6-Sensitive_Data_Exposure...Updatedreference = ...614.html Open Web Application Security Project (OWASP) https://www.owasp.org/in...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = ...ber of methods adding a cookie without setting the 'secured' attributeUpdatedtotal = ...ber of methods adding a cookie
8242quality-ruleUse of insufficiently random valuesDocumentation englishreference = ....org/data/definitions/330.htmlUpdatedreference = ....org/data/definitions/330.html Open Web Application Security Project (OWASP) ht...
8242quality-ruleUse of insufficiently random valuesDocumentation englishtotal = Number of methods calling methods producing insufficiently random numbersUpdatedtotal = Number of potentially vulnerable methods
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-79. 2011 Top 25 - Insecure Interaction Bet...Updatedreference = ...php/Top_10-2017_A7-Cross-Site_Scripting_(XSS) CISQ rule: ASCSM-CWE-79.
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-79. 2011 Top 25 - Insecure Interaction Bet...Updatedreference = ...php/Top_10-2017_A7-Cross-Site_Scripting_(XSS) CISQ rule: ASCSM-CWE-79.
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishtotal = Number of methods calling a "read database" methodUpdatedtotal = Number of potentially vulnerable methods
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)Missing contributionAddedcritical = true, weight = 7
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockQuality Contribution to 'Programming Practices - Modularity and OO Encapsulation Conformity' (61020)critical = true, weight = 7RemovedMissing contribution
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishname = Avoid use of a broken or risky cryptographic algorithmUpdatedname = Avoid weak cryptographic algorithm
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishreference = ...327.html A3-OWASPUpdatedreference = ...327.html Open Web Application Security Project (OWASP) https://www.owasp.org/i...
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishreference = ...328.html A3-OWASPUpdatedreference = ...328.html Open Web Application Security Project (OWASP) https://www.owasp.org/i...
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8418quality-ruleAvoid NoSQL injectionTechnologies[C#, VB.NET]UpdatedAdded: [JEE]
8418quality-ruleAvoid NoSQL injectionDocumentation englishname = Avoid NoSQL injection on MongoDB (C#)Updatedname = Avoid NoSQL injection
8418quality-ruleAvoid NoSQL injectionDocumentation englishreference = ...e.org/data/definitions/89.htmlUpdatedreference = ...e.org/data/definitions/89.html Open Web Application Security Project (OWASP) h...
8418quality-ruleAvoid NoSQL injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8420quality-ruleAvoid second order SQL injectionDocumentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-89.Updatedreference = ...php/Top_10-2017_A1-Injection CISQ rule: ASCSM-CWE-89.
8420quality-ruleAvoid second order SQL injectionDocumentation englishtotal = Number of methods calling a "read database" methodUpdatedtotal = Number of potentially vulnerable methods
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishreference = .../321.html A3-OWASP 2017 https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive...Updatedreference = .../321.html Open Web Application Security Project (OWASP) https://www.owasp.org/...
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishtotal = Number of methods containing HMAC key(s)Updatedtotal = Number of potentially vulnerable methods
8434quality-ruleAvoid process controlDocumentation englishreference = ...php/Top_10_2007 CISQ: ASCSM-CWE-078Updatedreference = ...php/Top_10-2017_A1-Injection CISQ: ASCSM-CWE-078
8434quality-ruleAvoid process controlDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007 CISQ: ASCSM-CWE-078Updatedreference = ...php/Top_10-2017_A1-Injection CISQ: ASCSM-CWE-078
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8438quality-ruleAvoid code injectionDocumentation englishreference = ...php/Top_10_2007 CISQ: ASCSM-CWE-078Updatedreference = ...php/Top_10-2017_A1-Injection CISQ: ASCSM-CWE-078
8438quality-ruleAvoid code injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8440quality-ruleAvoid reflection injectionDocumentation englishreference = ...index.php/Top_10_2007 CISQ: ASCSM-CWE-470Updatedreference = ...index.php/Unsafe_use_of_Reflection https://www.owasp.org/index.php/Top_10-2017_A...
8440quality-ruleAvoid reflection injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8442quality-ruleAvoid resource injectionDocumentation englishreference = .../Top_10_2007 CISQ rule: ASCSM-CWE-99.Updatedreference = .../Top_10_2013-A4-Insecure_Direct_Object_References CISQ rule: ASCSM-CWE-99.
8442quality-ruleAvoid resource injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8444quality-ruleAvoid resource URL manipulationDocumentation englishreference = .../Top_10_2007 CISQ rule: ASCSM-CWE-99.Updatedreference = .../Top_10_2013-A4-Insecure_Direct_Object_References CISQ rule: ASCSM-CWE-99.
8444quality-ruleAvoid resource URL manipulationDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods

AIP 8.3.14 - 8.3.15

This section lists the results of a comparison between a CAST AIP 8.3.14 Assessment Model and the CAST AIP 8.3.15 Assessment Model. You can download the original compare_8314_8315.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.14 Assessment ModelChangeCAST 8.3.15 Assessment Model
1058quality-ruleAvoid large Files - too many Lines of CodeParameter #1name = Maximum line count, type = integer, description = Maximum line countUpdatedname = Maximum Line Count
1060quality-ruleAvoid large Macros - too many Lines of CodeParameter #1name = Maximum line count, type = integer, description = Maximum line countUpdatedname = Maximum Line Count
2254quality-ruleAvoid large Page files (JEE)Parameter #1name = Maximum Line Count, type = integer, description = Maximum Line CountUpdatedname = Maximum line count
2258quality-ruleAll image files should be in a specific directoryParameter #2name = image_extensions, type = text-list, description = the list of authorized extension for imagesUpdatedname = Extensions for image files
2266quality-ruleAvoid non standard file extensions (JEE)Parameter #1name = Extensions, type = text-list, description = Standard file extensionsUpdatedname = Standard file extensions
3062quality-ruleUse of error handling pageParameter #1name = Error handling page, type = text-list, description = Error handling page namesUpdatedname = Error handling page names
3070quality-ruleAvoid non standard file extensions (ASP)Parameter #1name = Extensions for files, type = text-list, description = Extensions for filesUpdatedname = Standard file extensions
4602quality-ruleAvoid using Fields (non static final) from other ClassesDocumentation englishMissingAddedtotal = Number of non abstract Java artifacts
4610quality-ruleAvoid using anonymous ClassesParameter #1name = exclude_interfaces, type = text-list, description = Lits of Interfaces to excludeUpdatedname = Interfaces to exclude, description = List of Interfaces to exclude
4612quality-ruleAvoid using native Methods (JNI)Parameter #1name = Ignore Libraries, type = text-list, description = Native methods contained in the libraries will be ignoredUpdatedname = Libraries to exclude
6106quality-ruleUser event naming convention - declare onlyParameter #1name = Prefix, type = text, description = User event ue naming conventionUpdateddescription = User event naming convention
6128quality-ruleAvoid window with too high level of inheritanceParameter #1name = MaxLevel, type = integer, description = LevelUpdatedname = Maximum number of levels
6130quality-ruleAvoid userobject with too high level of inheritanceParameter #1name = MaxLevel, type = integer, description = Max inherit level for userobjectUpdatedname = Maximum number of levels
6134quality-ruleAvoid menu with too high level of inheritanceParameter #1name = MAXLEVEL, type = integer, description = MAX INHERIT LEVEL FOR MENUUpdatedname = Maximum number of levels
6142quality-ruleAvoid Windows with too many MethodsParameter #1name = MaxMethod, type = integer, description = Max number of methodsUpdatedname = Maximum number of methods
6144quality-ruleAvoid Userobject with too many MethodsParameter #1name = MaxMethod, type = integer, description = Max number of methodsUpdatedname = Maximum number of methods
7050quality-ruleFunction naming conventionParameter #1name = prefix_1, type = text-list, description = Function naming conventionUpdatedname = Prefix #1
7050quality-ruleFunction naming conventionParameter #2name = prefix_2, type = text-list, description = Function naming conventionUpdatedname = Prefix #2
7050quality-ruleFunction naming conventionParameter #3name = prefix_3, type = text-list, description = Function naming conventionUpdatedname = Prefix #3
7050quality-ruleFunction naming conventionParameter #4name = prefix_4, type = text-list, description = Function naming conventionUpdatedname = Prefix #4
7050quality-ruleFunction naming conventionParameter #5name = prefix_5, type = text-list, description = Function naming conventionUpdatedname = Prefix #5
7050quality-ruleFunction naming conventionParameter #6name = prefix_6, type = text-list, description = Function naming conventionUpdatedname = Prefix #6
7072quality-ruleProgram naming conventionParameter #1name = prefix, type = text-list, description = naming conventionUpdatedname = Prefixes
7074quality-ruleInclude naming conventionParameter #1name = prefix, type = text-list, description = naming conventionUpdatedname = Prefixes
7132quality-ruleAction Mappings should have few forwardsParameter #1name = Max number of forward, type = integer, description = Number of forwardUpdatedname = Maximum number of forwards
7156quality-ruleAvoid Too Many Copy Pasted ArtifactsParameter #1name = SIMILARITY, type = integer, description = This is a percentage.Updatedname = Minimum % of Similarity
7200quality-ruleAvoid String concatenation in loops (JEE)DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022002, propertyID = 140948
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishdescription = ...eported. Note that the JVM is optimizing code such as System.out.println("x:"+x...Updateddescription = ...eported. Note that the JVM is optimizing code such as System.out.println("x...
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishoutput = ...in loops. It provides the following information: Method full nameUpdatedoutput = ...in loops. It provides the following information: Method full name
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishremediationSample = ..."hello"); for (int i = 0; i < 1500; i++) { result.append("hello"); // FIXED ...UpdatedremediationSample = ..."hello"); for (int i = 0; i < 1500; i++) { result.append("hello"); // FI...
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishsample = ... "hello"; for (int i = 0; i < 1500; i++) { result += "hello"; // VIOLATION }Updatedsample = ... "hello"; for (int i = 0; i < 1500; i++) { result += "hello"; // VIOLATI...
7200quality-ruleAvoid String concatenation in loops (JEE)DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7200quality-ruleAvoid String concatenation in loops (JEE)OperationlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM002UpdatedlocalSiteDiagnose = null
7200quality-ruleAvoid String concatenation in loops (JEE)OperationlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTALUpdatedlocalSiteCountTotal = null
7240quality-ruleAction Classes should only call Business ClassesParameter #1name = name_package, type = text, description = Business package listUpdatedname = Business package names
7244quality-ruleAvoid direct usage of EJB Entity from the clientParameter #1name = name_package, type = text, description = list of packageUpdatedname = Package names
7246quality-ruleAvoid Packages with High Efferent Coupling (CE)Parameter #1name = CE, type = integer, description = Value maxUpdatedname = Efferent Coupling maximum value
7248quality-ruleAvoid Packages with High Afferent Coupling (CA)Parameter #1name = CA, type = integer, description = Value maxUpdatedname = Afferent Coupling maximum value
7260quality-ruleUser Interface elements must not use directly the databaseParameter #1name = namespace, type = text-list, description = List of namespaceUpdatedname = Namespaces
7262quality-ruleAvoid Namespaces with High Efferent Coupling (CE)Parameter #1name = CE, type = integer, description = CE value maxUpdatedname = Efferent Coupling maximum value
7264quality-ruleAvoid namespaces with High Afferent Coupling (CA)Parameter #1name = CA, type = integer, description = CA max valueUpdatedname = Afferent Coupling maximum value
7300quality-ruleAvoid large Paragraphs - too many Lines of CodeParameter #1name = nb_loc, type = integer, description = Threshold number of LoCUpdatedname = Maximum line count
7384quality-ruleDELETED: Large Programs should be called dynamicallyParameter #1name = LOB, type = integer, description = Nb of code lines of the subprogramUpdatedname = Maximum number of Lines of Code of a subprogram
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableParameter #1name = Maximum_Artifacts_Insert, type = integer, description = Retreives all tables having more than _Maximum_ number of Artifacts insertingUpdateddescription = Retrieves all tables having more than _Maximum_ number of Artifacts inserting
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableParameter #1name = Maximum_Artifacts_Delete, type = integer, description = Retreives all tables having more than _Maximum_ number of Artifacts deletingUpdateddescription = Retrieves all tables having more than _Maximum_ number of Artifacts deleting
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableParameter #1name = Maximum_Artifacts_Update, type = integer, description = Retreives all tables having more than _Maximum_ number of Artifacts updatingUpdateddescription = Retrieves all tables having more than _Maximum_ number of Artifacts updating
7396quality-ruleDELETED: Subprograms called multiple times should be called staticallyParameter #1name = NbDynSubPgmCall, type = integer, description = Number of dynamic calls to the same subprogramUpdatedname = Maximum number of dynamic calls to the same subprogram
7486quality-ruleSplit universes of more than X MBParameter #1name = maxi_size, type = integer, description = Maximum size of universe in MBUpdatedname = Maximum size of universe in MB
7514quality-ruleAvoid empty IncludesParameter #1name = exception, type = text-list, description = Exception of includeUpdatedname = Includes to ignore
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesParameter #1name = table_excep, type = text-list, description = List of tables to excludeUpdatedname = Tables to exclude
7642quality-ruleAvoid SQL queries on XXL tables not using the first column of a composite index in the WHERE clauseParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022003, propertyID = 140954
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7652quality-ruleAvoid throwing an exception in a catch block without chaining itOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPPEE002UpdatedlocalSiteDiagnose = null
7652quality-ruleAvoid throwing an exception in a catch block without chaining itOperationlocalSiteCountTotal = DIAG_JAVA_CTORCATCH_TOTALUpdatedlocalSiteCountTotal = null
7658quality-ruleAvoid SQL queries on XXL Tables using Functions on indexed Columns in the WHERE clauseParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7660quality-ruleNever use SQL queries with a cartesian product on XXL TablesParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7662quality-ruleAvoid SQL queries on XXL Tables with implicit conversions in the WHERE clauseParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7664quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness check on XXL TablesParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7666quality-ruleAvoid using SELECT ... ENDSELECT statement on XXL TablesParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7676quality-ruleAvoid too many packages referencing MainframeParameter #1name = maxpck, type = integer, description = Maximum number of packages referencing MainframeUpdatedname = Maximum number of packages referencing Mainframe
7678quality-ruleAvoid using specific logging implementationParameter #1name = logpck, type = text-list, description = logging implemention packageUpdatedname = Logging implemention packages
7682quality-ruleAvoid domain model depending on other Java APIParameter #1name = exclude_packages, type = text-list, description = all packages to avoidUpdatedname = Packages to exclude
7702quality-ruleUse a third party connection poolParameter #1name = pool_properties, type = text-list, description = list of other specific third party connection pool properties to check if definedUpdatedname = Specific third party connection pool properties to check
7706quality-ruleAvoid table and column names that are too long (portability)DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022001, propertyID = 140927
7706quality-ruleAvoid table and column names that are too long (portability)Parameter #1name = table_name_max_length, type = integer, description = maximum length authorized for the table nameUpdatedname = Maximum length for the table names
7706quality-ruleAvoid table and column names that are too long (portability)Parameter #2name = column_name_max_length, type = integer, description = maximum length authorized for column nameUpdatedname = Maximum length for the column names
7706quality-ruleAvoid table and column names that are too long (portability)DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7706quality-ruleAvoid table and column names that are too long (portability)OperationlocalSiteDiagnose = DIAG_SCOPE_JEEAOPI002UpdatedlocalSiteDiagnose = null
7706quality-ruleAvoid table and column names that are too long (portability)OperationlocalSiteCountTotal = DIAG_JEE_ENTPRPS_TOTALUpdatedlocalSiteCountTotal = null
7720quality-ruleAvoid too many EJB beanParameter #1name = max_nb_ejb, type = integer, description = Maximum number of EJB authorizedUpdatedname = Maximum number of EJB
7730quality-ruleUse declarative transactionDocumentation englishremediationSample = ... try { \t userDAO.update(user); } catch (Exception up) { contex...UpdatedremediationSample = ... try { userDAO.update(user); } catch (Exception up) { con...
7730quality-ruleUse declarative transactionDocumentation englishsample = ...violation \t ....... transaction.commit(); // committing: violation ...Updatedsample = ...violation ....... transaction.commit(); // committing: violation ...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishreference = ...ing') http://cwe.mitre.org/data/definitions/79.html Open Web Application Securi...Updatedreference = ...ing') https://cwe.mitre.org/data/definitions/79.html Open Web Application Secur...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishreference = CWE-89 : Failure to Preserve SQL Query Structure (aka 'SQL injection') http://cw...Updatedreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishreference = CWE-90 : Improper Neutralization of Special Elements used in an LDAP Query ('LDA...Updatedreference = CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishreference = ...ion') http://cwe.mitre.org/data/definitions/78.html Open Web Application Securi...Updatedreference = ...ion') https://cwe.mitre.org/data/definitions/78.html Open Web Application Secur...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishremediation = To avoid the creation of injection flaws, the Open Web Application Security Proj...Updatedremediation = Assume all input is malicious. Avoid using inputs. If it is not possible, use a...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishreference = ...Injection)http://cwe.mitre.org/data/definitions/91.html Open Web Application Se...Updatedreference = ...Injection) https://cwe.mitre.org/data/definitions/91.html Open Web Application ...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishreference = CWE-73 : External Control of File Name or Path http://cwe.mitre.org/data/definit...Updatedreference = CWE-73: External Control of File Name or Path https://cwe.mitre.org/data/definit...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishremediation = Validate all the user inputs. To avoid the creation of injection flaws, the Ope...Updatedremediation = Assume all input is malicious. Avoid using inputs. If it is not possible, use a...
7768quality-ruleAvoid Artifacts with High Depth of CodeParameter #1name = Max Depth of Code, type = integer, description = Max Depth of Code per artifactUpdatedname = Maximum Depth of Code
7770quality-ruleAvoid Artifacts with too many parametersParameter #1name = Maximum parameters, type = integer, description = Max parameters numberUpdatedname = Maximum number of parameters
7774quality-ruleAvoid Artifacts with High Integration ComplexityParameter #1name = Maximum integration complexity, type = float, description = Max integration complexity per methodUpdatedname = Maximum Integration Complexity
7778quality-ruleAvoid Artifacts with High Fan-OutParameter #1name = Maximum High Fan-Out, type = integer, description = Max High Fan-Out per methodUpdatedname = Maximum Fan-Out
7786quality-ruleAvoid long Table or View namesParameter #1name = Max length, type = integer, description = Maximum length for Table or View nameUpdatedname = Maximum length
7848quality-ruleInterface naming convention - prefixParameter #2name = Case sensitive, type = text, description = Name is Case sensitiveUpdatedname = Name is case sensitive
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemParameter #1name = Max nbr of columns, type = integer, description = Maximum number of columns in a tableUpdatedname = Maximum number of columns in a table
7904quality-ruleAvoid SQL queries on XXL tables that no index can supportParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7908quality-ruleAvoid unreferenced MethodsParameter #1name = include_getter_setter, type = integer, description = Take in to account the getter and setterUpdatedname = Take into account the getter and setter, description = Take into account the getter and setter
7912quality-ruleAvoid unreferenced Data MembersParameter #1name = include_getter_setter, type = integer, description = Take in to account the getter and setterUpdatedname = Take into account the getter and setter, description = Take into account the getter and setter
7944quality-ruleAvoid High Response for ClassesParameter #1name = Maximum Response, type = float, description = Max Response per classUpdatedname = Maximum Response for a Class
7956quality-ruleAvoid indirect exception handling inside loopsParameter #1name = depth_level, type = integer, description = Depth level of a call pathUpdatedname = Depth level of a call path
8022quality-ruleAvoid hiding attributesParameter #1name = attribut name to exclude, type = text-list, description = attributs to ignoreUpdatedname = Attribute names to exclude
8022quality-ruleAvoid hiding attributesParameter #2name = type to exclude, type = text-list, description = type or sub-class to excludeUpdatedname = Types or sub-classes to exclude
8036quality-ruleAvoid improperly written triangular joins with XXL tables in PL/SQL codeParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishreference = http://cwe.mitre.org/data/definitions/117.htmlUpdatedreference = CWE-117: Improper Output Neutralization for Logs https://cwe.mitre.org/data/defi...
8098quality-ruleAvoid uncontrolled format stringDocumentation englishreference = ASCSM 1.0, Automated Source Code Security Measure, Object Management Group. CWE...Updatedreference = CWE-134: Use of Externally-Controlled Format String https://cwe.mitre.org/data/d...
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Parameter #1name = threshold, type = integer, description = A method is considered to call too many SQL functions if the number of calls is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
8214quality-ruleExpired or Released Resource should not be usedDocumentation englishdescription = ...sion(...) \t. close: org.springframework.orm.hibernate4.SessionFactoryUtils.close...Updateddescription = ...sion(...) . close: org.springframework.orm.hibernate4.SessionFactoryUtils.cl...
8214quality-ruleExpired or Released Resource should not be usedDocumentation englishname = CWE-672: Expired or Released Resource should not be usedUpdatedname = Expired or Released Resource should not be used
8214quality-ruleExpired or Released Resource should not be usedDocumentation englishsample = ...(); System.out.println("Connection closed........."); if(!connection...Updatedsample = ...(); connection.prepareStatement("select * from ...."); }
8222quality-ruleAvoid hard-coded credentialsDocumentation englishreference = ...tials http://cwe.mitre.org/data/definitions/798.htmlUpdatedreference = ...tials https://cwe.mitre.org/data/definitions/798.html CWE-259: Use of Hard-code...
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishreference = http://cwe.mitre.org/data/definitions/501.htmlUpdatedreference = CWE-501: Trust Boundary Violation https://cwe.mitre.org/data/definitions/501.htm...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishreference = https://cwe.mitre.org/data/definitions/614.html https://www.owasp.org/index.php...Updatedreference = CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute https://cw...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishremediation = ...kie should sent via HTTPS onlyUpdatedremediation = ...kie should sent via HTTPS only.
8242quality-ruleUse of insufficiently random valuesDocumentation englishreference = ...0: Use of insufficiently random values http://cwe.mitre.org/data/definitions/330...Updatedreference = ...0: Use of Insufficiently Random Values https://cwe.mitre.org/data/definitions/33...
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishreference = http://cwe.mitre.org/data/definitions/79.html CWE-79: Improper Neutralization o...Updatedreference = CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishreference = http://cwe.mitre.org/data/definitions/79.html CWE-79: Improper Neutralization o...Updatedreference = CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishremediation = ...diation is : Performing secure input handling in both client-side and server-sid...Updatedremediation = ...diation is: performing secure input handling in both client-side and server-side...
8414quality-ruleAvoid use of a broken or risky cryptographic algorithmDocumentation englishreference = http://cwe.mitre.org/data/definitions/327.html A3-OWASPUpdatedreference = CWE-327: Use of a Broken or Risky Cryptographic Algorithm https://cwe.mitre.org/...
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishreference = CWE-328 http://cwe.mitre.org/data/definitions/328.htmlUpdatedreference = CWE-328: Reversible One-Way Hash https://cwe.mitre.org/data/definitions/328.html...
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Documentation englishreference = http://cwe.mitre.org/data/definitions/89.htmlUpdatedreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
8420quality-ruleAvoid second order SQL injectionDocumentation englishreference = CWE-89 : Failure to Preserve SQL Query Structure (aka 'SQL injection') http://cw...Updatedreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishreference = A3-OWASP 2017 https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Expo...Updatedreference = CWE-321: Use of Hard-coded Cryptographic Key https://cwe.mitre.org/data/definiti...
8434quality-ruleAvoid process controlDefinitionMissingAddedactive = true, detached = false
8434quality-ruleAvoid process controlQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8436quality-ruleAvoid thread injection vulnerabilitiesDefinitionMissingAddedactive = true, detached = false
8436quality-ruleAvoid thread injection vulnerabilitiesQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8438quality-ruleAvoid code injectionDefinitionMissingAddedactive = true, detached = false
8438quality-ruleAvoid code injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8440quality-ruleAvoid reflection injectionDefinitionMissingAddedactive = true, detached = false
8440quality-ruleAvoid reflection injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8442quality-ruleAvoid resource injectionDefinitionMissingAddedactive = true, detached = false
8442quality-ruleAvoid resource injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8444quality-ruleAvoid resource URL manipulationDefinitionMissingAddedactive = true, detached = false
8444quality-ruleAvoid resource URL manipulationQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
66067quality-measureCopy Pasted Code (% of LOC)Parameter #1name = SIMILARITY, type = float, description = This is a percentage.Updatedname = Minimum % of Similarity

AIP 8.3.13 - 8.3.14

This section lists the results of a comparison between a CAST AIP 8.3.13 Assessment Model and the CAST AIP 8.3.14 Assessment Model. You can download the original compare_8313_8314.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.13 Assessment ModelChangeCAST 8.3.14 Assessment Model
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = false, weight = 6RemovedMissing contribution
7244quality-ruleAvoid direct usage of EJB Entity from the clientQuality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = false, weight = 3RemovedMissing contribution
7364quality-ruleDELETED: Avoid multiple validation form with the same nameActivationactive = true, detached = falseUpdatedactive = false, detached = true
7364quality-ruleDELETED: Avoid multiple validation form with the same nameDocumentation englishname = Avoid multiple validation form with the same nameUpdatedname = DELETED: Avoid multiple validation form with the same name
7364quality-ruleAvoid multiple validation form with the same nameQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 9RemovedMissing contribution
7436quality-rulePrefer UNION ALL to UNIONDocumentation englishoutput = ...ALL) occurencesUpdatedoutput = ...ALL) occurrences
7460quality-ruleDELETED:Avoid using untyped DataSetActivationactive = true, detached = falseUpdatedactive = false, detached = true
7460quality-ruleDELETED:Avoid using untyped DataSetDocumentation englishname = Avoid using untyped DataSetUpdatedname = DELETED:Avoid using untyped DataSet
7460quality-ruleAvoid using untyped DataSetQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = true, weight = 6RemovedMissing contribution
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software constructs all or part of an SQL command via user-controllable inpu...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishrationale = ...ses other unintended behavior. In web based applications, the validation of all...Updatedrationale = ...ses other unintended behavior.
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishrationale = This could allow attackers to execute unexpected, dangerous commands directly on...Updatedrationale = The software constructs all or part of an OS command using externally-influenced...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software does not properly neutralize special elements that are used in XML,...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishrationale = This could allow an attacker to access or modify system files or other files tha...Updatedrationale = The software does not properly neutralize special elements that are part of path...
7952quality-ruleAvoid synonym with both private & PUBLIC Definition in PL/SQL contextDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8128quality-ruleDELETED: Avoid using UPDATE and DELETE without WHERE conditionDocumentation englishname = Avoid using UPDATE and DELETE without WHERE conditionUpdatedname = DELETED: Avoid using UPDATE and DELETE without WHERE condition
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishname = Trust boundary violationUpdatedname = Avoid mixing trusted and untrusted data in HTTP requests
8400quality-ruleAvoid having lock on this objectActivationactive = true, detached = trueUpdateddetached = false
8400quality-ruleAvoid having lock on this objectQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 5
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishtotal = ...s calling user input methodsUpdatedtotal = ...s calling a "read database" method
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Documentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software constructs all or part of No-SQL command via user-controllable inpu...
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Quality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 9Updatedcritical = true
8420quality-ruleAvoid second order SQL injectionDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software constructs all or part of an SQL command via user-controllable inpu...
8420quality-ruleAvoid second order SQL injectionDocumentation englishtotal = ...s calling user input methodsUpdatedtotal = ...s calling a "read database" method
8420quality-ruleAvoid second order SQL injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 9Updatedcritical = true

AIP 8.3.12 - 8.3.13

This section lists the results of a comparison between a CAST AIP 8.3.12 Assessment Model and the CAST AIP 8.3.13 Assessment Model. You can download the original compare_8312_8313.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.12 Assessment ModelChangeCAST 8.3.13 Assessment Model
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)DefinitionMissingAddedactive = true, detached = false
8420quality-ruleAvoid second order SQL injectionDefinitionMissingAddedactive = true, detached = false
8422quality-ruleAvoid Using COMMIT WORK or ROLLBACK WORK during update work processDefinitionMissingAddedactive = true, detached = false
8424quality-ruleAvoid using hard-coded HMAC keysDefinitionMissingAddedactive = true, detached = false
8426quality-ruleAvoid calling database commands directly using system functions as "C_DB_EXECUTE" and "C_DB_FUNCTION"DefinitionMissingAddedactive = true, detached = false
8428quality-ruleAuthorization check should be done before calling a transactionDefinitionMissingAddedactive = true, detached = false
8430quality-ruleAvoid using hardcoded seed or no seed at all for random values generationDefinitionMissingAddedactive = true, detached = false
8432quality-ruleAvoid Cross-Client Database Access using Open SQL statements with CLIENT SPECIFIED/USING CLIENT additionDefinitionMissingAddedactive = true, detached = false
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects paths from user input methods to HTML...Updateddescription = ... CAST data-flow engine, this metric detects paths from user input methods to HTM...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine to detect a call path where input data from the user is se...Updateddescription = ... CAST data-flow engine to detect a call path where input data from the user is s...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishrationale = ... from the Injection flaws. To avoid the creation of Injection flaws, the Open W...Updatedrationale = ... from the injection flaws. To avoid the creation of injection flaws, the Open W...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishreference = ...(aka 'SQL Injection') http://cwe.mitre.org/data/definitions/89.html Open Web Ap...Updatedreference = ...(aka 'SQL injection') http://cwe.mitre.org/data/definitions/89.html Open Web Ap...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishsample = ...ted user. ... string userName = ctx.getAuthenticatedUserName(); string query = "...Updatedsample = ...ted user. ... string userName = ctx.getAuthenticatedUserName(); string query = ...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects paths from user input methods down to...Updateddescription = ... CAST data-flow engine, this metric detects paths from user input methods down t...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishrationale = ... from the Injection flaws. To avoid the creation of Injection flaws, the Open W...Updatedrationale = ... from the injection flaws. To avoid the creation of injection flaws, the Open W...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishreference = ...ry ('LDAP Injection') http://cwe.mitre.org/data/definitions/90.html Open Web Ap...Updatedreference = ...ry ('LDAP injection') http://cwe.mitre.org/data/definitions/90.html Open Web Ap...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishremediation = Input Validation Assume all input is malicious. Use an "accept known good" inpu...Updatedremediation = Input validation. Assume all input is malicious. Use an "accept known good" inp...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects paths from user input methods down to...Updateddescription = ... CAST data-flow engine, this metric detects paths from user input methods down t...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishrationale = ... from the Injection flaws. The Common Weakness Enumeration defines Improper Inp...Updatedrationale = ... from the injection flaws. The Common Weakness Enumeration defines Improper Inp...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishremediation = ...eation of Injection flaws, the Open Web Application Security Project (OWASP) rec...Updatedremediation = ...eation of injection flaws, the Open Web Application Security Project (OWASP) rec...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects execution paths from user input metho...Updateddescription = ... CAST data-flow engine, this metric detects execution paths from user input meth...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishrationale = ...user input : "Use a standard input validation mechanism to validate all input da...Updatedrationale = ...user input: "Use a standard input validation mechanism to validate all input dat...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects execution paths from user input metho...Updateddescription = ... CAST data-flow engine, this metric detects execution paths from user input meth...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishrationale = ...as follows : "When software does not validate input properly, an attacker is ab...Updatedrationale = ...as follows: "When software does not validate input properly, an attacker is abl...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishremediation = ...eation of Injection flaws, the Open Web Application Security Project (OWASP) rec...Updatedremediation = ...eation of injection flaws, the Open Web Application Security Project (OWASP) rec...
8028quality-ruleAvoid missing default in switch statementsDocumentation englishassociatedValueName = Function nameUpdatedassociatedValueName = Number of violation occurrences
8028quality-ruleAvoid missing default in switch statementsDocumentation englishoutput = ...d to each Function with violations, the Quality Rule provides: - Function nameUpdatedoutput = ...d to each violation, the following information is provided: - The number of viol...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine to detect a call path where input data from the user is wr...Updateddescription = ... CAST data-flow engine to detect a call path where input data from the user is w...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishname = Avoid Log forging vulnerabilitiesUpdatedname = Avoid log forging vulnerabilities
8098quality-ruleAvoid uncontrolled format stringDocumentation englishdescription = ... CAST dataflow engine, this metric detects execution paths from user input metho...Updateddescription = ... CAST data flow engine, this metric detects execution paths from user input meth...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishassociatedValueName = ... from hardcoded string down to the target methodUpdatedassociatedValueName = ... from hard-coded string down to the target method
8222quality-ruleAvoid hard-coded credentialsDocumentation englishdescription = ...ere a hardcoded credential is sent to a method used for its own inbound authenti...Updateddescription = ...ere a hard-coded credential is sent to a method used for its own inbound authent...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishname = Avoid hardcoded credentialsUpdatedname = Avoid hard-coded credentials
8222quality-ruleAvoid hard-coded credentialsDocumentation englishoutput = ...t one hardcoded credential parameter. It provides the following information : ...Updatedoutput = ...t one hard-coded credential parameter. It provides the following information :...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishrationale = ... have hardcoded credentials (username, password) in the application code or file...Updatedrationale = ... have hard-coded credentials (such as a passwords) in the application code or fi...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishremediation = ...mediations : - Outbound authentication : consider storing passwords and keys ou...Updatedremediation = ...mediations: - Outbound authentication: consider storing passwords and keys outs...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishMissingAddedremediationSample = // Store passwords outside of the code in a storage protected from outsiders
8222quality-ruleAvoid hard-coded credentialsDocumentation englishMissingAddedsample = Java: UsernamePasswordCredentials creds = new UsernamePasswordCredentials("myUse...
8238quality-ruleTrust boundary violationDocumentation englishdescription = ...ructure or structured message. The list of user input methods can be customize...Updateddescription = ...ructure or structured message.
8238quality-ruleTrust boundary violationDocumentation englishMissingAddedremediationSample = // Never mix trusted and untrusted data
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeTechnologies[JEE]UpdatedAdded: [C#, VB.NET]
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishassociatedValueName = Call to javax.servlet.http.HttpServletResponse.addCookie passing a cookie withou...UpdatedassociatedValueName = Call stack from the "setSecure" call to the "addCookie" target
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishdescription = The Secure attribute for sensitive cookies in HTTPS sessions is not set, which c...Updateddescription = The 'Secure' attribute for sensitive cookies in HTTPS sessions is not set, which...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = ...f methods calling javax.servlet.http.HttpServletResponse.addCookieUpdatedtotal = ...f methods adding a cookie without setting the 'secured' attribute
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishdescription = ...lected XSS : The server reads data directly from the HTTP request and reflects i...Updateddescription = ...lected XSS: The server reads data directly from the HTTP request and reflects it...
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishname = Avoid Reflected Cross-site Scripting (Non Persistent)Updatedname = Avoid reflected cross-site scripting (non persistent)
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishremediation = ...ce exposure to some variants." This metric ensures that the appropriate output ...Updatedremediation = ...ce exposure to some variants."
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishname = Avoid Cross-Site Scripting (Persistent)Updatedname = Avoid cross-site scripting (persistent)
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDocumentation englishMissingAddedassociatedValueName = Number of violation occurrences
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDocumentation englishMissingAddedoutput = Associated to each violation, the following information is provided: - The numbe...
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDocumentation englishMissingAddedtotal = Number of ABAP Artifacts
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = false, weight = 9
8420quality-ruleAvoid second order SQL injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = false, weight = 9
8426quality-ruleAvoid calling database commands directly using system functions as "C_DB_EXECUTE" and "C_DB_FUNCTION"Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8428quality-ruleAuthorization check should be done before calling a transactionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8424quality-ruleAvoid using hard-coded HMAC keysQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8430quality-ruleAvoid using hardcoded seed or no seed at all for random values generationQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8432quality-ruleAvoid Cross-Client Database Access using Open SQL statements with CLIENT SPECIFIED/USING CLIENT additionQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8422quality-ruleAvoid Using COMMIT WORK or ROLLBACK WORK during update work processQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = true, weight = 5

AIP 8.3.11 - 8.3.12

This section lists the results of a comparison between a CAST AIP 8.3.11 Assessment Model and the CAST AIP 8.3.12 Assessment Model. You can download the original compare_8311_8312.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.11 Assessment ModelChangeCAST 8.3.12 Assessment Model
578quality-ruleAvoid Classes with multiple inheritanceDocumentation englishoutput = ...violation patterns found in source code: - Parent class derivationUpdatedoutput = ...violation occurrences found in source code: - Parent class derivation
584quality-ruleAvoid Classes with at least one virtual Function and without a virtual DestructorDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
584quality-ruleAvoid Classes with at least one virtual Function and without a virtual DestructorDocumentation englishoutput = ...violation patterns found in source code: - Virtual methodUpdatedoutput = ...violation occurrences found in source code: - Virtual method
586quality-ruleDELETED: Avoid inline Constructors and DestructorsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
586quality-ruleDELETED: Avoid inline Constructors and DestructorsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
588quality-ruleAvoid using Global Variables (C++)Documentation englishdescription = ...+ code using global variables.Updateddescription = ...+ code using global variables. Constant are not taken into account in this rule.
590quality-ruleAvoid using global objects in Constructors and DestructorsDocumentation englishoutput = ...violation patterns found in source code: - global object usedUpdatedoutput = ...violation occurrences found in source code: - global object used
592quality-ruleEnsure you provide a user-defined copy constructor or disable copy when a class allocates memory in its constructorDocumentation englishoutput = ...violation patterns found in the source code: - object instanciationUpdatedoutput = ...violation occurrences found in the source code: - object instanciation
620quality-ruleAvoid base Classes without virtual DestructorsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
620quality-ruleAvoid base Classes without virtual DestructorsDocumentation englishoutput = ...violation patterns found in source code: - Class definition - Non-virtual de...Updatedoutput = ...violation occurrences found in source code: - Class definition - Non-virtual...
628quality-ruleAvoid invocation of virtual Methods of the declared Class in a Constructor or DestructorDocumentation englishoutput = ...violation patterns found in the source code: - Virtual member function callUpdatedoutput = ...violation occurrences found in the source code: - Virtual member function call
630quality-ruleAvoid data members that are not privateDocumentation englishoutput = ...violation patterns found in the source code: - class member declarationUpdatedoutput = ...violation occurrences found in the source code: - class member declaration
678quality-ruleNever throw an exception from a DestructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
678quality-ruleNever throw an exception from a DestructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
1050quality-ruleStatic Functions naming conventions - case controlDocumentation englishtotal = Number C static functionsUpdatedtotal = Number of C static functions
1054quality-ruleTypes naming conventions - suffix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1072quality-ruleAvoid using memory management Functions (free/malloc/realloc)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1072quality-ruleAvoid using memory management Functions (free/malloc/realloc)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
1074quality-ruleAvoid using signals management FunctionsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1074quality-ruleAvoid using signals management FunctionsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
1558quality-rulePackage naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1558quality-rulePackage naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of PLSQL Packages
1560quality-rulePackage Function naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1560quality-rulePackage Function naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of PLSQL Package Functions
1562quality-rulePackage Stored Procedure naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1562quality-rulePackage Stored Procedure naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of PLSQL Package Procedures
1564quality-ruleCursor naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1564quality-ruleCursor naming convention - prefix controlDocumentation englishtotal = total is number of cursor defined into the schemaUpdatedtotal = Number of cursors defined into the schema
1574quality-ruleUse at most one statement per lineDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines with more than 1 statement
1574quality-ruleUse at most one statement per lineDocumentation englishoutput = ...rmation: - Function / Procedure full name, - number of lines with more than 1...Updatedoutput = ...rmation: - Function / Procedure full name, - Number of lines with more than 1 s...
1574quality-ruleUse at most one statement per lineDocumentation englishtotal = total is number of SQL procedures and functions that are stored in the schemaUpdatedtotal = Number of SQL procedures and functions that are stored in the schema
1576quality-ruleUse varchar2 instead of char and varcharDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1576quality-ruleUse varchar2 instead of char and varcharDocumentation englishMissingAddedtotal = Number of PL/SQL objects with parameters or columns
1578quality-ruleAvoid using LONG & LONG RAW datatype for Table ColumnsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1578quality-ruleAvoid using LONG & LONG RAW datatype for Table ColumnsDocumentation englishMissingAddedtotal = Number of PLSQL tables and views
1580quality-ruleAvoid using execute immediateDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1580quality-ruleAvoid using execute immediateDocumentation englishtotal = The total procedure counts all the PLSQL objects using execute immediateUpdatedtotal = Number of PLSQL objects using execute immediate
1582quality-ruleAvoid large Tables - too many columnsDocumentation englishtotal = total is the number of tables in the shemaUpdatedtotal = Number of tables in the shema
1596quality-ruleAvoid using "nullable" Columns except in the last position in a TableDocumentation englishMissingAddedtotal = Number of PLSQL tables
1598quality-ruleAvoid Rule HINT /*+ rule */ or --+ rule in PL/SQL codeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1606quality-ruleTriggers should not directly modify tables, a procedure or function should be used insteadDocumentation englishtotal = total is the number of schema triggersUpdatedtotal = Number of schema triggers
1634quality-ruleAvoid unreferenced TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1634quality-ruleAvoid unreferenced TablesDocumentation englishtotal = total is number of schema tablesUpdatedtotal = Number of schema tables
2230quality-ruleUse of style sheets (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
2230quality-ruleUse of style sheets (JEE)Documentation englishtotal = Total number of pagesUpdatedtotal = Number of pages
2232quality-rulePages should use error handling pageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2232quality-rulePages should use error handling pageDocumentation englishtotal = The list of JSP files except the error pages + the web.xmlUpdatedtotal = Number of JSP files except the error pages + the web.xml
2236quality-ruleAvoid use of standard SQL APIDocumentation englishtotal = the number of JSP pagesUpdatedtotal = Number of JSP pages
2238quality-ruleAvoid unreferenced JSPs and web client filesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2238quality-ruleAvoid unreferenced JSPs and web client filesDocumentation englishMissingAddedtotal = Number of JSP, HTM, HTML pages
2242quality-ruleAvoid direct definition of JavaScript Functions in a Web page (JEE)Documentation englishtotal = The number of JavaScript FunctionsUpdatedtotal = Number of JavaScript functions
2244quality-ruleAvoid undocumented Web Server PagesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2244quality-ruleAvoid undocumented Web Server PagesDocumentation englishMissingAddedtotal = Number of JSP pages
2248quality-ruleAvoid Web Server pages having a very low Comment/Code ratioDocumentation englishMissingAddedtotal = Number of JSP pages
2254quality-ruleAvoid large Page files (JEE)Documentation englishMissingAddedtotal = Number of JSP pages
2258quality-ruleAll image files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of JPG files
2260quality-ruleAll script files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of JS Scripts
2262quality-ruleAll stylesheet files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of CSS pages
2264quality-ruleAll page files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of JSP pages
2266quality-ruleAvoid non standard file extensions (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
2266quality-ruleAvoid non standard file extensions (JEE)Documentation englishMissingAddedtotal = Number of eFiles
2278quality-ruleCheck the use of "foreach" custom tag libraryDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2278quality-ruleCheck the use of "foreach" custom tag libraryDocumentation englishMissingAddedtotal = Number of JavaScript eFunctions and JSP eFile
2280quality-ruleAvoid using Document.all collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2280quality-ruleAvoid using Document.all collectionDocumentation englishMissingAddedtotal = Number of objects belonging to files with extension given by parameter
2282quality-ruleAvoid large Include FilesDocumentation englishMissingAddedtotal = Number of JSP pages
2284quality-ruleAvoid large JSP Pages - too many ScriptletsDocumentation englishMissingAddedtotal = Number of JSP pages
2552quality-ruleEvent naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2552quality-ruleEvent naming convention - case controlDocumentation englishMissingAddedtotal = Number of VB events
2558quality-ruleMethod/Sub naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2558quality-ruleMethod/Sub naming convention - case controlDocumentation englishMissingAddedtotal = Number of VB functions and methods
2560quality-ruleProperty naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2560quality-ruleProperty naming convention - case controlDocumentation englishMissingAddedtotal = Number of VB properties
2562quality-ruleAvoid long FunctionsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines of code
2562quality-ruleAvoid long FunctionsDocumentation englishMissingAddedtotal = Number of VB functions
2564quality-ruleUse a single Error Handling MethodDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2572quality-ruleAvoid declaring VB Variables without typing them (Visual Basic)Documentation englishassociatedValueName = Associated ValueRemovedMissing
2572quality-ruleAvoid declaring VB Variables without typing them (Visual Basic)Documentation englishMissingAddedtotal = Number of VB objects
2574quality-ruleAvoid using Global Variables (Visual Basic)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Global variable
2574quality-ruleAvoid using Global Variables (Visual Basic)Documentation englishMissingAddedtotal = Number of Objects likely to use global variables
2576quality-ruleAvoid Variables declared as VariantsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2576quality-ruleAvoid Variables declared as VariantsDocumentation englishMissingAddedtotal = Number of VB objects
2580quality-ruleAvoid use of Scripting.FileSystemObjectDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Occurrence of Scripting.FileSystemObject
2580quality-ruleAvoid use of Scripting.FileSystemObjectDocumentation englishMissingAddedtotal = Number of VB objects
2582quality-ruleUse Option ExplicitDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2582quality-ruleUse Option ExplicitDocumentation englishMissingAddedtotal = Number of VB modules and forms
2584quality-ruleAvoid using late bindingDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2584quality-ruleAvoid using late bindingDocumentation englishMissingAddedtotal = Number of VB functions, methods and events
2586quality-ruleUtilization of "DoEvents" inside a loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2586quality-ruleUtilization of "DoEvents" inside a loopDocumentation englishMissingAddedtotal = Number of VB functions, methods and events
2586quality-ruleUtilization of "DoEvents" inside a loopDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
2588quality-ruleAvoid declaring Class Variables without declaring access PropertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2588quality-ruleAvoid declaring Class Variables without declaring access PropertiesDocumentation englishMissingAddedtotal = Number of VB Class Variables
2590quality-ruleAvoid using "On error Resume Next" in the Class event terminateDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2590quality-ruleAvoid using "On error Resume Next" in the Class event terminateDocumentation englishMissingAddedtotal = Number of sub 'Class_Terminate'
2590quality-ruleAvoid using "On error Resume Next" in the Class event terminateDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
2592quality-ruleEncapsulation complianceDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Module variable
2592quality-ruleEncapsulation complianceDocumentation englishMissingAddedtotal = Number of VB artifacts
2620quality-ruleAvoid undocumented ModulesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2620quality-ruleAvoid undocumented ModulesDocumentation englishMissingAddedtotal = Number of VB modules
2622quality-ruleAvoid Modules with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
2622quality-ruleAvoid Modules with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of VB modules
2626quality-ruleAvoid unreferenced ModulesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2626quality-ruleAvoid unreferenced ModulesDocumentation englishMissingAddedtotal = Number of VB modules
3058quality-ruleUse of style sheets (ASP)Documentation englishassociatedValueName = Associated ValueRemovedMissing
3060quality-rulePages with less than 3 levels of inclusionDocumentation englishMissingAddedtotal = Number of pages
3062quality-ruleUse of error handling pageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3062quality-ruleUse of error handling pageDocumentation englishMissingAddedtotal = Number of ASP pages
3064quality-ruleAvoid use of Session variables from Session_OnEndDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3064quality-ruleAvoid use of Session variables from Session_OnEndDocumentation englishMissingAddedtotal = Number of pages
3066quality-ruleUse of Web ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3066quality-ruleUse of Web ClassesDocumentation englishMissingAddedtotal = Number of pages
3070quality-ruleAvoid non standard file extensions (ASP)Documentation englishassociatedValueName = Associated ValueRemovedMissing
3070quality-ruleAvoid non standard file extensions (ASP)Documentation englishMissingAddedtotal = Number of pages
3072quality-ruleConsistent File full name and directory structureDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3072quality-ruleConsistent File full name and directory structureDocumentation englishMissingAddedtotal = Number of pages
3074quality-ruleIndex pages and global.asa must be located in the root directoryDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3074quality-ruleIndex pages and global.asa must be located in the root directoryDocumentation englishMissingAddedtotal = Number of pages
3076quality-ruleAvoid using more than one scripting language in one pageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3076quality-ruleAvoid using more than one scripting language in one pageDocumentation englishMissingAddedtotal = Number of ASP pages
3078quality-ruleAvoid unreferenced codeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3078quality-ruleAvoid unreferenced codeDocumentation englishMissingAddedtotal = Number of pages
3080quality-ruleAvoid undocumented PagesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3080quality-ruleAvoid undocumented PagesDocumentation englishMissingAddedtotal = Number of pages
3082quality-ruleAvoid ASP pages having a very low Comment/Code ratioDocumentation englishMissingAddedtotal = Number of ASP pages
3088quality-ruleAvoid large Page files (ASP)Documentation englishMissingAddedtotal = Number of ASP pages
3102quality-ruleAvoid using Transactions in an ASP PageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3102quality-ruleAvoid using Transactions in an ASP PageDocumentation englishMissingAddedtotal = Number of ASP pages
3550quality-ruleNamespace naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3550quality-ruleNamespace naming convention - case controlDocumentation englishMissingAddedtotal = Number of namespaces
3554quality-ruleInterface naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3558quality-ruleEnumerations naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3558quality-ruleEnumerations naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of enumerations
3560quality-ruleEnumeration Items naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3560quality-ruleEnumeration Items naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of enumeration items
3562quality-rulePrivate Fields naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3562quality-rulePrivate Fields naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of private fields
3564quality-rulePublic Fields naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3564quality-rulePublic Fields naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of public fields
3566quality-ruleMethods naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3566quality-ruleMethods naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of methods
3568quality-ruleEvents naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3568quality-ruleEvents naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of events
3572quality-ruleControls naming convention - prefix, case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3574quality-ruleProperties naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3574quality-ruleProperties naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of properties
3576quality-ruleAvoid declaring public FieldsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3576quality-ruleAvoid declaring public FieldsDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
3578quality-ruleAvoid large Classes - too many Constructors (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Constructors
3578quality-ruleAvoid large Classes - too many Constructors (.NET)Documentation englishtotal = Total number of classesUpdatedtotal = Number of classes
3580quality-ruleAvoid large Classes - too many Methods (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Methods
3586quality-ruleAvoid large Methods - too many Lines of CodeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines of code
3590quality-ruleAvoid Interface implementation on StructuresDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Interface
3610quality-ruleAvoid declaring VB Variables without typing them (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
3610quality-ruleAvoid declaring VB Variables without typing them (.NET)Documentation englishtotal = Total number of variable declaration.Updatedtotal = Number of variable declarations
3612quality-ruleClose SQL connection ASAPDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
3614quality-ruleAvoid using String.Empty for empty string testsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3616quality-ruleData Access must be based on Stored Procedure CallsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Accessed SQL object
3626quality-ruleAvoid Interfaces with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
3626quality-ruleAvoid Interfaces with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of interfaces
3630quality-ruleAvoid having Classes implementing too many InterfacesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of implementations
3630quality-ruleAvoid having Classes implementing too many InterfacesDocumentation englishMissingAddedtotal = Number of classes
4056quality-ruleAvoid recursive TriggersDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4056quality-ruleAvoid recursive TriggersDocumentation englishMissingAddedtotal = Number of triggers
4056quality-ruleAvoid recursive TriggersDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
4058quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joinsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4058quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joinsDocumentation englishtotal = LINBERGH_PLUSUpdatedtotal = Number of objects that can contain SELECT
4062quality-ruleAvoid Functions and Procedures doing an Insert, Update or Delete without managing a transactionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4062quality-ruleAvoid Functions and Procedures doing an Insert, Update or Delete without managing a transactionDocumentation englishMissingAddedtotal = Number of functions and procedures
4064quality-ruleAvoid Procedures using an Insert, Update, Delete, Create Table or Select without including error managementDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4066quality-ruleAvoid Stored Procedures not returning a status valueDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4066quality-ruleAvoid Stored Procedures not returning a status valueDocumentation englishMissingAddedtotal = Number of stored procedures
4070quality-ruleAvoid use of "truncate table"Documentation englishassociatedValueName = Associated ValueRemovedMissing
4076quality-ruleAvoid using temporary ObjectsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4076quality-ruleAvoid using temporary ObjectsDocumentation englishMissingAddedtotal = Number of objects that can contain SELECT
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishMissingAddedtotal = Number of stored procedures
4554quality-ruleAvoid large Classes - too many Methods (JEE)Documentation englishtotal = Total number of MethodsUpdatedtotal = Number of methods
4556quality-ruleAvoid large Classes - too many Constructors (JEE)Documentation englishMissingAddedtotal = Number of Java classes
4558quality-ruleAvoid large Classes - too many FieldsDocumentation englishMissingAddedtotal = Number of Java classes
4560quality-ruleAvoid large Interfaces - too many Methods (JEE)Documentation englishtotal = Total number of interfacesUpdatedtotal = Number of interfaces
4566quality-ruleAvoid declaring Instance Variables without defined access typeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4566quality-ruleAvoid declaring Instance Variables without defined access typeDocumentation englishMissingAddedtotal = Number of Java attributes
4568quality-ruleAvoid declaring Public Instance VariablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4568quality-ruleAvoid declaring Public Instance VariablesDocumentation englishMissingAddedtotal = Number of Java attributes
4570quality-ruleAvoid declaring Non Final Class Variables with Public or Package access typeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4570quality-ruleAvoid declaring Non Final Class Variables with Public or Package access typeDocumentation englishMissingAddedtotal = Number of Java attributes
4572quality-ruleAvoid declaring Final Instance Variables that are not dynamically initializedDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4572quality-ruleAvoid declaring Final Instance Variables that are not dynamically initializedDocumentation englishMissingAddedtotal = Number of Java attributes
4574quality-ruleAvoid using deprecated objectsDocumentation englishMissingAddedtotal = Number of Java objects
4576quality-ruleProvide accessors to Private FieldsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4578quality-ruleGood use of Interfaces with collections as Method return typesDocumentation englishtotal = The total number of methods which return type implements or extend java.lang.Col...Updatedtotal = Number of methods which return type implements or extend java.lang.Collection, j...
4580quality-ruleGood use of Interfaces when instantiating a collectionDocumentation englishtotal = The total number of fields whose type implements or extends java.lang.Collection...Updatedtotal = Number of fields whose type implements or extends java.lang.Collection, java.lan...
4592quality-ruleAvoid hiding static MethodsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 557, propertyID = 140910
4592quality-ruleAvoid hiding static MethodsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
4592quality-ruleAvoid hiding static MethodsDocumentation englishdescription = ... allowed. This Quality Rule retrieves all static methods that are redefined in s...Updateddescription = ... allowed. This Quality Rule retrieves all static methods that are redefined in ...
4592quality-ruleAvoid hiding static MethodsDocumentation englishoutput = This report lists all hidden Static Methods. It provides the following informati...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
4592quality-ruleAvoid hiding static MethodsDocumentation englishrationale = ... stability of the application.Updatedrationale = ... stability of the application. Except for class derives from “javax.swing.plaf....
4592quality-ruleAvoid hiding static MethodsDocumentation englishreference = http://faq.javaranch.com/view?OverridingVsHidingUpdatedreference = https://coderanch.com/wiki/659959/Overriding-Hiding https://coderanch.com/t/3800...
4592quality-ruleAvoid hiding static MethodsDocumentation englishremediation = ...eview the design of the MethodUpdatedremediation = ...eview the design of the Method. Simply not override the static (class) methods.
4592quality-ruleAvoid hiding static MethodsDocumentation englishtotal = The total procedure counts the number of static methods.Updatedtotal = Number of methods.
4592quality-ruleAvoid hiding static MethodsDocumentation englishMissingAddedremediationSample = class Foo { public static void classMethod() { System.out.println("c...
4592quality-ruleAvoid hiding static MethodsDocumentation englishMissingAddedsample = class Foo { public static void classMethod() { System.out.println("c...
4592quality-ruleAvoid hiding static MethodsDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4592quality-ruleAvoid hiding static MethodsOperationlocalSiteDiagnose = DIAG_SCOPE_JAVABEST022UpdatedlocalSiteDiagnose = null
4592quality-ruleAvoid hiding static MethodsOperationlocalSiteCountTotal = DIAG_JAVA_ANA_CLASS_MET_TOTALUpdatedlocalSiteCountTotal = null
4596quality-ruleAvoid using 'java.lang.System.getenv()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4596quality-ruleAvoid using 'java.lang.System.getenv()'Documentation englishMissingAddedtotal = Number of Java artifacts
4598quality-ruleAvoid using 'java.lang.Runtime.exec()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4598quality-ruleAvoid using 'java.lang.Runtime.exec()'Documentation englishMissingAddedtotal = Number of Java artifacts
4600quality-ruleAvoid using 'java.System.exit()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4600quality-ruleAvoid using 'java.System.exit()'Documentation englishMissingAddedtotal = Number of Java artifacts
4604quality-ruleAvoid using 'java.lang.Error'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4604quality-ruleAvoid using 'java.lang.Error'Documentation englishMissingAddedtotal = Number of Java objects
4606quality-ruleAvoid using 'sun.*' ClassesDocumentation englishMissingAddedtotal = Number of Java objects
4610quality-ruleAvoid using anonymous ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4610quality-ruleAvoid using anonymous ClassesDocumentation englishtotal = All classesUpdatedtotal = Number of classes
4612quality-ruleAvoid using native Methods (JNI)Documentation englishtotal = number of artifactsUpdatedtotal = Number of artifacts
4614quality-ruleProper overriding of 'clone()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4614quality-ruleProper overriding of 'clone()'Documentation englishMissingAddedtotal = Number of Java methods
4616quality-ruleProper overriding of 'finalize()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4616quality-ruleProper overriding of 'finalize()'Documentation englishMissingAddedtotal = Number of Java methods
4618quality-ruleAvoid instantiating BooleanDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4618quality-ruleAvoid instantiating BooleanDocumentation englishMissingAddedtotal = Number of Java artifacts
4652quality-ruleAvoid direct Class inheritance from java.lang.ThrowableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4652quality-ruleAvoid direct Class inheritance from java.lang.ThrowableDocumentation englishMissingAddedtotal = Number of Java classes
4656quality-ruleAvoid declaring throwing an exception and not throwing itDocumentation englishtotal = number of methods declaring throwing an exception in the signature except method...Updatedtotal = Number of methods declaring throwing an exception in the signature except method...
4666quality-ruleClasses and Interfaces must have JavaDoc CommentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4666quality-ruleClasses and Interfaces must have JavaDoc CommentsDocumentation englishtotal = classes and interfaces (generic or not)Updatedtotal = Number of classes and interfaces (generic or not)
4668quality-ruleClasses and Interfaces must have JavaDoc @author tagDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4668quality-ruleClasses and Interfaces must have JavaDoc @author tagDocumentation englishtotal = classes and interfaces (generic or not)Updatedtotal = Number of classes and interfaces (generic or not)
4670quality-ruleMethods must have JavaDoc commentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4670quality-ruleMethods must have JavaDoc commentsDocumentation englishtotal = methodsUpdatedtotal = Number of methods
4672quality-ruleMethods must have appropriate JavaDoc @param tagsDocumentation englishtotal = method's parametersUpdatedtotal = Number of method's parameters
4674quality-ruleMethods must have appropriate JavaDoc @return tagsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4674quality-ruleMethods must have appropriate JavaDoc @return tagsDocumentation englishtotal = methods that return a valueUpdatedtotal = Number of methods that return a value
4676quality-ruleMethods must have appropriate JavaDoc @throws tagsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4676quality-ruleMethods must have appropriate JavaDoc @throws tagsDocumentation englishtotal = methods that throw exceptionsUpdatedtotal = Number of methods that throw exceptions
4678quality-ruleMethods must have appropriate JavaDoc @exception tagsDocumentation englishtotal = methods that throw exceptionsUpdatedtotal = Number of methods that throw exceptions
4680quality-ruleFields must have JavaDoc CommentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4680quality-ruleFields must have JavaDoc CommentsDocumentation englishtotal = java fieldsUpdatedtotal = Number of Java fields
4694quality-ruleAvoid using 'System.gc'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4696quality-ruleAvoid using 'System.err' and 'System.out' within a try catch blockDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4698quality-ruleAvoid using 'System.err' and 'System.out' outside a try catch blockDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4704quality-ruleAvoid using VectorDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4704quality-ruleAvoid using VectorDocumentation englishMissingAddedtotal = Number of Java objects
4706quality-ruleAvoid using HashtableDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
4706quality-ruleAvoid using HashtableDocumentation englishMissingAddedtotal = Number of Java artifacts
4708quality-ruleAvoid using Dynamic instantiationDocumentation englishtotal = All Java artifactsUpdatedtotal = Number of Java artifacts
4712quality-ruleAvoid inheritance down the Package pathDocumentation englishtotal = The number of classesUpdatedtotal = Number of classes
4716quality-ruleAvoid Classes implementing too many Interfaces (JEE)Documentation englishMissingAddedtotal = Number of Java classes
4718quality-rulePackage size controlDocumentation englishMissingAddedtotal = Number of Java packages
4722quality-ruleTrack Classes referencing Database objectsDocumentation englishtotal = Java classesUpdatedtotal = Number of Java classes
4730quality-rulePackage naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4730quality-rulePackage naming convention - case controlDocumentation englishMissingAddedtotal = Number of Java packages
4732quality-ruleInterface naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4732quality-ruleInterface naming convention - case controlDocumentation englishMissingAddedtotal = Number of Java interfaces
4734quality-ruleClass naming convention - case control (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
4734quality-ruleClass naming convention - case control (JEE)Documentation englishMissingAddedtotal = Number of Java classes
4736quality-ruleMethod naming convention - case control (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
4736quality-ruleMethod naming convention - case control (JEE)Documentation englishMissingAddedtotal = Number of Java methods
4738quality-ruleConstant naming convention - case control (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
4738quality-ruleConstant naming convention - case control (JEE)Documentation englishtotal = static final fieldsUpdatedtotal = Number of static final fields
4740quality-ruleField naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4740quality-ruleField naming convention - case controlDocumentation englishtotal = Java fields except static final fieldsUpdatedtotal = Number of Java fields except static final fields
4744quality-ruleEJB Entity access through their local InterfaceDocumentation englishMissingAddedtotal = Number of Methods accessing Java EJB Entity
4746quality-ruleEJB Session access through their local InterfaceDocumentation englishMissingAddedtotal = Number of Methods accessing Java EJB Session
5050quality-ruleAvoid using HANDLE CONDITIONDocumentation englishoutput = ...violation patterns found in the source code: - EXEC CICS HANDLE CONDITION comm...Updatedoutput = ...violation occurrences found in the source code: - EXEC CICS HANDLE CONDITION c...
5052quality-ruleAvoid using IGNORE CONDITIONDocumentation englishoutput = ...violation patterns found in the source code: - EXEC CICS IGNORE CONDITION comm...Updatedoutput = ...violation occurrences found in the source code: - EXEC CICS IGNORE CONDITION c...
5054quality-ruleAvoid using HANDLE ABENDDocumentation englishoutput = ...violation patterns found in the source code: - EXEC CICS HANDLE ABEND statemen...Updatedoutput = ...violation occurrences found in the source code: - EXEC CICS HANDLE ABEND state...
5056quality-ruleAvoid using SEARCH without the ALL additionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
5056quality-ruleAvoid using SEARCH without the ALL additionDocumentation englishoutput = ...violation patterns found in source code: - SEARCH statement - Internal table def...Updatedoutput = ...violation occurrences found in source code: - SEARCH statement - Internal table ...
5058quality-ruleAvoid using SORTDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5058quality-ruleAvoid using SORTDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5060quality-ruleAvoid using MERGEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5060quality-ruleAvoid using MERGEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5062quality-ruleAvoid using ALTERDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5062quality-ruleAvoid using ALTERDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
5064quality-ruleProgram naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5066quality-ruleAvoid using PERFORM ... THROUGH | THRUDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5066quality-ruleAvoid using PERFORM ... THROUGH | THRUDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5068quality-ruleAvoid STOP RUN (use GOBACK instead)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5068quality-ruleAvoid STOP RUN (use GOBACK instead)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5070quality-ruleSection naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5072quality-ruleAvoid DISPLAY ... UPON CONSOLEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5072quality-ruleAvoid DISPLAY ... UPON CONSOLEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
5074quality-ruleParagraph naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5080quality-ruleAvoid Procedure Paragraphs that contains no statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5080quality-ruleAvoid Procedure Paragraphs that contains no statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5082quality-ruleAvoid Procedure Sections that contain no ParagraphDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5082quality-ruleAvoid Procedure Sections that contain no ParagraphDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5086quality-ruleAvoid using Sections in the PROCEDURE DIVISION (use Paragraphs only)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5086quality-ruleAvoid using Sections in the PROCEDURE DIVISION (use Paragraphs only)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5090quality-ruleAvoid using NEXT SENTENCEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5090quality-ruleAvoid using NEXT SENTENCEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5092quality-ruleInclude a WHEN OTHER clause when using EVALUATEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5092quality-ruleInclude a WHEN OTHER clause when using EVALUATEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5094quality-ruleAvoid using MOVE CORRESPONDING ... TO ...Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5094quality-ruleAvoid using MOVE CORRESPONDING ... TO ...Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5112quality-ruleAvoid undocumented Sections (COBOL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5112quality-ruleAvoid undocumented Sections (COBOL)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5114quality-ruleAvoid undocumented Programs (COBOL)Documentation englishassociatedValueName = Associated ValueRemovedMissing
5116quality-ruleAvoid undocumented ParagraphsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5116quality-ruleAvoid undocumented ParagraphsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5144quality-ruleAvoid using GOTO statement (COBOL)Documentation englishoutput = ...violation patterns found in the source code: - GO TO statementUpdatedoutput = ...violation occurrences found in the source code: - GO TO statement
5550quality-ruleAvoid having joins with more than 4 TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5550quality-ruleAvoid having joins with more than 4 TablesDocumentation englishMissingAddedtotal = Number of objects using tables
5550quality-ruleAvoid having joins with more than 4 TablesDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
5554quality-ruleAvoid having SQL code in Triggers named "pre-record"Documentation englishMissingAddedtotal = Number of triggers named 'pre-record'
5558quality-ruleBased Data Blocks naming convention - represented tableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5558quality-ruleBased Data Blocks naming convention - represented tableDocumentation englishMissingAddedtotal = Number of based forms datablocks
5560quality-ruleBased Data Block Items naming convention - represented columnDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5560quality-ruleBased Data Block Items naming convention - represented columnDocumentation englishMissingAddedtotal = Number of based forms datablock items
5562quality-ruleNot Based Data Blocks naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5564quality-ruleNot Based Data Block Items naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5566quality-ruleUse of call_form built-in Function from a centralized locationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5572quality-ruleAvoid objects without COMMENT propertyDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5572quality-ruleAvoid objects without COMMENT propertyDocumentation englishtotal = All Forms artefact with propertiesUpdatedtotal = Number of form artifacts with properties
6050quality-ruleDatawindow naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6050quality-ruleDatawindow naming conventionDocumentation englishMissingAddedtotal = Number of Datawindows
6052quality-ruleGlobal function naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6052quality-ruleGlobal function naming conventionDocumentation englishMissingAddedtotal = Number of Functions
6054quality-ruleMenu naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6054quality-ruleMenu naming conventionDocumentation englishMissingAddedtotal = Number of Menus
6056quality-ruleStructure naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6056quality-ruleStructure naming conventionDocumentation englishMissingAddedtotal = Number of Structures
6062quality-ruleWindow naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6062quality-ruleWindow naming conventionDocumentation englishMissingAddedtotal = Number of Windows
6066quality-ruleGlobal variable naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6066quality-ruleGlobal variable naming conventionDocumentation englishMissingAddedtotal = Number of Global Variables
6068quality-ruleInstance variable naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6068quality-ruleInstance variable naming conventionDocumentation englishMissingAddedtotal = Number of Instance Variables
6070quality-ruleUser event naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6070quality-ruleUser event naming conventionDocumentation englishMissingAddedtotal = Number of User Events
6072quality-ruleMethod naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6072quality-ruleMethod naming conventionDocumentation englishMissingAddedtotal = Number of Methods
6076quality-ruleAvoid Datawindows that does not access a database dataDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6076quality-ruleAvoid Datawindows that does not access a database dataDocumentation englishMissingAddedtotal = Number of Datawindows
6078quality-ruleAvoid Datawindows accessing Database Procedures or FunctionsDocumentation englishMissingAddedtotal = Number of Datawindows
6082quality-ruleAvoid PB Function/Event/Method accessing Database Procedures or FunctionsDocumentation englishMissingAddedtotal = Number of functions, events, methods
6084quality-ruleAvoid having unreferenced codeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6084quality-ruleAvoid having unreferenced codeDocumentation englishMissingAddedtotal = Number of Objects referencing code
6102quality-ruleAvoid undocumented EventsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6102quality-ruleAvoid undocumented EventsDocumentation englishMissingAddedtotal = Number of Events
6104quality-ruleAvoid events with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of Events
6106quality-ruleUser event naming convention - declare onlyDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6106quality-ruleUser event naming convention - declare onlyDocumentation englishMissingAddedtotal = Number of User Events Declaration
6110quality-ruleControls must inherit from a userobjectDocumentation englishMissingAddedtotal = Number of Controls
6112quality-ruleAvoid using global variablesDocumentation englishMissingAddedtotal = Number of objects likely to use global variables
6114quality-ruleAvoid using global functionsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6114quality-ruleAvoid using global functionsDocumentation englishMissingAddedtotal = Number of objects likely to use global functions
6124quality-ruleDatawindows accessing database must be based on procedureDocumentation englishMissingAddedtotal = Number of Datawindows accessing database
6126quality-ruleAvoid using dynamic SQL in scriptsDocumentation englishMissingAddedtotal = Number of function, event, method
6128quality-ruleAvoid window with too high level of inheritanceDocumentation englishMissingAddedtotal = Number of Windows
6130quality-ruleAvoid userobject with too high level of inheritanceDocumentation englishMissingAddedtotal = Number of User Objects
6132quality-ruleAvoid overriding eventDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6132quality-ruleAvoid overriding eventDocumentation englishMissingAddedtotal = Number of User Events Extend or Override
6134quality-ruleAvoid menu with too high level of inheritanceDocumentation englishMissingAddedtotal = Number of Menus
6142quality-ruleAvoid Windows with too many MethodsDocumentation englishMissingAddedtotal = Number of Windows
6144quality-ruleAvoid Userobject with too many MethodsDocumentation englishMissingAddedtotal = Number of User Objects
6150quality-ruleAvoid Menus, UserObjects and Windows that have no inheritance relations with other objectsDocumentation englishMissingAddedtotal = Number of menu, user objects and windows
6162quality-ruleAvoid Artifacts with High integration complexityDocumentation englishMissingAddedtotal = Number of PB artifacts
6184quality-ruleAvoid Artifacts with Subqueries (Power Builder)Documentation englishMissingAddedtotal = Number of PB artifacts accessing SQL objects
6194quality-ruleAvoid Artifacts with lines of more than 80 charactersDocumentation englishMissingAddedtotal = Number of PB artifacts
7050quality-ruleFunction naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7060quality-ruleAvoid undocumented Programs (ABAP)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7062quality-ruleAvoid undocumented IncludesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7072quality-ruleProgram naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7074quality-ruleInclude naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7076quality-ruleAvoid Programs/Includes with too many FormsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Forms
7088quality-ruleProcessing Screen Naming ConventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7088quality-ruleProcessing Screen Naming ConventionDocumentation englishMissingAddedtotal = Number of ABAP processing screens
7124quality-ruleDELETED: Functional EvolvabilityDocumentation englishtotal = The number of modules of the application.Updatedtotal = Number of modules of the application
7126quality-ruleAvoid Artifacts with high Commented-out Code Lines/Code Lines ratioDocumentation englishtotal = The total procedure counts the number of Artifacts.Updatedtotal = Number of artifacts
7130quality-ruleAvoid Artifacts with High Depth of Nested SubqueriesDocumentation englishreference = http://it-cisq.org/ CISQ: ASCPEM-PRF-04Updatedreference = https://it-cisq.org/ CISQ: ASCPEM-PRF-04
7130quality-ruleAvoid Artifacts with High Depth of Nested SubqueriesDocumentation englishtotal = The total procedure counts the number of SQL Artifacts.Updatedtotal = Number of SQL artifacts
7132quality-ruleAction Mappings should have few forwardsDocumentation englishtotal = total of action mappingUpdatedtotal = Number of action mapping
7134quality-ruleAvoid having local forward with same name as global forwardDocumentation englishMissingAddedtotal = Number of Local Forwards
7136quality-ruleEach method in an Action Class should have a small complexityDocumentation englishtotal = The number of methods of classes and parent classes that are referenced as an ac...Updatedtotal = Number of methods of classes and parent classes that are referenced as an action...
7138quality-ruleAction Classes should only be called by Action Mappings tag (for Struts 1.x) or Action tag (for Struts 2.x)Documentation englishtotal = number of methods or objects that call struts actions classesUpdatedtotal = Number of methods or objects that call struts actions classes
7140quality-ruleAction Artifacts should not directly call a JSP pageDocumentation englishtotal = The total number of artifacts of classes and parent classes that are referenced ...Updatedtotal = Number of artifacts of classes and parent classes that are referenced as an acti...
7142quality-ruleAction Classes should have only one public methodDocumentation englishtotal = All action classes, except those inheriting from dispatchactionUpdatedtotal = Number of action classes, except those inheriting from dispatchaction
7148quality-ruleJSP pages should always be accessed through their tiles definitionDocumentation englishtotal = The total is the total of JSP pages. When the tiles technology is not used (no o...Updatedtotal = Number of JSP pages, when the tiles technology is used (object of type "Tiles C...
7152quality-ruleAvoid Fields in Servlet Classes that are not final staticDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7154quality-ruleAvoid Fields in Action Classes that are not final staticDocumentation englishMissingAddedtotal = Number of Action Classes
7156quality-ruleAvoid Too Many Copy Pasted ArtifactsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7156quality-ruleAvoid Too Many Copy Pasted ArtifactsDocumentation englishtotal = Artifacts larger than 10 lines of code ( default value of the CODELINE parameter...Updatedtotal = Number of artifacts larger than 10 lines of code ( default value of the CODELINE...
7188quality-rulePrivate fields must have JavaDoc CommentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7188quality-rulePrivate fields must have JavaDoc CommentsDocumentation englishtotal = private java fieldsUpdatedtotal = Number of private Java fields
7190quality-ruleValidator form validate() Method must call super.validate()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7190quality-ruleValidator form validate() Method must call super.validate()Documentation englishtotal = Non abstract methods that override the validate method (at any depth in the inhe...Updatedtotal = Number of non abstract methods that override the validate method (at any depth i...
7192quality-ruleForm Bean must extend Validator ClassDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7192quality-ruleForm Bean must extend Validator ClassDocumentation englishMissingAddedtotal = Number of Java classes in the Struts application
7194quality-ruleAvoid large number of String concatenation (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of times the '+=' operator or Concat is called
7194quality-ruleAvoid large number of String concatenation (.NET)Documentation englishtotal = Total number of artifacts with codeUpdatedtotal = Number of artifacts
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishMissingAddedtotal = Number of non abstract Java artifacts
7198quality-ruleAvoid String concatenation in loops (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7198quality-ruleAvoid String concatenation in loops (.NET)Documentation englishtotal = Total number of artifacts with codeUpdatedtotal = Number of artifacts
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishMissingAddedtotal = Number of non abstract Java artifacts
7202quality-ruleCheck usage of '==' and '!=' on objectsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7202quality-ruleCheck usage of '==' and '!=' on objectsDocumentation englishMissingAddedtotal = Number of non abstract Java Methods and Constructors
7204quality-ruleAvoid method invocation in a loop termination expressionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7204quality-ruleAvoid method invocation in a loop termination expressionDocumentation englishtotal = All methods having at least one loopUpdatedtotal = Number of methods having at least one loop
7206quality-ruleAvoid the use of InstanceOf inside loopsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7206quality-ruleAvoid the use of InstanceOf inside loopsDocumentation englishtotal = The total is the total number of methodsUpdatedtotal = Number of methods
7208quality-ruleAvoid the use of is inside loopsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7212quality-ruleAvoid instantiations inside loops (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7216quality-ruleDELETED: Avoid using exception handling inside loops (.NET)Documentation englishname = Avoid using exception handling inside loops (.NET)Updatedname = DELETED: Avoid using exception handling inside loops (.NET)
7216quality-ruleDELETED: Avoid using exception handling inside loops (.NET)Documentation englishtotal = Total number of methods and constructorsUpdatedtotal = Number of methods and constructors
7218quality-ruleAvoid OPEN/CLOSE inside loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7218quality-ruleAvoid OPEN/CLOSE inside loopsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7220quality-ruleAvoid Unused ImportsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7220quality-ruleAvoid Unused ImportsDocumentation englishMissingAddedtotal = Number of Java files and Web files
7234quality-ruleEVALUATE statements must be closed by END-EVALUATEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7234quality-ruleEVALUATE statements must be closed by END-EVALUATEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7236quality-ruleAvoid recursive calls with PERFORM statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7236quality-ruleAvoid recursive calls with PERFORM statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7238quality-ruleAvoid calls between JSP PagesDocumentation englishMissingAddedtotal = Number of JSP pages
7240quality-ruleAction Classes should only call Business ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7240quality-ruleAction Classes should only call Business ClassesDocumentation englishMissingAddedtotal = Number of Action Classes
7242quality-ruleAvoid implementing Action Classes inheriting directly from Struts ActionDocumentation englishtotal = The number of action classes (inherit from org.apache.struts.action.Action)Updatedtotal = Number of action classes (inherit from org.apache.struts.action.Action)
7244quality-ruleAvoid direct usage of EJB Entity from the clientDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7244quality-ruleAvoid direct usage of EJB Entity from the clientDocumentation englishtotal = The ratio is the sum of client methods that call directly an Entity Bean divided...Updatedtotal = Number of direct and indirect call from the client to Entity Beans
7246quality-ruleAvoid Packages with High Efferent Coupling (CE)Documentation englishMissingAddedtotal = Number of Java classes and interfaces
7248quality-ruleAvoid Packages with High Afferent Coupling (CA)Documentation englishMissingAddedtotal = Number of Java classes and interfaces
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)Documentation englishMissingAddedtotal = Number of Java artifacts
7252quality-ruleCall 'super.finalize ()' in the "finally" block of 'finalize ()' methodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7252quality-ruleCall 'super.finalize ()' in the "finally" block of 'finalize ()' methodsDocumentation englishMissingAddedtotal = Number of finalize methods
7254quality-ruleDeclare as Static all methods not using instance members (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7254quality-ruleDeclare as Static all methods not using instance members (JEE)Documentation englishtotal = The number of non static methods.Updatedtotal = Number of non static methods
7256quality-ruleProvide a private default Constructor for utility Classes (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7258quality-ruleDataReader must be called using CommandBehavior.CloseConnection enumerationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7258quality-ruleDataReader must be called using CommandBehavior.CloseConnection enumerationDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7260quality-ruleUser Interface elements must not use directly the databaseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Database object
7260quality-ruleUser Interface elements must not use directly the databaseDocumentation englishtotal = All artifactsUpdatedtotal = Number of artifacts
7262quality-ruleAvoid Namespaces with High Efferent Coupling (CE)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Efferent Coupling
7262quality-ruleAvoid Namespaces with High Efferent Coupling (CE)Documentation englishMissingAddedtotal = Number of namespaces
7264quality-ruleAvoid namespaces with High Afferent Coupling (CA)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Afferent Coupling
7264quality-ruleAvoid namespaces with High Afferent Coupling (CA)Documentation englishMissingAddedtotal = Number of namespaces
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishtotal = The Total procedure must count only Dispose(bool) methods defined in classes whi...Updatedtotal = Number of Dispose(bool) methods defined in classes which implement the IDisposab...
7268quality-ruleDispose() methods should call GC.SuppressFinalizeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7268quality-ruleDispose() methods should call GC.SuppressFinalizeDocumentation englishtotal = The Total procedure counts only the Dispose() methods without parameters and def...Updatedtotal = Number of Dispose() methods without parameters and defined in classes which impl...
7270quality-ruleDeclare as Static all methods not using instance members (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7270quality-ruleDeclare as Static all methods not using instance members (.NET)Documentation englishtotal = Total number of methodsUpdatedtotal = Number of methods
7272quality-ruleProvide a private default Constructor for utility Classes (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7274quality-ruleAvoid GOTO jumps out of PERFORM rangeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7274quality-ruleAvoid GOTO jumps out of PERFORM rangeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7288quality-ruleAvoid cyclic calls with PERFORM statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7288quality-ruleAvoid cyclic calls with PERFORM statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7290quality-ruleAvoid unreferenced Sections and ParagraphsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7290quality-ruleAvoid unreferenced Sections and ParagraphsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7294quality-ruleAvoid cyclical calls and inheritances between namespaces contentDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Cyclically called / inherited namespace full name
7296quality-ruleNever define static variables in header filesDocumentation englishoutput = ...violation patterns found in the source code: - static variableUpdatedoutput = ...violation occurrences found in the source code: - static variable
7298quality-ruleA Class that has pointer data members must provide a copy ConstructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7298quality-ruleA Class that has pointer data members must provide a copy ConstructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7302quality-ruleAvoid using PointersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7302quality-ruleAvoid using PointersDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7304quality-ruleIF statements must be closed by END-IFDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7304quality-ruleIF statements must be closed by END-IFDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7306quality-ruleAvoid declaring Inner ClassesDocumentation englishMissingAddedtotal = Number of Java classes
7308quality-ruleAvoid using Inner ClassesDocumentation englishMissingAddedtotal = Number of Java artifacts
7340quality-ruleAvoid Classes with Destructor not explicitly virtual whenever one of its base Class has a virtual DestructorDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7340quality-ruleAvoid Classes with Destructor not explicitly virtual whenever one of its base Class has a virtual DestructorDocumentation englishoutput = ...violation patterns found in source code: - Derived-class non-virtual destructo...Updatedoutput = ...violation occurrences found in source code: - Derived-class non-virtual destru...
7342quality-ruleAvoid functions overriding virtual functions without having the 'virtual' keywordDocumentation englishoutput = ...violation patterns found in the source code: - Non-virtual method - Virtual ...Updatedoutput = ...violation occurrences found in the source code: - Non-virtual method - Virtu...
7344quality-ruleAvoid "SELECT *" queriesDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using Tables or...Updatedtotal = Number of Client-Server artifacts using tables or views
7346quality-ruleAvoid redundant indexesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Redundant index
7346quality-ruleAvoid redundant indexesDocumentation englishtotal = Total number of tablesUpdatedtotal = Number of tables
7348quality-ruleAvoid too many Indexes on one TableDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of indexes of the table
7348quality-ruleAvoid too many Indexes on one TableDocumentation englishtotal = Total number of tablesUpdatedtotal = Number of tables
7350quality-ruleAvoid Tables having Indexes with a too large Index definitionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Size of index
7350quality-ruleAvoid Tables having Indexes with a too large Index definitionDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7352quality-ruleAvoid calling properties that clone values in loopsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7352quality-ruleAvoid calling properties that clone values in loopsDocumentation englishtotal = This counts all artifacts that can contain code (e.g. methods in classes but not...Updatedtotal = Number of methods in classes but not in interfaces
7358quality-ruleAvoid call to AcceptChanges in a loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7358quality-ruleAvoid call to AcceptChanges in a loopDocumentation englishtotal = All .Net Artifacts doing a call to AcceptChangesUpdatedtotal = Number of .Net artifacts doing a call to AcceptChanges
7360quality-ruleDELETED:7360 Avoid hiding Static MethodsDocumentation englishtotal = The total procedure counts the number of static methods.Updatedtotal = Number of static methods
7362quality-ruleAvoid action mappings validator turned offDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7362quality-ruleAvoid action mappings validator turned offDocumentation englishtotal = The number of action mapping or 0 if no object of type "Struts Configuration Fil...Updatedtotal = Number of action mapping or 0 if no object of type "Struts Configuration File" i...
7364quality-ruleAvoid multiple validation form with the same nameDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7364quality-ruleAvoid multiple validation form with the same nameDocumentation englishtotal = The total number of distinct validation forms names or 0 if no object of type "V...Updatedtotal = Number of distinct validation forms names or 0 if no object of type "Validation ...
7366quality-ruleFile descriptor block must be defined with 0 recordDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7366quality-ruleFile descriptor block must be defined with 0 recordDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7368quality-ruleWhen using binary data items (COMP), then use the SYNCHRONIZED clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7368quality-ruleWhen using binary data items (COMP), then use the SYNCHRONIZED clauseDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7370quality-ruleAvoid using inline PERFORM with too many lines of codeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7370quality-ruleAvoid using inline PERFORM with too many lines of codeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7372quality-ruleEnable Struts Validator pluginDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7372quality-ruleEnable Struts Validator pluginDocumentation englishtotal = the total is equal to the number of struts configuration file if object of type ...Updatedtotal = Number of struts configuration file when object of type "Struts Configuration Fi...
7378quality-ruleAvoid include JavaScript FilesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7378quality-ruleAvoid include JavaScript FilesDocumentation englishtotal = number of JSP files that refer to JavaScript FilesUpdatedtotal = Number of JSP files that refer to JavaScript files
7380quality-ruleAvoid unused validation formDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7380quality-ruleAvoid unused validation formDocumentation englishtotal = total of validation form or 0 if no object of type "Validation Configuration Fil...Updatedtotal = Number of validation forms when object of type "Validation Configuration File" i...
7382quality-ruleAvoid Validator field without Form FieldDocumentation englishtotal = total of form validated or 0 if no object of type "Validation Configuration Fil...Updatedtotal = Number of forms validated when object of type "Validation Configuration File" is...
7384quality-ruleDELETED: Large Programs should be called dynamicallyDocumentation englishoutput = ...violation patterns found in source code: - CALL statementUpdatedoutput = ...violation occurrences found in source code: - CALL statement
7386quality-ruleAvoid Tables without a clustered IndexDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7388quality-ruleAvoid artifacts having recursive callsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7388quality-ruleAvoid artifacts having recursive callsDocumentation englishtotal = The total procedure counts the number of executable artifacts (all Artifacts exc...Updatedtotal = Number of executable artifacts (all artifacts excepts tables, views, jsp, asp, ...
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishname = ... multiple Artifacts inserting data on the same SQL TableUpdatedname = ... multiple artifacts inserting data on the same SQL Table
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishMissingAddedremediationSample = import java.sql.*; // less than X classes update the same table public class T...
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishMissingAddedsample = import java.sql.*; public class TestUpdate1 { public static void main(java.l...
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishMissingAddedremediationSample = import java.sql.*; // less than X classes update the same table public class T...
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishMissingAddedsample = import java.sql.*; public class TestUpdate1 { public static void main(java.l...
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishname = ... multiple Artifacts updating data on the same SQL TableUpdatedname = ... multiple artifacts updating data on the same SQL Table
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishMissingAddedremediationSample = import java.sql.*; // less than X classes update the same table public class T...
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishMissingAddedsample = import java.sql.*; public class TestUpdate1 { public static void main(java.l...
7396quality-ruleDELETED: Subprograms called multiple times should be called staticallyDocumentation englishoutput = ...violation patterns found in source code: - "CALL <variable_name>" statements r...Updatedoutput = ...violation occurrences found in source code: - "CALL <variable_name>" statement...
7404quality-ruleAvoid unreferenced viewsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7404quality-ruleAvoid unreferenced viewsDocumentation englishtotal = total is number of views stored in the schemaUpdatedtotal = Number of views stored in the schema
7416quality-ruleAvoid Form Field without ValidatorDocumentation englishtotal = The number of all form fields or Java setter methods, when defined with struts o...Updatedtotal = Number of form fields or Java setter methods, when defined with struts or 0 if n...
7418quality-ruleAvoid SQL queries using functions on indexed columns in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using Tables.Updatedtotal = Number of Client-Server artifacts using tables
7420quality-ruleAvoid SQL queries with implicit conversions in the WHERE clauseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Name of the column (first column involved in a type conversion)
7420quality-ruleAvoid SQL queries with implicit conversions in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of SQL Artifacts using Tables.Updatedtotal = Number of SQL artifacts using tables
7424quality-ruleAvoid using SQL queries inside a loopDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7424quality-ruleAvoid using SQL queries inside a loopDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7428quality-ruleAvoid SQL queries not using the first column of a composite index in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of client-server artifacts using tables th...Updatedtotal = Number of client-server artifacts using tables that contain a query using column...
7434quality-ruleAvoid classes overriding only equals() or only hashCode()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7434quality-ruleAvoid classes overriding only equals() or only hashCode()Documentation englishtotal = all classes that override equals() or (not exclusive) hashCode()Updatedtotal = Number of classes that override equals() or (not exclusive) hashCode()
7436quality-rulePrefer UNION ALL to UNIONDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = The number of UNION (without ALL) occurrences
7436quality-rulePrefer UNION ALL to UNIONDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts with a SQL quer...Updatedtotal = Number of Client-Server artifacts with a SQL query that contains a UNION or UNIO...
7438quality-ruleAvoid non thread safe singletonDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7438quality-ruleAvoid non thread safe singletonDocumentation englishtotal = the total procedure counts all singleton classes (as defined in the definition)Updatedtotal = Number of singleton classes (as defined in the definition)
7440quality-ruleSuspicious similar method names or signatures in an inheritance treeDocumentation englishtotal = All methods that fails and all methods that override a method from a superclassUpdatedtotal = Number of methods that fails and methods that override a method from a superclas...
7444quality-ruleSerialize session objectsDocumentation englishtotal = The number of objects in the session scopeUpdatedtotal = Number of objects in the session scope
7446quality-ruleAvoid double checked lockingDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7458quality-ruleAvoid large Interfaces - too many Methods (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of methods
7458quality-ruleAvoid large Interfaces - too many Methods (.NET)Documentation englishtotal = Total number of interfacesUpdatedtotal = Number of interfaces
7460quality-ruleAvoid using untyped DataSetDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7466quality-ruleAvoid changing DataSource member before ValueMember/DisplayMemberDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7468quality-ruleDisable constraints before merging DataSetDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7470quality-ruleAvoid doing select on Datatable in loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7474quality-ruleUse BeginUpdate/EndUpdate when using Items.Add method in loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7476quality-ruleTurn off "Multiple SQL statements for each measure"Documentation englishassociatedValueName = Associated ValueRemovedMissing
7476quality-ruleTurn off "Multiple SQL statements for each measure"Documentation englishtotal = Count of universesUpdatedtotal = Number of universes
7480quality-ruleUse aggregate awareness for indicatorsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7480quality-ruleUse aggregate awareness for indicatorsDocumentation englishtotal = Count of indicatorsUpdatedtotal = Number of indicators
7482quality-ruleDo not use Cartesian products in Universe propertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7482quality-ruleDo not use Cartesian products in Universe propertiesDocumentation englishtotal = Count of universesUpdatedtotal = Number of universes
7484quality-ruleObjects in Universe using inexistent Table/ColumnDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7486quality-ruleSplit universes of more than X MBDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7486quality-ruleSplit universes of more than X MBDocumentation englishtotal = All universesUpdatedtotal = Number of universes
7488quality-ruleUse lazy fetching for collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7488quality-ruleUse lazy fetching for collectionDocumentation englishtotal = number of Hibernate Entity Property or JPA Entity Property of type collectionUpdatedtotal = Number of Hibernate entity properties or JPA entity properties of type collectio...
7490quality-ruleAvoid UPDATE trigger firing when not necessaryDocumentation englishtotal = The number of Hibernate XML Class associated to a table managed by a triggerUpdatedtotal = Number of Hibernate XML classes associated to a table managed by a trigger
7494quality-rulePersistent class method's equals() and hashCode() must access its fields through getter methodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7496quality-ruleUse table-per-subclass strategy when subclasses have many propertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7496quality-ruleUse table-per-subclass strategy when subclasses have many propertiesDocumentation englishtotal = The number of hibernate and/or JPA entities that are subclassed (subclass or joi...Updatedtotal = Number of hibernate and/or JPA entities that are subclassed (subclass or joined-...
7498quality-ruleCollection must be the same between getter and setterDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7498quality-ruleCollection must be the same between getter and setterDocumentation englishtotal = The total is the total number of hibernate or JPA persistent fields setters and ...Updatedtotal = Number of hibernate or JPA persistent fields setters and getters that have a Col...
7500quality-ruleUse table-per-class-hierarchy when subclasses have few propertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7500quality-ruleUse table-per-class-hierarchy when subclasses have few propertiesDocumentation englishtotal = The number of hibernate and/or JPA entities that are subclassed (subclass or joi...Updatedtotal = Number of hibernate and/or JPA entities that are subclassed (subclass or joined-...
7502quality-ruleNever use array to map a collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7502quality-ruleNever use array to map a collectionDocumentation englishtotal = The total will be the number of Hibernate Entities that map a collection that co...Updatedtotal = Number of Hibernate entities that map a collection that could be: array, map, li...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishtotal = The number of persistent classes (through Hibernate or JPA)Updatedtotal = Number of persistent classes (through Hibernate or JPA)
7506quality-ruleDefine equals() and hashCode() for componentDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7506quality-ruleDefine equals() and hashCode() for componentDocumentation englishtotal = Total classes associated to a component (component and composite-element or @Emb...Updatedtotal = Number of classes associated to a component (component and composite-element or ...
7508quality-ruleCollection-typed attributes getter must be defined with the correct interfaceDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7508quality-ruleCollection-typed attributes getter must be defined with the correct interfaceDocumentation englishtotal = Total getters associated to persistent collection-typed attributesUpdatedtotal = Number of getters associated to persistent collection-typed attributes
7510quality-ruleUse only Hibernate API to access to the databaseDocumentation englishtotal = The total number of artifacts that violate this rule plus the artifacts that ref...Updatedtotal = Number of artifacts that violate this rule plus the artifacts that reference net...
7512quality-ruleAvoid empty Functions, Forms and ModulesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7514quality-ruleAvoid empty IncludesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7516quality-ruleAvoid empty ProgramsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7518quality-ruleAvoid missing WHEN OTHERS in CASE statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7518quality-ruleAvoid missing WHEN OTHERS in CASE statementsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7520quality-ruleAvoid unchecked return code (SY-SUBRC) after OPEN SQL or READ statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7520quality-ruleAvoid unchecked return code (SY-SUBRC) after OPEN SQL or READ statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7522quality-ruleAvoid using literals in assignments (hardcoded values)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7522quality-ruleAvoid using literals in assignments (hardcoded values)Documentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7526quality-ruleAvoid using hardcoded pathsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7526quality-ruleAvoid using hardcoded pathsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7528quality-ruleNever use the ON CHANGE OF statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7528quality-ruleNever use the ON CHANGE OF statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7534quality-ruleAvoid READ TABLE without BINARY SEARCHDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7534quality-ruleAvoid READ TABLE without BINARY SEARCHDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7542quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness checkDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7542quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness checkDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7544quality-ruleAvoid using SELECT ... ENDSELECT statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7544quality-ruleAvoid using SELECT ... ENDSELECT statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7548quality-ruleNever use incompatible statements with the CICS environmentDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7548quality-ruleNever use incompatible statements with the CICS environmentDocumentation englishoutput = ...violation patterns found in source code: - Incompatible Cobol statementUpdatedoutput = ...violation occurrences found in source code: - Incompatible Cobol statement
7550quality-ruleAvoid using nested programsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7550quality-ruleAvoid using nested programsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7552quality-ruleAvoid incoherent file accesses in Cobol programs and DISP clauses in JCLDocumentation englishoutput = ...violation patterns found in source code: - The OPEN statement (in the Cobol ...Updatedoutput = ...violation occurrences found in source code: - The OPEN statement (in the Cob...
7556quality-ruleAvoid instanceof in Methods that override or implement Object.equals(), Comparable.compareTo()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7558quality-ruleAvoid accessing data by using the position and lengthDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7558quality-ruleAvoid accessing data by using the position and lengthDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7562quality-ruleAvoid static Field of type collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7568quality-ruleAvoid undocumented User-exitsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7598quality-ruleClass naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7602quality-ruleTransaction naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7634quality-ruleAvoid select-before-update when the Table is not associated to an UPDATE TriggerDocumentation englishtotal = The number of Hibernate XML Entities that have the select-before-update propertyUpdatedtotal = Number of Hibernate XML Entities that have the select-before-update property
7636quality-ruleUse version instead of timestampDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7636quality-ruleUse version instead of timestampDocumentation englishtotal = The total is the number of hibernate entity that use version or timestamp proper...Updatedtotal = Number of Hibernate entities that use version or timestamp property
7638quality-ruleAvoid using DriverManagerDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7638quality-ruleAvoid using DriverManagerDocumentation englishtotal = The number of methods that reference java.sql.Connection classUpdatedtotal = Number of methods that reference java.sql.Connection class
7640quality-ruleAvoid catch blocks with assertionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7640quality-ruleAvoid catch blocks with assertionDocumentation englishtotal = Methods and constructors that have code (not abstracts or from interfaces) conta...Updatedtotal = Number of methods and constructors that have code (not abstracts or from interfa...
7642quality-ruleAvoid SQL queries on XXL tables not using the first column of a composite index in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of client-server artifacts using tables or...Updatedtotal = Number of client-server artifacts using tables or views that contain a query usi...
7644quality-ruleAvoid executing multiple OPEN statementsDocumentation englishoutput = ...violation patterns found in source code: - OPEN statementUpdatedoutput = ...violation occurrences found in source code: - OPEN statement
7648quality-ruleAvoid calling finalize()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7648quality-ruleAvoid calling finalize()Documentation englishtotal = number of call to finalize methodsUpdatedtotal = Number of calls to finalize methods
7650quality-ruleAll types of a serializable Class must be serializableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7650quality-ruleAll types of a serializable Class must be serializableDocumentation englishtotal = number of non-static, non-transient and not primitive fields of classes that imp...Updatedtotal = Number of non-static, non-transient and not primitive fields of classes that imp...
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDocumentation englishtotal = The number of methods that throw an exception (a class that inherits from Throwa...Updatedtotal = Number of methods that throw an exception (a class that inherits from Throwable)...
7654quality-ruleAvoid database tables associated to more than one EntityDocumentation englishtotal = The total is the number of EntityUpdatedtotal = Number of entities
7658quality-ruleAvoid SQL queries on XXL Tables using Functions on indexed Columns in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using XXL Table...Updatedtotal = Number of Client-Server artifacts using XXL Tables or views based on XXL tables
7660quality-ruleNever use SQL queries with a cartesian product on XXL TablesDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using XXL Table...Updatedtotal = Number of Client-Server artifacts using XXL Tables or views based on XXL tables
7662quality-ruleAvoid SQL queries on XXL Tables with implicit conversions in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of SQL Artifacts using XXL Tables or views...Updatedtotal = Number of SQL artifacts using XXL Tables or views based on XXL tables
7668quality-ruleAvoid using incorrect XML parsing modelDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7668quality-ruleAvoid using incorrect XML parsing modelDocumentation englishtotal = The number of methods that reference javax.xml.parsers.SAXParser and javax.xml.p...Updatedtotal = Number of methods that reference javax.xml.parsers.SAXParser and javax.xml.parse...
7670quality-ruleAvoid accessing SAP standard Tables in modification from custom codeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7670quality-ruleAvoid accessing SAP standard Tables in modification from custom codeDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7672quality-ruleAvoid using EXIT statement in IncludeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7672quality-ruleAvoid using EXIT statement in IncludeDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7676quality-ruleAvoid too many packages referencing MainframeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7676quality-ruleAvoid too many packages referencing MainframeDocumentation englishtotal = The number of packageUpdatedtotal = Number of packages
7678quality-ruleAvoid using specific logging implementationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7678quality-ruleAvoid using specific logging implementationDocumentation englishtotal = total of artifacts and fields that use org.apache.log4j, org.apache.commons.logg...Updatedtotal = Number of artifacts and fields that use org.apache.log4j, org.apache.commons.log...
7680quality-ruleDeclare as Final all classes that will not be sub-classedDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7682quality-ruleAvoid domain model depending on other Java APIDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7682quality-ruleAvoid domain model depending on other Java APIDocumentation englishtotal = The number of persistent classes's artifactsUpdatedtotal = Number of persistent classes's artifacts
7688quality-ruleNever truncate data in MOVE statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7688quality-ruleNever truncate data in MOVE statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7690quality-ruleAvoid unchecked return code (SQLCODE) after EXEC SQL queryDocumentation englishoutput = ...violation patterns found in source code: - EXEC SQL query that is not followe...Updatedoutput = ...violation occurrences found in source code: - EXEC SQL query that is not foll...
7692quality-ruleEach opened file must be closedDocumentation englishoutput = ...violation patterns found in source code: - FD clause associated to the file ...Updatedoutput = ...violation occurrences found in source code: - FD clause associated to the fi...
7694quality-ruleAvoid calling the same paragraph with PERFORM and GO TO statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7694quality-ruleAvoid calling the same paragraph with PERFORM and GO TO statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7696quality-ruleA Copybook should not include other CopybooksDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7696quality-ruleA Copybook should not include other CopybooksDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7698quality-ruleFiles should be declared with a FILE-STATUSDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7698quality-ruleFiles should be declared with a FILE-STATUSDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7700quality-ruleUse only Struts HTTP ServletDocumentation englishtotal = The total is the total number of Servlet that inherit from javax.servlet.http.Ht...Updatedtotal = Number of Servlets that inherit from javax.servlet.http.HttpServlet when org.apa...
7702quality-ruleUse a third party connection poolDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7702quality-ruleUse a third party connection poolDocumentation englishtotal = Total of Hibernate Configuration File (including hibernate.properties). If it do...Updatedtotal = Number of Hibernate configuration fields (including hibernate.properties)
7704quality-ruleAvoid static Fields that are not finalDocumentation englishtotal = number of enterprise bean (session, message and entity)Updatedtotal = Number of enterprise beans (session, message and entity)
7706quality-ruleAvoid table and column names that are too long (portability)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7706quality-ruleAvoid table and column names that are too long (portability)Documentation englishtotal = The total number of Persistent Entities and PropertiesUpdatedtotal = Number of persistent entities and properties
7708quality-ruleAvoid using session.setFlushMode(FlushMode.COMMIT, FlushMode.NEVER or FlushMode.MANUAL)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7708quality-ruleAvoid using session.setFlushMode(FlushMode.COMMIT, FlushMode.NEVER or FlushMode.MANUAL)Documentation englishtotal = The number of methods that reference org.hibernate.Session.setFlushMode or net.s...Updatedtotal = Number of methods that reference org.hibernate.Session.setFlushMode or net.sf.hi...
7710quality-ruleAvoid non serializable EntitiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7710quality-ruleAvoid non serializable EntitiesDocumentation englishtotal = the number of entitiesUpdatedtotal = Number of entities
7712quality-ruleAvoid public/protected setter for the generated identifier fieldDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7714quality-ruleDo not use auto-wiringDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 529, propertyID = 140919
7714quality-ruleDo not use auto-wiringDocumentation englishreference = http://www.onjava.com/pub/a/onjava/2006/01/25/spring-xml-configuration-best-prac...Updatedreference = https://blog.marcnuri.com/field-injection-is-not-recommended/ https://howtodoinj...
7714quality-ruleDo not use auto-wiringDocumentation englishremediationSample = ...yBean"/> // FIXED ... </beans>UpdatedremediationSample = ...yBean"/> // FIXED ... </beans> @Service public class ModuleManagementService { ...
7714quality-ruleDo not use auto-wiringDocumentation englishsample = ...n"/> // VIOLATION ... </beans>Updatedsample = ...n"/> // VIOLATION ... </beans> import org.springframework.stereotype.Componen...
7714quality-ruleDo not use auto-wiringDocumentation englishtotal = The total number of Spring bean, 0 if Spring is not usedUpdatedtotal = Number of Spring bean
7714quality-ruleDo not use auto-wiringDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7714quality-ruleDo not use auto-wiringOperationlocalSiteDiagnose = DIAG_SCOPE_JEEARUSE004UpdatedlocalSiteDiagnose = null
7714quality-ruleDo not use auto-wiringOperationlocalSiteCountTotal = DIAG_JEE_SPRINGBEAN_TOTALUpdatedlocalSiteCountTotal = null
7716quality-ruleAvoid defining singleton or factory when using SpringDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7716quality-ruleAvoid defining singleton or factory when using SpringDocumentation englishtotal = The total will be the total of JAVA singleton, factory and Spring beans, 0 if Sp...Updatedtotal = Number of Java singleton, factory and Spring beans when Spring is used
7718quality-ruleSections and paragraphs should be located after the first statement calling themDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7718quality-ruleSections and paragraphs should be located after the first statement calling themDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7722quality-ruleAvoid using references to the id in the persistent class's method equals()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7724quality-ruleOverriden equals() Methods in persistent Subclasses should only reference properties from the persistent base ClassDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7724quality-ruleOverriden equals() Methods in persistent Subclasses should only reference properties from the persistent base ClassDocumentation englishtotal = The total is the number of persistent subclasses (subclass or joined-subclass) t...Updatedtotal = Number of persistent subclasses (subclass or joined-subclass) that override the ...
7726quality-ruleAvoid Action artifacts that call packages that reference databaseDocumentation englishtotal = The total number of artifacts of classes and parent classes that are referenced ...Updatedtotal = Number of artifacts of classes and parent classes that are referenced as an acti...
7728quality-ruleAvoid thread creation for application running on application serverDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7728quality-ruleAvoid thread creation for application running on application serverDocumentation englishtotal = The number of Java methods and Constructors when ejb-jar.xml or web.xml are pres...Updatedtotal = Number of Java methods and constructors when ejb-jar.xml or web.xml are present ...
7730quality-ruleUse declarative transactionDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 531, propertyID = 140920
7730quality-ruleUse declarative transactionDocumentation englishdescription = When EJB Session and/or Message Driven Beans exist, this Quality Rule reports al...Updateddescription = The Bean Provider can choose between using programmatic transaction demarcation ...
7730quality-ruleUse declarative transactionDocumentation englishtotal = The number of Java Methods and Constructors when EJB Session and/or EJB Message ...Updatedtotal = Number of Java Methods and Constructors (including generic methods and generic c...
7730quality-ruleUse declarative transactionDocumentation englishMissingAddedremediationSample = use container-managed transaction demarcation (@Transactional Annotation or Conf...
7730quality-ruleUse declarative transactionDocumentation englishMissingAddedsample = programmatic transaction demarcation: sample 1: @Stateless @TransactionManagemen...
7730quality-ruleUse declarative transactionDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7730quality-ruleUse declarative transactionOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPPUB004UpdatedlocalSiteDiagnose = null
7730quality-ruleUse declarative transactionOperationlocalSiteCountTotal = DIAG_JEE_METBEAN_TOTALUpdatedlocalSiteCountTotal = null
7732quality-ruleAvoid non validated inputsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7732quality-ruleAvoid non validated inputsDocumentation englishtotal = The total number of input field, 0 if JSF is not usedUpdatedtotal = Number of input field, 0 if JSF is not used
7734quality-ruleAvoid to use Log.debug() without calling Log.isDebugEnabled()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7734quality-ruleAvoid to use Log.debug() without calling Log.isDebugEnabled()Documentation englishtotal = the number of methods that call debug() methods (i.e: org.apache.log4j.Category....Updatedtotal = Number of methods that call debug() methods (i.e: org.apache.log4j.Category.debu...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishdescription = ...ripting injection flaws (XSS). The list of user input methods can be customized...Updateddescription = ...ripting injection flaws (XSS).
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishname = ...scripting DOM vulnerabilitiesUpdatedname = ...scripting vulnerabilities
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishoutput = ...nerability : It provides the following information: - The full name of the meth...Updatedoutput = ...nerability: It provides the following information: - The full name of the metho...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishrationale = ...vulnerabilty is known as cross-site scripting (XSS). It is caused by malicious s...Updatedrationale = ...vulnerability is known as cross-site scripting (XSS). It is caused by malicious ...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishremediation = Code the appropriate sanitization methods as close as possible to the user input...Updatedremediation = Use authorized sanitization methods.
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishMissingAddedremediationSample = Sample 1 <% String eid = request.getParameter("eid"); %> ... //include validatio...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishMissingAddedsample = Sample 1 <% String eid = request.getParameter("eid"); %> ... Employee ID: <%= ei...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishdescription = ...r validation and sanitization. The list of user input methods, SQL execution me...Updateddescription = ...r validation and sanitization.
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishrationale = ...lidation ( CWE-20 ) as follows : "When software does not validate input properl...Updatedrationale = ...lidation (CWE-20) as follows: "When software does not validate input properly, ...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishremediation = Code the appropriate input validation as close as possible to the user input cal...Updatedremediation = Use authorized sanitization methods.
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = ... string userName = ctx.getAuthenticatedUserName(); // validate the user input...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishMissingAddedsample = The following code dynamically constructs and executes a SQL query that searches...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishdescription = ...on flaws ( LDAP : Lightweight Directory Access Protocol ). The list of user inp...Updateddescription = ...on flaws (LDAP: Lightweight Directory Access Protocol).
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = An attacker could include input that changes the LDAP query which allows uninten...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishMissingAddedremediation = Input Validation Assume all input is malicious. Use an "accept known good" inpu...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = context = new InitialDirContext(env); //The code below constructs an LDAP query ...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishMissingAddedsample = context = new InitialDirContext(env); String searchFilter = "StreetAddress=" + a...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishdescription = Using CAST dataflow engine, this metric detects paths from user input methods do...Updateddescription = The software constructs all or part of an OS command using externally-influenced...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = This could allow attackers to execute unexpected, dangerous commands directly on...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishMissingAddedremediation = To avoid the creation of Injection flaws, the Open Web Application Security Proj...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = Sample 1: public String coordinateTransformLatLonToUTM(String coordinates) { Str...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishMissingAddedsample = Sample 1: public String coordinateTransformLatLonToUTM(String coordinates) { Str...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishdescription = Using CAST dataflow engine, this metric detects execution paths from user input ...Updateddescription = The software does not properly neutralize special elements that are used in XML,...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishrationale = ... or arbitrary code execution." This rule ensures that the appropriate input val...Updatedrationale = ... or arbitrary code execution."
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishMissingAddedremediation = Use authorized sanitization methods.
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishdescription = ...rating System injection flaws. The list of user input methods can be customiz...Updateddescription = ...rating System injection flaws.
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = This could allow an attacker to access or modify system files or other files tha...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishremediation = Validate all the user inputs.Updatedremediation = Validate all the user inputs. To avoid the creation of Injection flaws, the Ope...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishMissingAddedremediationSample = fis = new FileInputStream(cfg.getProperty("sub")+".txt"); //code a validate func...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishMissingAddedsample = The following code uses input from a configuration file to determine which file ...
7754quality-ruleAvoid using COMPUTE statement for elementary arithmetic operationDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7754quality-ruleAvoid using COMPUTE statement for elementary arithmetic operationDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7756quality-ruleAvoid using READ statement without AT END clause or INVALID KEY clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7756quality-ruleAvoid using READ statement without AT END clause or INVALID KEY clauseDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7760quality-ruleAvoid triggers, functions and procedures with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of SQL procedures, triggers
7762quality-ruleAvoid undocumented Triggers, Functions and ProceduresDocumentation englishMissingAddedtotal = Number of SQL procedures, triggers
7766quality-ruleAvoid Artifacts with High Cyclomatic ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Cyclomatic Complexity
7768quality-ruleAvoid Artifacts with High Depth of CodeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Depth of Code
7770quality-ruleAvoid Artifacts with too many parametersDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of parameters
7770quality-ruleAvoid Artifacts with too many parametersDocumentation englishtotal = number of artifacts that have at least 1 parameterUpdatedtotal = Number of artifacts that have at least 1 parameter
7772quality-ruleAvoid Artifacts with High Essential ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Essential Complexity
7774quality-ruleAvoid Artifacts with High Integration ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Integration Complexity
7774quality-ruleAvoid Artifacts with High Integration ComplexityDocumentation englishMissingAddedtotal = Number of non abstract artifacts
7776quality-ruleAvoid Artifacts with High Fan-InDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Fan-In
7778quality-ruleAvoid Artifacts with High Fan-OutDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Fan-Out
7780quality-ruleAvoid Classes with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
7780quality-ruleAvoid Classes with a very low comment/code ratioDocumentation englishtotal = Total number of classesUpdatedtotal = Number of classes
7782quality-ruleAvoid empty finally blocksDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7782quality-ruleAvoid empty finally blocksDocumentation englishtotal = This counts all Artifacts.Updatedtotal = Number of artifacts
7784quality-ruleAvoid Artifacts with lines longer than X charactersDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of characters of the longest line
7784quality-ruleAvoid Artifacts with lines longer than X charactersDocumentation englishtotal = Total number of artifactsUpdatedtotal = Number of artifacts
7788quality-ruleAvoid empty catch blocksDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of empty catch blocks
7788quality-ruleAvoid empty catch blocksDocumentation englishtotal = This counts all artifacts.Updatedtotal = Number of artifacts
7790quality-ruleAvoid Cursors inside a loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7790quality-ruleAvoid Cursors inside a loopDocumentation englishtotal = The total procedure counts Artifacts that can contain cursors (all SQL Artifacts...Updatedtotal = Number of artifacts that can contain cursors (all SQL Artifacts except tables an...
7792quality-ruleAvoid Classes with a High Number Of ChildrenDocumentation englishMissingAddedtotal = Number of classes
7794quality-ruleAvoid Classes with a High Public Data RatioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Public Data Ratio
7794quality-ruleAvoid Classes with a High Public Data RatioDocumentation englishMissingAddedtotal = Number of classes
7796quality-ruleAvoid Classes with a High Lack of Cohesion - variantDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Lack of Cohesion in Methods
7798quality-ruleAvoid Classes with a High Lack of CohesionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Lack of Cohesion in Methods
7800quality-ruleAvoid Classes with High Coupling Between ObjectsDocumentation englishMissingAddedtotal = Number of classes
7802quality-ruleAvoid Classes with a High Depth of Inheritance TreeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Depth of Inheritance Tree
7802quality-ruleAvoid Classes with a High Depth of Inheritance TreeDocumentation englishreference = http://it-cisq.org/ CISQ : ASCMM-MNT-17 A Metrics Suite for Object Oriented Des...Updatedreference = https://it-cisq.org/ CISQ : ASCMM-MNT-17 A Metrics Suite for Object Oriented De...
7802quality-ruleAvoid Classes with a High Depth of Inheritance TreeDocumentation englishtotal = number of classes and interfacesUpdatedtotal = Number of classes and interfaces
7804quality-ruleAvoid Classes with High Weighted Methods per ClassDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Weighted Methods per Class
7804quality-ruleAvoid Classes with High Weighted Methods per ClassDocumentation englishMissingAddedtotal = Number of classes
7806quality-ruleAvoid Artifacts with Group ByDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Group by
7808quality-ruleAvoid Artifacts with SQL statement including subqueriesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Subqueries
7808quality-ruleAvoid Artifacts with SQL statement including subqueriesDocumentation englishMissingAddedtotal = Number of artifacts accessing SQL objects
7810quality-ruleAvoid Artifacts with a Complex SELECT ClauseDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7810quality-ruleAvoid Artifacts with a Complex SELECT ClauseDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7812quality-ruleClass naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7812quality-ruleClass naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of classes
7814quality-ruleAvoid Tables not using referential integrityDocumentation englishtotal = total is number of tablesUpdatedtotal = Number of tables
7816quality-ruleAvoid using GOTO statementDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of GOTO statements
7816quality-ruleAvoid using GOTO statementDocumentation englishMissingAddedtotal = Number of objects with code or contains DDL or client artifacts
7818quality-ruleAvoid Functions having a very low Comment/Code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
7818quality-ruleAvoid Functions having a very low Comment/Code ratioDocumentation englishMissingAddedtotal = Number of Inventory Functions
7820quality-ruleNever use SQL queries with a cartesian productDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7820quality-ruleNever use SQL queries with a cartesian productDocumentation englishtotal = The total procedure counts the number of Artifacts using Tables.Updatedtotal = Number of artifacts using Tables
7822quality-ruleAvoid Artifacts with queries on more than 4 TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7824quality-ruleThe exception Exception should never been thrown. Always Subclass Exception and throw the subclassed Classes.Documentation englishassociatedValueName = Associated ValueRemovedMissing
7824quality-ruleThe exception Exception should never been thrown. Always Subclass Exception and throw the subclassed Classes.Documentation englishtotal = This counts all Artifacts.Updatedtotal = Number of artifacts
7826quality-ruleForms naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7826quality-ruleForms naming convention - prefix controlDocumentation englishtotal = Total number of Forms.Updatedtotal = Number of forms
7828quality-ruleAvoid Artifacts with High RAW SQL ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Raw complexity
7830quality-ruleAvoid unreferenced InterfacesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7830quality-ruleAvoid unreferenced InterfacesDocumentation englishtotal = Total number of interfacesUpdatedtotal = Number of interfaces
7832quality-ruleAvoid unreferenced ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7834quality-ruleAvoid undocumented InterfacesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7836quality-ruleAvoid undocumented FunctionsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7838quality-ruleAvoid undocumented MethodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7840quality-ruleTrigger naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7840quality-ruleTrigger naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of Triggers
7842quality-ruleAvoid large Artifacts - too many Lines of CodeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines of code
7844quality-ruleAvoid undocumented ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7846quality-ruleAvoid Methods with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
7848quality-ruleInterface naming convention - prefixDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7850quality-ruleAvoid raising an exception in a Web Dynpro Supply Function or in a Method called by a Supply FunctionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7852quality-ruleDatabase view naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7854quality-ruleDatabase table naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of columns
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemDocumentation englishMissingAddedtotal = Number of DB tables
7858quality-ruleAvoid passing parameter by valueDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7858quality-ruleAvoid passing parameter by valueDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7860quality-ruleAvoid unreferenced FunctionsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7862quality-ruleAvoid catching an exception of type Exception, RuntimeException, or ThrowableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7862quality-ruleAvoid catching an exception of type Exception, RuntimeException, or ThrowableDocumentation englishtotal = This rule counts all Methods.Updatedtotal = Number of methods
7866quality-ruleAvoid SELECT ... BYPASSING BUFFERDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7866quality-ruleAvoid SELECT ... BYPASSING BUFFERDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7868quality-ruleAvoid Open SQL queries in loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7868quality-ruleAvoid Open SQL queries in loopsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7870quality-ruleAvoid using the NOT LIKE operator in WHERE clausesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7870quality-ruleAvoid using the NOT LIKE operator in WHERE clausesDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7872quality-ruleAvoid using IS [NOT] NULL in WHERE conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7872quality-ruleAvoid using IS [NOT] NULL in WHERE conditionDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7874quality-ruleAvoid using dynamic queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7874quality-ruleAvoid using dynamic queriesDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7876quality-ruleAvoid using SELECT ... FOR UPDATEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7876quality-ruleAvoid using SELECT ... FOR UPDATEDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7878quality-ruleAvoid Open SQL SELECT queries without WHERE conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7878quality-ruleAvoid Open SQL SELECT queries without WHERE conditionDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7880quality-ruleAvoid nested loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7880quality-ruleAvoid nested loopsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7882quality-ruleAvoid using Native SQLDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7882quality-ruleAvoid using Native SQLDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7884quality-ruleAvoid disabling source code inspectionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7884quality-ruleAvoid disabling source code inspectionDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7886quality-ruleAvoid using SYSTEM-CALLDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7886quality-ruleAvoid using SYSTEM-CALLDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7888quality-ruleWeb Dynpro - Never use direct calls to routine via "me->", use "wd_This->" insteadDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7888quality-ruleWeb Dynpro - Never use direct calls to routine via "me->", use "wd_This->" insteadDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7890quality-ruleWeb Dynpro - Never use INCLUDE statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7890quality-ruleWeb Dynpro - Never use INCLUDE statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7892quality-ruleWeb Dynpro - Avoid changing the program flowDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7892quality-ruleWeb Dynpro - Avoid changing the program flowDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7894quality-ruleAvoid using LOOP INTO, use LOOP ASSIGNING insteadDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7894quality-ruleAvoid using LOOP INTO, use LOOP ASSIGNING insteadDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7898quality-ruleSQL Function naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7900quality-ruleStored Procedure naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7900quality-ruleStored Procedure naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of database Procedures
7902quality-ruleAvoid SQL queries that no index can supportDocumentation englishreference = http://it-cisq.org/ CISQ: ASCPEM-PRF-05 Enhancing the Quality of ABAP Developme...Updatedreference = https://it-cisq.org/ CISQ: ASCPEM-PRF-05 Enhancing the Quality of ABAP Developm...
7904quality-ruleAvoid SQL queries on XXL tables that no index can supportDocumentation englishtotal = The total procedure counts the number of SQL Artifacts using XXL Tables or views...Updatedtotal = Number of SQL artifacts using XXL Tables or views based on XXL tables
7906quality-ruleAvoid testing specific values for SY-UNAMEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7906quality-ruleAvoid testing specific values for SY-UNAMEDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7908quality-ruleAvoid unreferenced MethodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7910quality-ruleNever exit a finally block with a return, break, continue, or throwDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7910quality-ruleNever exit a finally block with a return, break, continue, or throwDocumentation englishtotal = All methods that have a finally blockUpdatedtotal = Number of methods that have a finally block
7912quality-ruleAvoid unreferenced Data MembersDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7914quality-ruleAvoid direct access to Database TablesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Accessed Table
7914quality-ruleAvoid direct access to Database TablesDocumentation englishreference = http://it-cisq.org/ CISQ rule: ASCPEM-PRF-9.Updatedreference = https://it-cisq.org/ CISQ rule: ASCPEM-PRF-9.
7916quality-ruleAvoid direct use of Database objects (JSP/ASP)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Database object
7916quality-ruleAvoid direct use of Database objects (JSP/ASP)Documentation englishMissingAddedtotal = Number of ASP pages
7918quality-ruleExceptions naming convention -suffix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7920quality-ruleExceptions naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7922quality-ruleAvoid usage of 'std::find_first_of'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7922quality-ruleAvoid usage of 'std::find_first_of'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7924quality-ruleAvoid defining Functions with 'struct' or 'class' parameters passed by valueDocumentation englishoutput = ...violation patterns found in the source code: - function or methodUpdatedoutput = ...violation occurrences found in the source code: - function or method
7926quality-ruleAbstract Classes should be non copy-assignableDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7926quality-ruleAbstract Classes should be non copy-assignableDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7928quality-ruleAvoid using static_cast on class/struct pointersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7928quality-ruleAvoid using static_cast on class/struct pointersDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7930quality-ruleAvoid redeclaring and overriding Methods with different default parameter valuesDocumentation englishoutput = ...violation patterns found in the source code: - Overridden methodUpdatedoutput = ...violation occurrences found in the source code: - Overridden method
7932quality-ruleAvoid Constructors not supplying an initial value for all non-static data membersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7932quality-ruleAvoid Constructors not supplying an initial value for all non-static data membersDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7934quality-ruleAvoid Superclass (or Interface) knowing Subclass (or Interface)Documentation englishreference = http://it-cisq.org/ CISQ rule: ASCRM-RLB-14.Updatedreference = https://it-cisq.org/ CISQ rule: ASCRM-RLB-14.
7934quality-ruleAvoid Superclass (or Interface) knowing Subclass (or Interface)Documentation englishtotal = The number of classes and interfacesUpdatedtotal = Number of classes and interfaces
7936quality-ruleAvoid using finalize()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7936quality-ruleAvoid using finalize()Documentation englishtotal = number of classesUpdatedtotal = Number of classes
7938quality-ruleOverride all overloads of a base Class virtual MethodDocumentation englishoutput = ...violation patterns found in the source code: - Parent class method which must ...Updatedoutput = ...violation occurrences found in the source code: - Parent class method which mu...
7940quality-ruleAvoid Stateful Beans not removedDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7940quality-ruleAvoid Stateful Beans not removedDocumentation englishtotal = classes that define a variable whose type is a remote or local business interfac...Updatedtotal = Number of classes that define a variable whose type is a remote or local busines...
7942quality-ruleAvoid EJBs using 'synchronized' qualifier, 'wait', 'notify' and 'notifyAll' MethodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7942quality-ruleAvoid EJBs using 'synchronized' qualifier, 'wait', 'notify' and 'notifyAll' MethodsDocumentation englishtotal = the number of EJB artifactsUpdatedtotal = Number of EJB artifacts
7944quality-ruleAvoid High Response for ClassesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Response For Class
7944quality-ruleAvoid High Response for ClassesDocumentation englishMissingAddedtotal = Number of classes
7948quality-ruleDo not mix Ansi joins syntax with Oracle proprietary joins syntax in the same queryDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7950quality-ruleAvoid definition of synonym as PUBLIC in PL/SQL contextDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7950quality-ruleAvoid definition of synonym as PUBLIC in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that is part of the analyzed s...Updatedtotal = Number of synonyms that is part of the analyzed source code
7950quality-ruleAvoid definition of synonym as PUBLIC in PL/SQL contextDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7952quality-ruleAvoid synonym with both private & PUBLIC Definition in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that are part of the analyzed ...Updatedtotal = Number of synonyms that are part of the analyzed source code
7952quality-ruleAvoid synonym with both private & PUBLIC Definition in PL/SQL contextDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7954quality-ruleAvoid indirect String concatenation inside loopsDocumentation englishtotal = All methods calling at least one method inside a loopUpdatedtotal = Number of methods calling at least one method inside a loop
7956quality-ruleAvoid indirect exception handling inside loopsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7958quality-ruleAvoid orphaned synonyms in PL/SQL contextDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7958quality-ruleAvoid orphaned synonyms in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that is part of the analyzed s...Updatedtotal = Number of synonyms that is part of the analyzed source code
7958quality-ruleAvoid orphaned synonyms in PL/SQL contextDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7960quality-ruleAvoid looping chain of synonyms in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that is part of the analyzed s...Updatedtotal = Number of synonyms that is part of the analyzed source code
7962quality-ruleAvoid direct or indirect remote calls inside a loopDocumentation englishtotal = All methods calling at least one method inside a loopUpdatedtotal = Number of methods calling at least one method inside a loop
7964quality-ruleAvoid directly instantiating a Class used as a managed beanDocumentation englishtotal = The number of methods or jsp files that reference a managed bean java interfaceUpdatedtotal = Number of methods or jsp files that reference a managed bean java interface
7966quality-ruleAvoid includes in Header FilesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = File included by header file
7966quality-ruleAvoid includes in Header FilesDocumentation englishMissingAddedtotal = Number of C/C++ included files
7968quality-ruleNever use strcat() function (C/C++)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7968quality-ruleNever use strcat() function (C/C++)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7970quality-ruleNever use strcpy() function (C/C++)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7970quality-ruleNever use strcpy() function (C/C++)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7974quality-ruleNever use scanf() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7974quality-ruleNever use scanf() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7976quality-ruleNever use gets() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7976quality-ruleNever use gets() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7978quality-ruleAvoid using the scanf() function familyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7978quality-ruleAvoid using the scanf() function familyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7980quality-ruleAvoid using strtrns() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7980quality-ruleAvoid using strtrns() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7982quality-ruleAvoid using strlen() function familyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7982quality-ruleAvoid using strlen() function familyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7984quality-ruleAvoid using strecpy() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7984quality-ruleAvoid using strecpy() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7986quality-ruleAvoid using streadd() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7986quality-ruleAvoid using streadd() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7988quality-ruleAvoid using snprintf() function familyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7988quality-ruleAvoid using snprintf() function familyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7990quality-ruleAvoid using realpath() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7990quality-ruleAvoid using realpath() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7992quality-ruleAvoid using getpass() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7992quality-ruleAvoid using getpass() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7994quality-ruleAvoid using getopt() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7994quality-ruleAvoid using getopt() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7996quality-ruleProvide a private default Constructor for utility Classes or use free Functions in a NamespaceDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7996quality-ruleProvide a private default Constructor for utility Classes or use free Functions in a NamespaceDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7998quality-ruleAvoid local variables that are not initialized at declaration timeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7998quality-ruleAvoid local variables that are not initialized at declaration timeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8000quality-ruleAvoid 'catch-all' statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8000quality-ruleAvoid 'catch-all' statementDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8002quality-ruleNever perform C-style cast between incompatible Class pointersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8002quality-ruleNever perform C-style cast between incompatible Class pointersDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8004quality-ruleAvoid using 'delete this'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8004quality-ruleAvoid using 'delete this'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8006quality-ruleAvoid Classes with a copy Constructor and the default Destructor or assignment operatorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8006quality-ruleAvoid Classes with a copy Constructor and the default Destructor or assignment operatorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8008quality-ruleAvoid data members that are never readDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8008quality-ruleAvoid data members that are never readDocumentation englishtotal = All data members of classes or structsUpdatedtotal = Number of data members of classes or structs
8010quality-ruleDo not overload the ampersand, comma, logical AND or logical OR operatorsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8010quality-ruleDo not overload the ampersand, comma, logical AND or logical OR operatorsDocumentation englishoutput = ...violation patterns found in the source code: - OperatorUpdatedoutput = ...violation occurrences found in the source code: - Operator
8012quality-ruleAvoid unchecked return code (SY-SUBRC) after opening and reading datasetDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8012quality-ruleAvoid unchecked return code (SY-SUBRC) after opening and reading datasetDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
8014quality-ruleAvoid unchecked return code (SY-SUBRC) after AUTHORITY-CHECKDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8014quality-ruleAvoid unchecked return code (SY-SUBRC) after AUTHORITY-CHECKDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
8016quality-ruleAvoid unsecured EJB remote methodDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8016quality-ruleAvoid unsecured EJB remote methodDocumentation englishtotal = The number of EJB remote methods (i.e methods of the remote interface and its pa...Updatedtotal = Number of EJB remote methods (i.e methods of the remote interface and its parent...
8024quality-ruleAvoid Classes with a non-empty Destructor and the default assignment operator or copy ConstructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8024quality-ruleAvoid Classes with a non-empty Destructor and the default assignment operator or copy ConstructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8026quality-ruleAvoid Classes with an assignment operator and the default Destructor or copy constructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8026quality-ruleAvoid Classes with an assignment operator and the default Destructor or copy constructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8030quality-ruleCheck alphanumeric data before moving it into numeric dataDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8030quality-ruleCheck alphanumeric data before moving it into numeric dataDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8034quality-ruleVariables defined in Working-Storage section must be initialized before to be readDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8034quality-ruleVariables defined in Working-Storage section must be initialized before to be readDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8038quality-ruleAvoid Struts 2 Validator field not referencing a java class fieldDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8038quality-ruleAvoid Struts 2 Validator field not referencing a java class fieldDocumentation englishtotal = total of Validator Form FieldUpdatedtotal = Number of Validator Form Fields
8040quality-ruleAvoid Struts 2 Action Fields without ValidationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8040quality-ruleAvoid Struts 2 Action Fields without ValidationDocumentation englishreference = http://www.owasp.org/index.php/2004_Updates_OWASP_Top_Ten_ProjectUpdatedreference = https://www.owasp.org/index.php/Improper_Data_Validation#Struts:_Erroneous_valid...
8040quality-ruleAvoid Struts 2 Action Fields without ValidationDocumentation englishtotal = The number of all action class (and parent) fieldsUpdatedtotal = Number of actions class (and parent) fields
8042quality-ruleStruts 2 Validation: Avoid unused validation formDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8042quality-ruleStruts 2 Validation: Avoid unused validation formDocumentation englishtotal = total of validation form fileUpdatedtotal = Number of validation form files
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishdescription = ...ior validation & sanitization. The list of user input methods, Log writing and ...Updateddescription = ...ior validation & sanitization.
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishremediation = Code the appropriate input validation as close as possible to the user input cal...Updatedremediation = Use authorized sanitization methods.
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishMissingAddedremediationSample = String val = request.getParameter("value"); try { int value = Integer.parseI...
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishMissingAddedsample = String val = request.getParameter("value"); try { int value = Integer.parseI...
8046quality-ruleDo not return non-const handles to Class data from const member FunctionsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8046quality-ruleDo not return non-const handles to Class data from const member FunctionsDocumentation englishoutput = ...violation patterns found in the source code: - non-const class data returnUpdatedoutput = ...violation occurrences found in the source code: - non-const class data return
8048quality-ruleInvoke 'delete' with the same form as the matching 'new'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8048quality-ruleInvoke 'delete' with the same form as the matching 'new'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8050quality-ruleDo not hide declarations in other scopesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8050quality-ruleDo not hide declarations in other scopesDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8052quality-ruleAvoid setting a pointer to the address of a local variable defined in a lower scopeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8052quality-ruleAvoid setting a pointer to the address of a local variable defined in a lower scopeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8054quality-ruleAvoid calling blocking functions with an infinite timeoutDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8054quality-ruleAvoid calling blocking functions with an infinite timeoutDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8056quality-ruleMethod override fails due to mismatch of const/volatile qualifiersDocumentation englishoutput = ...violation patterns found in source code: - overridden method - overriding me...Updatedoutput = ...violation occurrences found in source code: - overridden method - overriding...
8058quality-ruleA pointer to a derived Class shall only be cast implicitly to a pointer to base ClassDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8058quality-ruleA pointer to a derived Class shall only be cast implicitly to a pointer to base ClassDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8060quality-ruleA pointer to a base Class shall only be cast to a pointer to a derived Class by means of 'dynamic_cast'Documentation englishoutput = ...violation patterns found in source code: - pointer cast - source class - t...Updatedoutput = ...violation occurrences found in source code: - pointer cast - source class ...
8062quality-ruleAn unconditional 'throw', 'return' or 'break' shall terminate every non-empty switch-clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8062quality-ruleAn unconditional 'throw', 'return' or 'break' shall terminate every non-empty switch-clauseDocumentation englishoutput = ...violation patterns found in source code: - case clauseUpdatedoutput = ...violation occurrences found in source code: - case clause
8064quality-ruleAssignment operator should assign all non-static members of the target objectDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8064quality-ruleAssignment operator should assign all non-static members of the target objectDocumentation englishoutput = ...violation patterns found in source code: - assignment operator - missing sta...Updatedoutput = ...violation occurrences found in source code: - assignment operator - missing ...
8066quality-ruleAvoid using 'using namespace' or 'using' declarations in header filesDocumentation englishoutput = ...violation patterns found in source code: - "Using namespace" statementUpdatedoutput = ...violation occurrences found in source code: - "Using namespace" statement
8068quality-ruleDo not return a dereferenced pointer allocated inside the functionDocumentation englishoutput = ...violation patterns found in source code: - pointer dynamic allocationUpdatedoutput = ...violation occurrences found in source code: - pointer dynamic allocation
8070quality-ruleDo not alter a control variable in the body of a 'for' statementDocumentation englishoutput = ...violation patterns found in source code: - control variable alterationUpdatedoutput = ...violation occurrences found in source code: - control variable alteration
8072quality-ruleNever define collection of 'std::auto_ptr'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8072quality-ruleNever define collection of 'std::auto_ptr'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8074quality-ruleAvoid using 'class' or 'struct' parameters with variadic FunctionsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8074quality-ruleAvoid using 'class' or 'struct' parameters with variadic FunctionsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8076quality-ruleAvoid using 'new[]', prefer 'std::vector' or 'std::array'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8076quality-ruleAvoid using 'new[]', prefer 'std::vector' or 'std::array'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8078quality-ruleCasting from pointer to base Class to pointer to derived Class should be done through 'dynamic_cast' or 'static_cast'Documentation englishoutput = ...violation patterns found in source code: - pointer cast - source class - t...Updatedoutput = ...violation occurrences found in source code: - pointer cast - source class ...
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishtotal = Tables and materialized views of the scoped container (schema or database depend...Updatedtotal = Number of tables and materialized views of the scoped container (schema or datab...
8086quality-ruleAvoid types that own disposable fields and are not disposableDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8088quality-ruleAvoid override artifacts not having link demands identical to baseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8090quality-ruleAvoid using NaN to test the result of an expressionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8092quality-ruleAvoid Objects having exposed pointers allowed to access unmanaged memoryDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8094quality-ruleAvoid locking of Objects with weak identitiesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8096quality-ruleAvoid testing floating point numbers for equalityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8096quality-ruleAvoid testing floating point numbers for equalityDocumentation englishtotal = All artifacts that reference a floatUpdatedtotal = Number of artifacts that reference a float
8098quality-ruleAvoid uncontrolled format stringDocumentation englishdescription = ...controlled format string flaw. The list of user input methods can be customized...Updateddescription = ...controlled format string flaw.
8098quality-ruleAvoid uncontrolled format stringDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
8098quality-ruleAvoid uncontrolled format stringDocumentation englishMissingAddedremediation = Use authorized sanitization methods.
8098quality-ruleAvoid uncontrolled format stringDocumentation englishMissingAddedremediationSample = Review all inputs. Don't use inputs in formatters.
8100quality-ruleBlocking synchronous calls should have associated timeoutsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8102quality-ruleAvoid hardcoded network resource names (JEE)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8106quality-ruleAvoid empty IF-ENDIF blocksDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8108quality-ruleClose the outermost stream ASAPDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8108quality-ruleClose the outermost stream ASAPDocumentation englishreference = http://it-cisq.org/ CISQ: ASCSM-CWE-772, ASCRM-CWE-772 CWE: CWE-772Updatedreference = https://it-cisq.org/ CISQ: ASCSM-CWE-772, ASCRM-CWE-772 CWE: CWE-772
8108quality-ruleClose the outermost stream ASAPDocumentation englishtotal = All the methods that open a stream in the bodyUpdatedtotal = Number of methods that open a stream in the body
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Documentation englishoutput = ...violation patterns found in source code: - SQL accessUpdatedoutput = ...violation occurrences found in source code: - SQL access
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Documentation englishreference = http://it-cisq.org/ ASCPEM 1.0, Automated Source Code Performance Efficiency Mea...Updatedreference = https://it-cisq.org/ ASCPEM 1.0, Automated Source Code Performance Efficiency Me...
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDocumentation englishoutput = ...violation patterns found in source code: - SQL accessUpdatedoutput = ...violation occurrences found in source code: - SQL access
8114quality-ruleAvoid numerical data corruption during incompatible mutation (ABAP)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8114quality-ruleAvoid numerical data corruption during incompatible mutation (ABAP)Documentation englishoutput = ...violation patterns found in source code: - Type cast operationUpdatedoutput = ...violation occurrences found in source code: - Type cast operation
8116quality-ruleAvoid calling system function (CALL 'cfunc')Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8116quality-ruleAvoid calling system function (CALL 'cfunc')Documentation englishoutput = ...violation patterns found in source code: - CALL 'cfunc'Updatedoutput = ...violation occurrences found in source code: - CALL 'cfunc'
8118quality-ruleAvoid using the RFC_ABAP_INSTALL_AND_RUN functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8118quality-ruleAvoid using the RFC_ABAP_INSTALL_AND_RUN functionDocumentation englishoutput = ...violation patterns found in source code: - CALL FUNCTION "RFC_ABAP_INSTALL_AN...Updatedoutput = ...violation occurrences found in source code: - CALL FUNCTION "RFC_ABAP_INSTALL...
8120quality-ruleAvoid using CALL FUNCTION without error handlingDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8120quality-ruleAvoid using CALL FUNCTION without error handlingDocumentation englishoutput = ...violation patterns found in source code: - CALL FUNCTION without error handli...Updatedoutput = ...violation occurrences found in source code: - CALL FUNCTION without error han...
8122quality-ruleAvoid using CALL METHOD without error handlingDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8122quality-ruleAvoid using CALL METHOD without error handlingDocumentation englishoutput = ...violation patterns found in source code: - CALL METHOD without error handlingUpdatedoutput = ...violation occurrences found in source code: - CALL METHOD without error handl...
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Documentation englishoutput = ...violation patterns found in source code: - CALL FUNCTION "DB_EXISTS_INDEX"Updatedoutput = ...violation occurrences found in source code: - CALL FUNCTION "DB_EXISTS_INDEX"
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8128quality-ruleAvoid using UPDATE and DELETE without WHERE conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8128quality-ruleAvoid using UPDATE and DELETE without WHERE conditionDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8130quality-ruleAvoid using database hintsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8130quality-ruleAvoid using database hintsDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8132quality-ruleAvoid using CHECK, EXIT,or RETURN in SELECT ... ENDSELECT loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8132quality-ruleAvoid using CHECK, EXIT,or RETURN in SELECT ... ENDSELECT loopsDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8134quality-ruleAvoid unsorted data after SELECT queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8134quality-ruleAvoid unsorted data after SELECT queriesDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8136quality-ruleBeans with normal scope must be proxyable to avoid runtime errorsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8140quality-ruleSubscripts and iterators must be defined with BINARY usageDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8140quality-ruleSubscripts and iterators must be defined with BINARY usageDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8142quality-rulePrefer using indexes instead of subscriptsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8142quality-rulePrefer using indexes instead of subscriptsDocumentation englishoutput = ...violation patterns found in source code: - Access done using a subscript - Int...Updatedoutput = ...violation occurrences found in source code: - Access done using a subscript - ...
8144quality-ruleAvoid using INITIALIZE statement on data structuresDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8144quality-ruleAvoid using INITIALIZE statement on data structuresDocumentation englishoutput = ...violation patterns found in source code: - INITIALIZE statementUpdatedoutput = ...violation occurrences found in source code: - INITIALIZE statement
8146quality-ruleAvoid calling programs staticallyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8146quality-ruleAvoid calling programs staticallyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code:...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source...
8148quality-ruleAvoid artifacts having Incorrect Type Conversion or CastDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8148quality-ruleAvoid artifacts having Incorrect Type Conversion or CastDocumentation englishtotal = All methodsUpdatedtotal = Number of methods
8150quality-ruleAvoid using Parse for primitive types and used instead TryParseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8150quality-ruleAvoid using Parse for primitive types and used instead TryParseDocumentation englishtotal = The total procedure counts the number artifacts Parse methods within a try catch...Updatedtotal = Number of artifacts Parse methods within a try catch block
8152quality-ruleAvoid having transaction with the Thread.Sleep method in a loopDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8152quality-ruleAvoid having transaction with the Thread.Sleep method in a loopDocumentation englishtotal = The rule counts the number of artifacts.Updatedtotal = Number of artifacts
8154quality-ruleAvoid using GC.Collect()Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8154quality-ruleAvoid using GC.Collect()Documentation englishtotal = All the artifacts using GC.Collect()Updatedtotal = Number of artifacts using GC.Collect()
8156quality-rulePersistent classes should implement GetHashCode() and Equals()Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8156quality-rulePersistent classes should implement GetHashCode() and Equals()Documentation englishtotal = The number of persistent classesUpdatedtotal = Number of persistent classes
8158quality-ruleRuntime Resource Management Control Element in a Component Built to Run on Application ServersDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8158quality-ruleRuntime Resource Management Control Element in a Component Built to Run on Application ServersDocumentation englishtotal = The number of artifactsUpdatedtotal = Number of artifacts
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishoutput = ...violation patterns found in source code: - CBLTDLI call - Data structure assoc...Updatedoutput = ...violation occurrences found in source code: - CBLTDLI call - Data structure as...
8162quality-ruleCICS return code should be checkedDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8162quality-ruleCICS return code should be checkedDocumentation englishoutput = ...violation patterns found in source code: - CICS macroUpdatedoutput = ...violation occurrences found in source code: - CICS macro
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
8218quality-ruleContent type should be checked when receiving a HTTP PostDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8220quality-ruleAvoid using deprecated method, constructor, field, type or packageDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8222quality-ruleAvoid hardcoded credentialsDocumentation englishdescription = This Quality Rule uses the CAST AIP dataflow engine to detect a call path where ...Updateddescription = This rule will detect a call path where a hardcoded credential is sent to a meth...
8222quality-ruleAvoid hardcoded credentialsDocumentation englishname = Use of hard-coded credentialsUpdatedname = Avoid hardcoded credentials
8222quality-ruleAvoid hardcoded credentialsDocumentation englishtotal = The number of methods containing credential parameter(s).Updatedtotal = Number of methods containing credential parameter(s)
8236quality-ruleAvoid using hard-coded valuesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8236quality-ruleAvoid using hard-coded valuesDocumentation englishoutput = ...violation patterns found in source code: - Alphanumeric literalUpdatedoutput = ...violation occurrences found in source code: - Alphanumeric literal
8238quality-ruleTrust boundary violationDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = Methods calling javax.servlet.http.HttpServletResponse.addCookie.Updatedtotal = Number of methods calling javax.servlet.http.HttpServletResponse.addCookie
8242quality-ruleUse of insufficiently random valuesDocumentation englishtotal = The number of methods calling methods producing insufficiently random numbersUpdatedtotal = Number of methods calling methods producing insufficiently random numbers
8402quality-ruleAll types of a serializable class must be serializableDocumentation englishassociatedValueName = Single ValueUpdatedassociatedValueName = Number of violation occurrences
8402quality-ruleAll types of a serializable class must be serializableDocumentation englishtotal = number of non-static, non-transient and not primitive fields of classes that imp...Updatedtotal = Number of non-static, non-transient and not primitive fields of classes that imp...
8408quality-ruleAvoid Reflected Cross-site Scripting (Non Persistent)DefinitionMissingAddedactive = true, detached = false
8408quality-ruleAvoid Reflected Cross-site Scripting (Non Persistent)Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8410quality-ruleAvoid Cross-Site Scripting (Persistent)DefinitionMissingAddedactive = true, detached = false
8410quality-ruleAvoid Cross-Site Scripting (Persistent)Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8414quality-ruleAvoid use of a broken or risky cryptographic algorithmDefinitionMissingAddedactive = true, detached = false
8414quality-ruleAvoid use of a broken or risky cryptographic algorithmQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8416quality-ruleAvoid use of a reversible one-way hashDefinitionMissingAddedactive = true, detached = false
8416quality-ruleAvoid use of a reversible one-way hashQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.10 - 8.3.11

This section lists the results of a comparison between a CAST AIP 8.3.10 Assessment Model and the CAST AIP 8.3.11 Assessment Model. You can download the original compare_8310_8311.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.10 Assessment ModelChangeCAST 8.3.11 Assessment Model
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDefinitionMissingAddedactive = true, detached = false
550quality-ruleClass naming convention - case control (C++)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (C++)
552quality-ruleMethod naming convention - case control (C++)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (C++)
554quality-ruleConstant naming convention - case control (C++)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (C++)
566quality-ruleAvoid large Classes - too many Methods (C++)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (C++)
568quality-ruleAvoid large Classes - too many Data Members (C++)Documentation englishname = ...lasses - too many Data MembersUpdatedname = ...lasses - too many Data Members (C++)
570quality-ruleAvoid large Interfaces - too many Methods (C++)Documentation englishname = ... Interfaces - too many MethodsUpdatedname = ... Interfaces - too many Methods (C++)
576quality-ruleAvoid large Classes - too many Constructors (C++)Documentation englishname = ...lasses - too many ConstructorsUpdatedname = ...lasses - too many Constructors (C++)
586quality-ruleDELETED: Avoid inline Constructors and DestructorsDocumentation englishname = Avoid inline Constructors and DestructorsUpdatedname = DELETED: Avoid inline Constructors and Destructors
588quality-ruleAvoid using Global Variables (C++)Documentation englishname = Avoid using Global VariablesUpdatedname = Avoid using Global Variables (C++)
1098quality-ruleDELETED: Avoid recursive Functions (C)Documentation englishname = Avoid recursive FunctionsUpdatedname = DELETED: Avoid recursive Functions (C)
1588quality-ruleUse WHEN OTHERS in exception managementDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1588quality-ruleUse WHEN OTHERS in exception managementDocumentation englishMissingAddedtotal = Number of PLSQL compiled objects
1608quality-ruleAvoid cascading TriggersDocumentation englishMissingAddedtotal = Number of PLSQL triggers
1616quality-ruleDELETED: Avoid undocumented TriggersDocumentation englishname = Avoid undocumented TriggersUpdatedname = DELETED: Avoid undocumented Triggers
1622quality-ruleDELETED: Avoid Triggers with a very low comment/code ratioDocumentation englishname = Avoid Triggers with a very low comment/code ratioUpdatedname = DELETED: Avoid Triggers with a very low comment/code ratio
2230quality-ruleUse of style sheets (JEE)Documentation englishname = Use of style sheetsUpdatedname = Use of style sheets (JEE)
2234quality-ruleDELETED: Avoid call of JAVA objectsDocumentation englishname = Avoid call of JAVA objectsUpdatedname = DELETED: Avoid call of JAVA objects
2242quality-ruleAvoid direct definition of JavaScript Functions in a Web page (JEE)Documentation englishname = ...Script Functions in a Web pageUpdatedname = ...Script Functions in a Web page (JEE)
2254quality-ruleAvoid large Page files (JEE)Documentation englishname = Avoid large Page filesUpdatedname = Avoid large Page files (JEE)
2266quality-ruleAvoid non standard file extensions (JEE)Documentation englishname = ...d non standard file extensionsUpdatedname = ...d non standard file extensions (JEE)
2572quality-ruleAvoid declaring VB Variables without typing them (Visual Basic)Documentation englishname = ... Variables without typing themUpdatedname = ... Variables without typing them (Visual Basic)
2574quality-ruleAvoid using Global Variables (Visual Basic)Documentation englishname = Avoid using Global VariablesUpdatedname = Avoid using Global Variables (Visual Basic)
2578quality-ruleDELETED: Avoid recursive Functions (Visual Basic)Documentation englishname = Avoid recursive FunctionsUpdatedname = DELETED: Avoid recursive Functions (Visual Basic)
2616quality-ruleAvoid undocumented FormsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2616quality-ruleAvoid undocumented FormsDocumentation englishMissingAddedtotal = Number of forms
2618quality-ruleAvoid Forms with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment ratio
2618quality-ruleAvoid Forms with a very low comment/code ratioDocumentation englishtotal = Total number of formsUpdatedtotal = Number of forms
2624quality-ruleAvoid unreferenced FormsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2624quality-ruleAvoid unreferenced FormsDocumentation englishMissingAddedtotal = Number of forms
3058quality-ruleUse of style sheets (ASP)Documentation englishname = Use of style sheetsUpdatedname = Use of style sheets (ASP)
3070quality-ruleAvoid non standard file extensions (ASP)Documentation englishname = ...d non standard file extensionsUpdatedname = ...d non standard file extensions (ASP)
3088quality-ruleAvoid large Page files (ASP)Documentation englishname = Avoid large Page filesUpdatedname = Avoid large Page files (ASP)
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishassociatedValueName = Number of classesUpdatedassociatedValueName = Number of classes and structs
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishdescription = ...iple class definitions.Updateddescription = ...iple class/struct definitions.
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishoutput = ...vides: - The number of classesUpdatedoutput = ...vides: - The number of classes and structs
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishrationale = ...ral class definitions in a header file makes it more complex to understand/navig...Updatedrationale = ...ral class or structs definitions in a header file makes it more complex to under...
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishremediation = ...l classes are defined in a header file, split class definitions into multiple he...Updatedremediation = ...l classes ore structs are defined in a header file, split class/struct definitio...
3578quality-ruleAvoid large Classes - too many Constructors (.NET)Documentation englishname = ...lasses - too many ConstructorsUpdatedname = ...lasses - too many Constructors (.NET)
3580quality-ruleAvoid large Classes - too many Methods (.NET)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (.NET)
3610quality-ruleAvoid declaring VB Variables without typing them (.NET)Documentation englishname = ... Variables without typing themUpdatedname = ... Variables without typing them (.NET)
4554quality-ruleAvoid large Classes - too many Methods (JEE)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (JEE)
4556quality-ruleAvoid large Classes - too many Constructors (JEE)Documentation englishname = ...lasses - too many ConstructorsUpdatedname = ...lasses - too many Constructors (JEE)
4560quality-ruleAvoid large Interfaces - too many Methods (JEE)Documentation englishname = ... Interfaces - too many MethodsUpdatedname = ... Interfaces - too many Methods (JEE)
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockActivationactive = true, detached = falseUpdatedactive = false
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 558, propertyID = 140899
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDocumentation englishname = Avoid using 'Throwable.printStackTrace()' within a try catch blockUpdatedname = DELETED: Avoid using 'Throwable.printStackTrace()' within a try catch block
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPERF010UpdatedlocalSiteDiagnose = null
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockOperationlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTALUpdatedlocalSiteCountTotal = null
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 558, propertyID = 140899
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishdescription = 'Throwable.printStackTrace()' should not be used outside a try catch block.Updateddescription = Throwable.printStackTrace(...) prints a Throwable and its stack trace to some st...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishname = ...kTrace()' outside a try catch blockUpdatedname = ...kTrace()' with no argument
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishoutput = ...ckTrace()' outside a try catch block. It provides the following information: - ...Updatedoutput = ...ckTrace()'. It provides the following information: - Artifact full name
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishrationale = ...kTrace()' outside a catch block usually means that it is used to log the stack o...Updatedrationale = ...kTrace()' usually means that it is used to log the stack of errors, which has th...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishMissingAddedreference = http://cwe.mitre.org/data/definitions/489.html OWASP Top 10 2017 Category A3 - S...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishMissingAddedremediation = Loggers should be used instead to print Throwables, as they have many advantages...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishMissingAddedsample = public static void main(String[] args){ try { test(); } catch (U...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPERF011UpdatedlocalSiteDiagnose = null
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentOperationlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTALUpdatedlocalSiteCountTotal = null
4716quality-ruleAvoid Classes implementing too many Interfaces (JEE)Documentation englishname = ...plementing too many InterfacesUpdatedname = ...plementing too many Interfaces (JEE)
4734quality-ruleClass naming convention - case control (JEE)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (JEE)
4736quality-ruleMethod naming convention - case control (JEE)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (JEE)
4738quality-ruleConstant naming convention - case control (JEE)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (JEE)
5108quality-ruleAvoid Sections with a very low comment/code ratio (COBOL)Documentation englishname = ... a very low comment/code ratioUpdatedname = ... a very low comment/code ratio (COBOL)
5110quality-ruleAvoid Programs with a very low comment/code ratio (COBOL)Documentation englishname = ... a very low comment/code ratioUpdatedname = ... a very low comment/code ratio (COBOL)
5112quality-ruleAvoid undocumented Sections (COBOL)Documentation englishname = Avoid undocumented SectionsUpdatedname = Avoid undocumented Sections (COBOL)
5114quality-ruleAvoid undocumented Programs (COBOL)Documentation englishname = Avoid undocumented ProgramsUpdatedname = Avoid undocumented Programs (COBOL)
5144quality-ruleAvoid using GOTO statement (COBOL)Documentation englishname = Avoid using GOTO statementUpdatedname = Avoid using GOTO statement (COBOL)
6184quality-ruleAvoid Artifacts with Subqueries (Power Builder)Documentation englishname = ...void Artifacts with SubqueriesUpdatedname = ...void Artifacts with Subqueries (Power Builder)
7054quality-ruleAvoid large Programs - too many Lines of Code (ABAP)Documentation englishname = ...grams - too many Lines of CodeUpdatedname = ...grams - too many Lines of Code (ABAP)
7060quality-ruleAvoid undocumented Programs (ABAP)Documentation englishname = Avoid undocumented ProgramsUpdatedname = Avoid undocumented Programs (ABAP)
7084quality-ruleDELETED: Macro Naming ConventionDocumentation englishname = Macro Naming ConventionUpdatedname = DELETED: Macro Naming Convention
7086quality-ruleDELETED: Form Naming ConventionDocumentation englishname = Form Naming ConventionUpdatedname = DELETED: Form Naming Convention
7090quality-ruleDELETED: Avoid Functions recursive callsDocumentation englishname = Avoid Functions recursive callsUpdatedname = DELETED: Avoid Functions recursive calls
7124quality-ruleDELETED: Functional EvolvabilityDocumentation englishname = Functional EvolvabilityUpdatedname = DELETED: Functional Evolvability
7194quality-ruleAvoid large number of String concatenation (.NET)Documentation englishname = ...number of String concatenationUpdatedname = ...number of String concatenation (.NET)
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishname = ...number of String concatenationUpdatedname = ...number of String concatenation (JEE)
7198quality-ruleAvoid String concatenation in loops (.NET)Documentation englishname = ... String concatenation in loopsUpdatedname = ... String concatenation in loops (.NET)
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishname = ... String concatenation in loopsUpdatedname = ... String concatenation in loops (JEE)
7212quality-ruleAvoid instantiations inside loops (.NET)Documentation englishname = ...id instantiations inside loopsUpdatedname = ...id instantiations inside loops (.NET)
7214quality-ruleDELETED: Avoid using exception handling inside loops (JEE)Documentation englishname = Avoid using exception handling inside loopsUpdatedname = DELETED: Avoid using exception handling inside loops (JEE)
7216quality-ruleAvoid using exception handling inside loops (.NET)Documentation englishname = ...xception handling inside loopsUpdatedname = ...xception handling inside loops (.NET)
7254quality-ruleDeclare as Static all methods not using instance members (JEE)Documentation englishname = ...ods not using instance membersUpdatedname = ...ods not using instance members (JEE)
7256quality-ruleProvide a private default Constructor for utility Classes (JEE)Documentation englishname = ...onstructor for utility ClassesUpdatedname = ...onstructor for utility Classes (JEE)
7270quality-ruleDeclare as Static all methods not using instance members (.NET)Documentation englishname = ...ods not using instance membersUpdatedname = ...ods not using instance members (.NET)
7272quality-ruleProvide a private default Constructor for utility Classes (.NET)Documentation englishname = ...onstructor for utility ClassesUpdatedname = ...onstructor for utility Classes (.NET)
7308quality-ruleAvoid using Inner ClassesDocumentation englishdescription = ...er classes.Updateddescription = ...er classes except if the class is a static one.
7384quality-ruleDELETED: Large Programs should be called dynamicallyDocumentation englishname = Large Programs should be called dynamicallyUpdatedname = DELETED: Large Programs should be called dynamically
7396quality-ruleDELETED: Subprograms called multiple times should be called staticallyDocumentation englishname = Subprograms called multiple times should be called staticallyUpdatedname = DELETED: Subprograms called multiple times should be called statically
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishreference = http://www-128.ibm.com/developerworks/java/library/j-jtp0618.html http://java.su...Updatedreference = https://www.ibm.com/developerworks/java/library/j-jtp0618/index.html http://java...
7446quality-ruleAvoid double checked lockingOperationlocalSiteCountTotal = DSS_DIAG_SCOPE_GENERIC_NUMUpdatedlocalSiteCountTotal = null
7458quality-ruleAvoid large Interfaces - too many Methods (.NET)Documentation englishname = ... Interfaces - too many MethodsUpdatedname = ... Interfaces - too many Methods (.NET)
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDocumentation englishreference = ...b.mit.edu/ist/org/admincomputing/dev/abap_review_check_list.htmUpdatedreference = ...b.mit.edu/fss/dev/abap_review_check_list.htm
7560quality-ruleDELETED: Programs accessing relational Databases must include the SQLCA CopybookDocumentation englishname = Programs accessing relational Databases must include the SQLCA CopybookUpdatedname = DELETED: Programs accessing relational Databases must include the SQLCA Copybook
7588quality-ruleDELETED: Avoid custom code with OSS notesDocumentation englishname = Avoid custom code with OSS notesUpdatedname = DELETED: Avoid custom code with OSS notes
7596quality-ruleAvoid Classes implementing too many Interfaces (ABAP)Documentation englishname = ...plementing too many InterfacesUpdatedname = ...plementing too many Interfaces (ABAP)
7626quality-ruleAvoid large Classes - too many Methods (ABAP)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (ABAP)
7628quality-ruleAvoid large Classes - too many Data Members (ABAP)Documentation englishname = ...lasses - too many Data MembersUpdatedname = ...lasses - too many Data Members (ABAP)
7630quality-ruleAvoid large Interfaces - too many Methods (ABAP)Documentation englishname = ... Interfaces - too many MethodsUpdatedname = ... Interfaces - too many Methods (ABAP)
7650quality-ruleAll types of a serializable Class must be serializableDocumentation englishname = ...ble Class must be serializable (ASCRM-RLB-2)Updatedname = ...ble Class must be serializable
7740quality-ruleAvoid cross-site scripting DOM vulnerabilitiesDocumentation englishname = CWE-79: Avoid cross-site scripting DOM vulnerabilitiesUpdatedname = Avoid cross-site scripting DOM vulnerabilities
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishname = CWE-89: Avoid SQL injection vulnerabilitiesUpdatedname = Avoid SQL injection vulnerabilities
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishname = CWE-90: Avoid LDAP injection vulnerabilitiesUpdatedname = Avoid LDAP injection vulnerabilities
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishname = CWE-78: Avoid OS command injection vulnerabilitiesUpdatedname = Avoid OS command injection vulnerabilities
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishname = CWE-91: Avoid XPath injection vulnerabilitiesUpdatedname = Avoid XPath injection vulnerabilities
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishname = CWE-73: Avoid file path manipulation vulnerabilitiesUpdatedname = Avoid file path manipulation vulnerabilities
7962quality-ruleAvoid direct or indirect remote calls inside a loopDocumentation englishname = ...ect remote calls inside a loop(ASCPEM-PRF-8)Updatedname = ...ect remote calls inside a loop
7968quality-ruleNever use strcat() function (C/C++)Documentation englishname = Never use strcat() functionUpdatedname = Never use strcat() function (C/C++)
7970quality-ruleNever use strcpy() function (C/C++)Documentation englishname = Never use strcpy() functionUpdatedname = Never use strcpy() function (C/C++)
7972quality-ruleNever use sprintf() or vsprintf() functionsDocumentation englishassociatedValueName = Number of violation patternsUpdatedassociatedValueName = Functions called
7972quality-ruleNever use sprintf() or vsprintf() functionsDocumentation englishoutput = Associated to each C/C++ function/method/constructors/destructors with violation...Updatedoutput = Functions called
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishname = CWE-117: Avoid Log forging vulnerabilitiesUpdatedname = Avoid Log forging vulnerabilities
8098quality-ruleAvoid uncontrolled format stringDocumentation englishname = CWE-134: Avoid uncontrolled format stringUpdatedname = Avoid uncontrolled format string
8102quality-ruleAvoid hardcoded network resource names (JEE)Documentation englishname = ...rdcoded network resource namesUpdatedname = ...rdcoded network resource names (JEE)
8114quality-ruleAvoid numerical data corruption during incompatible mutation (ABAP)Documentation englishname = ...n during incompatible mutationUpdatedname = ...n during incompatible mutation (ABAP)
8140quality-ruleSubscripts and iterators must be defined with BINARY usageDocumentation englishdescription = This rule lists Cobol Programs that access internal tables with a subscript rath...Updateddescription = This rule searches in Cobol Programs for variables that are not defined with the...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishdescription = ...methods acessing the closed SQL connections or data streams which are not valid....Updateddescription = ...methods accessing the closed SQL connections or data streams which are not valid...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishoutput = This report lists all methods that access the closed SQL connections or data str...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishrationale = This mainly comes from an incorrect code that by mistake access the invalid reso...Updatedrationale = When a resource is released it might not be in an expected state, later attempts...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishreference = ....org/data/definitions/672.htmlUpdatedreference = ....org/data/definitions/672.html ASCSM-CWE-672: Expired or Released Resource Usage
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishremediation = ...should be always before closing the application.Updatedremediation = ...should be called before closing the application.
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishremediationSample = ...sing a conection"); connection.close(); }UpdatedremediationSample = ...sing a connection"); connection.close(); }
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishsample = ...sing a conection"); connection.close(); System.out.println("Connecti...Updatedsample = ...sing a connection"); connection.close(); System.out.println("Connect...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishtotal = ...hods that open a database resource in the bodyUpdatedtotal = ...hods that have invalid access to the database resource in the body
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDocumentation englishtotal = All artifacts that reference a incompatible mutationUpdatedtotal = All artefacts that can reference an incompatible mutation which includes methods...
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
8218quality-ruleContent type should be checked when receiving a HTTP PostDocumentation englishname = CWE-434: Content type should be checked when receiving a HTTP PostUpdatedname = Content type should be checked when receiving a HTTP Post
8222quality-ruleUse of hard-coded credentialsDocumentation englishname = CWE-798: Use of hard-coded credentialsUpdatedname = Use of hard-coded credentials
8238quality-ruleTrust boundary violationDocumentation englishname = CWE-501: Trust boundary violationUpdatedname = Trust boundary violation
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishname = CWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeUpdatedname = Sensitive cookie in HTTPS session without 'Secure' attribute
8242quality-ruleUse of insufficiently random valuesDocumentation englishname = CWE-330: Use of insufficiently random valuesUpdatedname = Use of insufficiently random values
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockQuality Contribution to 'Programming Practices - Modularity and OO Encapsulation Conformity' (61020)Missing contributionAddedcritical = true, weight = 7

AIP 8.3.9 - 8.3.10

This section lists the results of a comparison between a CAST AIP 8.3.9 Assessment Model and the CAST AIP 8.3.10 Assessment Model. You can download the original compare_839_8310.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.9 Assessment ModelChangeCAST 8.3.10 Assessment Model
3570quality-ruleAvoid using Keywords as namesDocumentation englishdescription = ...ds should not be used as namesUpdateddescription = ...ds should not be used as names. For list of supported keyword for C# please see ...
7526quality-ruleAvoid using hardcoded pathsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 3, propertyID = 140907
7526quality-ruleAvoid using hardcoded pathsOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPAOPI002UpdatedlocalSiteDiagnose = null
7526quality-ruleAvoid using hardcoded pathsOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIFAC_TOTALUpdatedlocalSiteCountTotal = null

AIP 8.3.8 - 8.3.9

No differences.

AIP 8.3.7 - 8.3.8

This section lists the results of a comparison between a CAST AIP 8.3.7 Assessment Model and the CAST AIP 8.3.8 Assessment Model. You can download the original compare_837_838.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.7 Assessment ModelChangeCAST 8.3.8 Assessment Model
1634quality-ruleAvoid unreferenced TablesTechnologies[DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
6584quality-ruleView naming convention - name size controlDefinitionactive = true, detached = falseRemovedMissing
6586quality-ruleTable naming convention - name size controlDefinitionactive = true, detached = falseRemovedMissing
6588quality-ruleView naming convention - character set controlDefinitionactive = true, detached = falseRemovedMissing
6590quality-ruleTable naming convention - character set controlDefinitionactive = true, detached = falseRemovedMissing
6592quality-ruleDELETED:6592 Avoid undocumented FunctionsDefinitionactive = true, detached = trueRemovedMissing
6594quality-ruleDELETED:6594 Avoid undocumented TriggersDefinitionactive = true, detached = trueRemovedMissing
6596quality-ruleDELETED: 6596 Avoid Triggers with a very low comment/code ratioDefinitionactive = true, detached = trueRemovedMissing
6598quality-ruleDELETED:6598 Avoid undocumented ProceduresDefinitionactive = true, detached = trueRemovedMissing
6600quality-ruleDELETED:6600 Avoid functions and procedures with a very low comment/code ratioDefinitionactive = true, detached = trueRemovedMissing
7122quality-measureComplexity Volume (% of LoC)Parameter #1: Maximum High Complexity Volume (% of LoC)values(DB2 Server) = [20.0]Updatedvalues(DB2 Server) = No default values
7124quality-ruleFunctional EvolvabilityParameter #1: Maximum Functional Evolvabilityvalues(DB2 Server) = [50]Updatedvalues(DB2 Server) = No default values
7404quality-ruleAvoid unreferenced viewsTechnologies[DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7412quality-ruleDELETED:7412 Avoid undocumented functions and proceduresDefinitionactive = true, detached = trueRemovedMissing
7420quality-ruleAvoid SQL queries with implicit conversions in the WHERE clauseTechnologies[ABAP, DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7660quality-ruleNever use SQL queries with a cartesian product on XXL TablesTechnologies[ABAP, DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7662quality-ruleAvoid SQL queries on XXL Tables with implicit conversions in the WHERE clauseTechnologies[ABAP, DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7760quality-ruleAvoid triggers, functions and procedures with a very low comment/code ratioTechnologies[DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7760quality-ruleAvoid triggers, functions and procedures with a very low comment/code ratioParameter #1: Minimum % Comment / Code Ratiovalues(DB2 Server) = [5]Updatedvalues(DB2 Server) = No default values
7762quality-ruleAvoid undocumented Triggers, Functions and ProceduresTechnologies[DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7766quality-ruleAvoid Artifacts with High Cyclomatic ComplexityTechnologies[ASP, ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [DB2 Server]
7768quality-ruleAvoid Artifacts with High Depth of CodeTechnologies[ASP, ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [DB2 Server]
7770quality-ruleAvoid Artifacts with too many parametersTechnologies[ASP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, C++, C, C#, VB.NET, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer)]UpdatedRemoved: [DB2 Server]
7772quality-ruleAvoid Artifacts with High Essential ComplexityTechnologies[ASP, ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [DB2 Server]
7774quality-ruleAvoid Artifacts with High Integration ComplexityTechnologies[ASP, ABAP, DB2 Server, SQL Server, Forms, Visual Basic, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [DB2 Server]
7776quality-ruleAvoid Artifacts with High Fan-InTechnologies[ASP, ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [DB2 Server]
7778quality-ruleAvoid Artifacts with High Fan-OutTechnologies[ASP, ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [DB2 Server]
7784quality-ruleAvoid Artifacts with lines longer than X charactersTechnologies[ASP, DB2 Server, SQL Server, Forms, Visual Basic, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [DB2 Server]
7806quality-ruleAvoid Artifacts with Group ByTechnologies[ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7808quality-ruleAvoid Artifacts with SQL statement including subqueriesTechnologies[ABAP, DB2 Server, SQL Server, Forms, Visual Basic, Cobol, C++, C, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7810quality-ruleAvoid Artifacts with a Complex SELECT ClauseTechnologies[ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7814quality-ruleAvoid Tables not using referential integrityTechnologies[DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7816quality-ruleAvoid using GOTO statementTechnologies[DB2 Server, SQL Server, Forms, C++, C, C#, VB.NET, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7820quality-ruleNever use SQL queries with a cartesian productTechnologies[ABAP, DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7822quality-ruleAvoid Artifacts with queries on more than 4 TablesTechnologies[ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7828quality-ruleAvoid Artifacts with High RAW SQL ComplexityTechnologies[ABAP, DB2 Server, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7840quality-ruleTrigger naming convention - prefix controlTechnologies[DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7840quality-ruleTrigger naming convention - prefix controlParameter #1: Trigger name prefixvalues(DB2 Server) = [D_, U_, L_]Updatedvalues(DB2 Server) = No default values
7842quality-ruleAvoid large Artifacts - too many Lines of CodeTechnologies[ABAP, DB2 Server, SQL Server, Forms, Cobol, C++, C, C#, VB.NET, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [DB2 Server]
7842quality-ruleAvoid large Artifacts - too many Lines of CodeParameter #1: Maximum Line Countvalues(DB2 Server) = [50]Updatedvalues(DB2 Server) = No default values
7852quality-ruleDatabase view naming convention - prefix controlTechnologies[SAP SQL, DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7852quality-ruleDatabase view naming convention - prefix controlParameter #1: Prefixvalues(DB2 Server) = [V_]Updatedvalues(DB2 Server) = No default values
7854quality-ruleDatabase table naming convention - prefix controlTechnologies[SAP SQL, DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7854quality-ruleDatabase table naming convention - prefix controlParameter #1: Prefixvalues(DB2 Server) = [T_]Updatedvalues(DB2 Server) = No default values
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemTechnologies[DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [DB2 Server]
7896quality-ruleAvoid using CursorsTechnologies[DB2 Server, SQL Server, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7898quality-ruleSQL Function naming convention - prefix controlTechnologies[DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7898quality-ruleSQL Function naming convention - prefix controlParameter #1: Prefixvalues(DB2 Server) = [F_]Updatedvalues(DB2 Server) = No default values
7900quality-ruleStored Procedure naming convention - prefix controlTechnologies[DB2 Server, SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7900quality-ruleStored Procedure naming convention - prefix controlParameter #1: Prefixvalues(DB2 Server) = [SP_]Updatedvalues(DB2 Server) = No default values
7902quality-ruleAvoid SQL queries that no index can supportTechnologies[ABAP, DB2 Server, SQL Server, Forms, Cobol, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7904quality-ruleAvoid SQL queries on XXL tables that no index can supportTechnologies[ABAP, DB2 Server, SQL Server, Cobol, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedRemoved: [DB2 Server]
7904quality-ruleAvoid SQL queries on XXL tables that no index can supportParameter #1: thresholdvalues(DB2 Server) = [100000]Updatedvalues(DB2 Server) = No default values
10201sizing-measureBackfired Function PointsParameter #1: BackFired FP ratiovalues(DB2 Server) = [60.0]Updatedvalues(DB2 Server) = No default values
6584quality-ruleView naming convention - name size controlQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 1RemovedMissing contribution
6586quality-ruleTable naming convention - name size controlQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 1RemovedMissing contribution
6588quality-ruleView naming convention - character set controlQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 1RemovedMissing contribution
6590quality-ruleTable naming convention - character set controlQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 1RemovedMissing contribution
65105quality-distributionSize DistributionParameter #1: Average Size Thresholdvalues(DB2 Server) = [10.0]Updatedvalues(DB2 Server) = No default values
65105quality-distributionSize DistributionParameter #2: Large Size Thresholdvalues(DB2 Server) = [50.0]Updatedvalues(DB2 Server) = No default values
65105quality-distributionSize DistributionParameter #3: Very Large Size Thresholdvalues(DB2 Server) = [200.0]Updatedvalues(DB2 Server) = No default values
65350quality-distributionCoupling DistributionParameter #1: Average Coupling Artifacts Thresholdvalues(DB2 Server) = [4.0]Updatedvalues(DB2 Server) = No default values
65350quality-distributionCoupling DistributionParameter #2: High Coupling Artifacts Thresholdvalues(DB2 Server) = [10.0]Updatedvalues(DB2 Server) = No default values
65350quality-distributionCoupling DistributionParameter #3: Very High Coupling Artifacts Thresholdvalues(DB2 Server) = [30.0]Updatedvalues(DB2 Server) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #1: Average Complexity Artifact Thresholdvalues(DB2 Server) = [5.0]Updatedvalues(DB2 Server) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #2: High Complexity Artifact Thresholdvalues(DB2 Server) = [15.0]Updatedvalues(DB2 Server) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #3: Very High Complexity Artifact Thresholdvalues(DB2 Server) = [30.0]Updatedvalues(DB2 Server) = No default values
66010quality-distributionReuse by Call DistributionParameter #1: Average Reuse Thresholdvalues(DB2 Server) = [4.0]Updatedvalues(DB2 Server) = No default values
66010quality-distributionReuse by Call DistributionParameter #2: High Reuse Thresholdvalues(DB2 Server) = [10.0]Updatedvalues(DB2 Server) = No default values
66010quality-distributionReuse by Call DistributionParameter #3: Very High Reuse Thresholdvalues(DB2 Server) = [30.0]Updatedvalues(DB2 Server) = No default values
66015quality-distributionClass Complexity Distribution (WMC)Parameter #1: Average Class Complexity Thresholdvalues(DB2 Server) = [30.0]Updatedvalues(DB2 Server) = No default values
66015quality-distributionClass Complexity Distribution (WMC)Parameter #2: High Class Complexity Thresholdvalues(DB2 Server) = [50.0]Updatedvalues(DB2 Server) = No default values
66015quality-distributionClass Complexity Distribution (WMC)Parameter #3: Very High Class Complexity Thresholdvalues(DB2 Server) = [100.0]Updatedvalues(DB2 Server) = No default values
66020quality-distributionClass Fan-Out DistributionParameter #1: Average Class Fan-Out Thresholdvalues(DB2 Server) = [10.0]Updatedvalues(DB2 Server) = No default values
66020quality-distributionClass Fan-Out DistributionParameter #2: High Class Fan-Out Thresholdvalues(DB2 Server) = [25.0]Updatedvalues(DB2 Server) = No default values
66020quality-distributionClass Fan-Out DistributionParameter #3: Very High Class Fan-Out Thresholdvalues(DB2 Server) = [50.0]Updatedvalues(DB2 Server) = No default values
66021quality-distributionClass Fan-In DistributionParameter #1: Average Class Fan-In Thresholdvalues(DB2 Server) = [10.0]Updatedvalues(DB2 Server) = No default values
66021quality-distributionClass Fan-In DistributionParameter #2: High Class Fan-In Thresholdvalues(DB2 Server) = [15.0]Updatedvalues(DB2 Server) = No default values
66021quality-distributionClass Fan-In DistributionParameter #3: Very High Class Fan-In Thresholdvalues(DB2 Server) = [30.0]Updatedvalues(DB2 Server) = No default values

AIP 8.3.6 - 8.3.7

This section lists the results of a comparison between a CAST AIP 8.3.6 Assessment Model and the CAST AIP 8.3.7 Assessment Model. You can download the original compare_836_837.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.6 Assessment ModelChangeCAST 8.3.7 Assessment Model
8146quality-ruleAvoid calling programs staticallyThresholds[99.0, 95.0, 90.0, 50.0]Updated[50.0, 90.0, 95.0, 99.0]
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishdescription = ...ts having R conditions testing equality on the same identifier in SQL WHERE clau...Updateddescription = ...ts having OR conditions testing equality on the same identifier in SQL WHERE cla...

AIP 8.3.5 - 8.3.6

This section lists the results of a comparison between a CAST AIP 8.3.5 Assessment Model and the CAST AIP 8.3.6 Assessment Model. You can download the original compare_835_836.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...
MetricTypeNameTopicCAST 8.3.5 Assessment ModelChangeCAST 8.3.6 Assessment Model
4602quality-ruleAvoid using Fields (non static final) from other ClassesDocumentation englishdescription = ...rs should be relatively rare."Updateddescription = ...rs should be relatively rare.". Fields of an INNER class are considered as inter...
7210quality-ruleAvoid instantiations inside loopsDocumentation englishdescription = ...lace . and any method with the same name in their respective derived classes ...Updateddescription = ...lace . java.util.stream.Stream.map . and any method with the same name in ...
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 545, propertyID = 5008
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentOperationlocalSiteDiagnose = DIAG_SCOPE_JAVASCTS003UpdatedlocalSiteDiagnose = null
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentOperationlocalSiteCountTotal = DIAG_JAVA_CONS_TOTALUpdatedlocalSiteCountTotal = null
7446quality-ruleAvoid double checked lockingDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 557, propertyID = 140861
7446quality-ruleAvoid double checked lockingOperationlocalSiteDiagnose = DIAG_SCOPE_JAVASCTS001UpdatedlocalSiteDiagnose = null
7446quality-ruleAvoid double checked lockingOperationlocalSiteCountTotal = DIAG_JAVA_ANA_SYNCH_TOTALUpdatedlocalSiteCountTotal = DSS_DIAG_SCOPE_GENERIC_NUM
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishdescription = ...of tables without Primary key constraintsUpdateddescription = ...of tables and materialized views without Primary key constraints
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishoutput = ...ll tables without a primary key defined. it provides the following information: ...Updatedoutput = ...ll tables and materialized views without a primary key defined. it provides the ...
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishrationale = ...entifier. Next a primary key is a candidate key that's been singled out to uni...Updatedrationale = ...entifier. Next a primary key is a candidate key that's been singled out to uniqu...
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishremediation = Appy referential integrity through constraint::Updatedremediation = Apply referential integrity through constraint::
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishtotal = Tables of the scoped container (schema or database depending of the DBMS)Updatedtotal = Tables and materialized views of the scoped container (schema or database depend...
1020004quality-ruleAvoid using querySelectorAllDocumentation englishdescription = ...ctorAll can be 40 time slower.Updateddescription = ...ctorAll can be 40 time slower. This rule is compliant with CISQ ASCPEM-PRF-4 rec...
1020004quality-ruleAvoid using querySelectorAllDocumentation englishname = Avoid to use querySelectorAllUpdatedname = Avoid using querySelectorAll
1020004quality-ruleAvoid using querySelectorAllDocumentation englishrationale = ASCPEM-PRF-04Updatedrationale = Ensure your web application interactivity by accessing/manipulating the DOM tree...
1020004quality-ruleAvoid using querySelectorAllDocumentation englishMissingAddedreference = [1] http://www.infoq.com/presentations/JavaScript-Performance-Patterns [2] http...
1020006quality-ruleAvoid calling a function in a termination loopDocumentation englishdescription = ...unction in a loop termination.Updateddescription = ...unction in a loop termination. This rule is compliant with CISQ OMG ASCPEM-PRF-4...
1020006quality-ruleAvoid calling a function in a termination loopDocumentation englishname = Avoid to call a function in a termination loopUpdatedname = Avoid calling a function in a termination loop
1020006quality-ruleAvoid calling a function in a termination loopDocumentation englishMissingAddedreference = AJAX in Action - Manning - ISBN 1-932394-61-3 page 290 CISQ OMG
1020008quality-ruleAvoid using for-in loopDocumentation englishdescription = ...n number of object properties.Updateddescription = ...n number of object properties. This rules is compliant with CISQ OMG ASCPEM-PRF-...
1020008quality-ruleAvoid using for-in loopDocumentation englishname = Avoid for-in loopUpdatedname = Avoid using for-in loop
1020008quality-ruleAvoid using for-in loopDocumentation englishrationale = ASCPEM-PRF-04Updatedrationale = Ensure your web application interactivity by accessing/manipulating the DOM tree...
1020008quality-ruleAvoid using for-in loopDocumentation englishreference = CISQ OMGUpdatedreference = CISQ OMG ASCPEM-PRF-4
1020010quality-ruleAvoid using forEach()Documentation englishdescription = ...refore isn't a suitable approach when execution time is a significant concern.Updateddescription = ...refore isn’t a suitable approach when execution time is a significant concern. T...
1020010quality-ruleAvoid using forEach()Documentation englishrationale = ASCPEM-PRF-04Updatedrationale = Ensure your web application interactivity by accessing/manipulating the DOM tree...
1020010quality-ruleAvoid using forEach()Documentation englishreference = CISQ OMG, http://jsperf.com/foreach-vs-loopUpdatedreference = CISQ OMG ASCPEM-PRF-4 http://jsperf.com/foreach-vs-loop
1020016quality-ruleAvoid using too much dot notation in loopDocumentation englishrationale = ...ime consumed by this function.Updatedrationale = ...ime consumed by this function. This rule is compliant with CISQ OMG ASCPEM-PRF-4...
1020024quality-ruleAvoid using submit markup related to "form" with id attributeDocumentation englishsample = <form id="test">...</form><button form="test" formaction="javascript:alert(1)">X...Updatedsample = <form id="myid"><input type="submit" value="Submit"></form>
1020060quality-ruleAvoid using console.log()Documentation englishdescription = ...WASP 2013 and 2017 A6 - Sensitive Data Exposure.Updateddescription = ...WASP 2013 A6 and 2017 A3 - Sensitive Data Exposure
1020082quality-ruleAvoid undocumented FunctionsParameter #-5name = [Target Metric ID], type = integer, description = Reserved parameterRemovedMissing
1020084quality-ruleAvoid unreferenced FunctionsParameter #-5name = [Target Metric ID], type = integer, description = Reserved parameterRemovedMissing
1020086quality-ruleAvoid Functions having a very low Comment/Code ratioParameter #-5name = [Target Metric ID], type = integer, description = Reserved parameterRemovedMissing
1020088quality-ruleAvoid Artifacts with lines longer than X charactersParameter #-5name = [Target Metric ID], type = integer, description = Reserved parameterRemovedMissing
1020090quality-ruleAvoid Artifacts with High Depth of CodeParameter #-5name = [Target Metric ID], type = integer, description = Reserved parameterRemovedMissing

AIP 8.3.4 - 8.3.5

This section lists the results of a comparison between a CAST AIP 8.3.4 Assessment Model and the CAST AIP 8.3.5 Assessment Model. You can download the original compare_834_835.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...
MetricTypeNameTopicCAST 8.3.4 Assessment ModelChangeCAST 8.3.5 Assessment Model
4616quality-ruleProper overriding of 'finalize()'Documentation englishMissingAddedreference = https://cwe.mitre.org/data/definitions/568.html
7348quality-ruleAvoid too many Indexes on one TableDocumentation englishdescription = Avoid having more than (>) X indexes (where X is a parameter)Updateddescription = This rule will report a violation where the number of indexes on a table exceeds...
7648quality-ruleAvoid calling finalize()Documentation englishreference = http://www.owasp.org/index.php/Poor_Style:_Explicit_call_to_finalize()Updatedreference = https://cwe.mitre.org/data/definitions/586.html
7690quality-ruleAvoid unchecked return code (SQLCODE) after EXEC SQL queryDocumentation englishdescription = ...ery and the return code check.Updateddescription = ...ery and the return code check. Rule should not consider the below case as viol...
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeTechnologies[C#, VB.NET, JEE]UpdatedRemoved: [C#, VB.NET]
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeThresholds[98.0, 99.0, 99.5, 99.99]Updated[50.0, 90.0, 95.0, 99.0]
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishdescription = ...laintext over an HTTP session.Updateddescription = ...laintext over an HTTP session. Using the method "setSecure" ensures that the se...
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishname = ...Sensitive Cookie in HTTPS Session Without 'Secure' AttributeUpdatedname = ...Sensitive cookie in HTTPS session without 'Secure' attribute
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishrationale = The Secure attribute for sensitive cookies in HTTPS sessions is not set, which c...Updatedrationale = The secure flag is an option that can be set by the application server when send...
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishreference = CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute https://cw...Updatedreference = https://cwe.mitre.org/data/definitions/614.html https://www.owasp.org/index.php...
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishremediation = Set the secured attribute to cookies.Updatedremediation = Always set the secure attribute when the cookie should sent via HTTPS only
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = Total number of methods calling javax.servlet.http.HttpServletResponse.addCookie...Updatedtotal = Methods calling javax.servlet.http.HttpServletResponse.addCookie.
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishMissingAddedremediationSample = Cookie c = new Cookie(ACCOUNT_ID, acctID); c.setSecure(true); // Compliant Code...
8240quality-ruleCWE-614: Sensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishMissingAddedsample = Cookie c = new Cookie(ACCOUNT_ID, acctID); // Violation - cookie is not secure ...
10201sizing-measureBackfired Function PointsParameter #1: BackFired FP ratiovalues(SQL) = No default valuesUpdatedvalues(SQL) = [60.0]
66064technical-criterionSecure Coding - Weak Security FeaturesQuality Contribution to 'Total Quality Index' (60017)Missing contributionAddedcritical = false, weight = 5
1020078quality-ruleAvoid using setTimeout()DiagnosisscopeID = 1020001, propertyID = 1020075UpdatedscopeID = 1020009, propertyID = 1020075
1020078quality-ruleAvoid using setTimeout()Documentation englishremediation = If possible, refactor your code so that it does not need to use setTimeout() at ...Updatedremediation = Do not use setTimeout with function passed as a string value.
1020078quality-ruleAvoid using setTimeout()Documentation englishsample = setTimeout(function(){ alert("Hello"); }, 3000);Updatedsample = function delayedFunction() { alert("This is a delay"); } // unsafe - call to...
1020078quality-ruleAvoid using setTimeout()Documentation englishtotal = Number of Javascript FunctionsUpdatedtotal = Number of Javascript Functions using setTimeout
1020078quality-ruleAvoid using setTimeout()Documentation englishMissingAddedremediationSample = function delayedFunction() { alert("This is a delay"); } // safe - direct ca...

AIP 8.3.3 - 8.3.4

This section lists the results of a comparison between a CAST AIP 8.3.3 Assessment Model and the CAST AIP 8.3.4 Assessment Model. You can download the original compare_833_834.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...
MetricTypeNameTopicCAST 8.3.3 Assessment ModelChangeCAST 8.3.4 Assessment Model
2232quality-rulePages should use error handling pageQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 5Updatedcritical = false
3616quality-ruleData Access must be based on Stored Procedure CallsDocumentation englishrationale = ...also limit the parsing phase of the SQL order. This generally result in better p...Updatedrationale = ...also limits the parsing phase of the SQL order. This generally results in better...
4070quality-ruleAvoid use of "truncate table"Documentation englishtotal = Total number of database objects containing code: SP, Functions, and Triggers.Updatedtotal = Number of SQL Artifacts
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishMissingAddedrationale = Using temporary tables in nested procedures could be risky when tables are creat...
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishMissingAddedremediation = Replace temporary tables with queries.
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishMissingAddedremediationSample = Create proc1 As Begin Exec proc2 End; Go Create proc2 As Begin /* 1st c...
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishMissingAddedsample = Create proc1 As Begin Create table #table1 (col1 integer) Insert into #tabl...
4602quality-ruleAvoid using Fields (non static final) from other ClassesDocumentation englishdescription = ...concepts, fields should not be accessed from outside the class without going thr...Updateddescription = ...concepts, Fields should not be accessed from outside the Class without going thr...
4612quality-ruleAvoid using native Methods (JNI)Documentation englishdescription = ... that you consider to be safe.Updateddescription = ... that you consider to be safe. See : CWE-111: Direct Use of Unsafe JNI
4612quality-ruleAvoid using native Methods (JNI)Documentation englishreference = ...Java_Native_Interface#PitfallsUpdatedreference = ...Java_Native_Interface#Pitfalls https://cwe.mitre.org/data/definitions/111.html
7218quality-ruleAvoid OPEN/CLOSE inside loopsDocumentation englishtotal = Number of Cobol Programs using Cobol File LinksUpdatedtotal = Number of Cobol Programs
7366quality-ruleFile descriptor block must be defined with 0 recordDocumentation englishtotal = Number of Cobol Programs using Cobol File LinksUpdatedtotal = Number of Cobol Programs
7542quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness checkDocumentation englishtotal = ...Artifacts using SAP Tables and SAP Views.Updatedtotal = ...Artifacts containing OpenSQL statements
7548quality-ruleNever use incompatible statements with the CICS environmentDocumentation englishtotal = Number of Cobol Programs running under the CICSUpdatedtotal = Number of Cobol Programs
7560quality-rulePrograms accessing relational Databases must include the SQLCA CopybookDocumentation englishtotal = Number of programs accessing relational databasesUpdatedtotal = Number of Cobol Programs embedding SQL
7644quality-ruleAvoid executing multiple OPEN statementsDocumentation englishtotal = Number of Cobol Programs using Cobol File LinksUpdatedtotal = Number of Cobol Programs
7670quality-ruleAvoid accessing SAP standard Tables in modification from custom codeDocumentation englishtotal = ...r of ABAP custom Programs, User-exits, Includes, Functions, and Class Methods th...Updatedtotal = ...r of ABAP Artifacts
7688quality-ruleNever truncate data in MOVE statementsDocumentation englishMissingAddedtotal = Number of Cobol Programs
7690quality-ruleAvoid unchecked return code (SQLCODE) after EXEC SQL queryDocumentation englishtotal = ... Programs accessing relational databasesUpdatedtotal = ... Programs embedding SQL
7698quality-ruleFiles should be declared with a FILE-STATUSDocumentation englishtotal = Number of Cobol Programs using Cobol File LinksUpdatedtotal = Number of Cobol Programs
7756quality-ruleAvoid using READ statement without AT END clause or INVALID KEY clauseDocumentation englishtotal = Number of Cobol Programs using Cobol File LinksUpdatedtotal = Number of Cobol Programs
7784quality-ruleAvoid Artifacts with lines longer than X charactersDocumentation englishdescription = ...er and can be changed at will.Updateddescription = ...er and can be changed at will. For JAVA artifacts with annotation declared insid...
7866quality-ruleAvoid SELECT ... BYPASSING BUFFERDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7868quality-ruleAvoid Open SQL queries in loopsDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7870quality-ruleAvoid using the NOT LIKE operator in WHERE clausesDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7872quality-ruleAvoid using IS [NOT] NULL in WHERE conditionDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7874quality-ruleAvoid using dynamic queriesDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7876quality-ruleAvoid using SELECT ... FOR UPDATEDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7878quality-ruleAvoid Open SQL SELECT queries without WHERE conditionDocumentation englishtotal = ...g OpenSQL queries.Updatedtotal = ...g OpenSQL statements
7880quality-ruleAvoid nested loopsDocumentation englishtotal = ...umber of Abap artifacts containing codeUpdatedtotal = ...umber of ABAP Artifacts
7884quality-ruleAvoid disabling source code inspectionDocumentation englishtotal = ...r of ABAP artifacts containing ABAP code.Updatedtotal = ...r of ABAP Artifacts
7906quality-ruleAvoid testing specific values for SY-UNAMEDocumentation englishtotal = ...r of ABAP artifacts containing ABAP codeUpdatedtotal = ...r of ABAP Artifacts
7946quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joinsDocumentation englishtotal = LINBERGH_PLUSUpdatedtotal = Number of SQL Artifacts
7948quality-ruleDo not mix Ansi joins syntax with Oracle proprietary joins syntax in the same queryDocumentation englishtotal = LINBERGH_PLUSUpdatedtotal = Number of SQL Artifacts
8014quality-ruleAvoid unchecked return code (SY-SUBRC) after AUTHORITY-CHECKDocumentation englishtotal = ...umber of Abap ArtifactsUpdatedtotal = ...umber of ABAP Artifacts
8036quality-ruleAvoid improperly written triangular joins with XXL tables in PL/SQL codeDocumentation englishtotal = The total procedure counts the number of Client-Server ArtifactsUpdatedtotal = Number of SQL Artifacts
8080quality-ruleAvoid exists independent clausesDocumentation englishtotal = All SQL artifactsUpdatedtotal = Number of SQL Artifacts
8100quality-ruleBlocking synchronous calls should have associated timeoutsDocumentation englishtotal = All ArtifactsUpdatedtotal = Number of Java Artifacts
8102quality-ruleAvoid hardcoded network resource namesDocumentation englishtotal = All ArtifactsUpdatedtotal = Number of Java Artifacts
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Documentation englishtotal = ...P Artifacts containing OpenSQLUpdatedtotal = ...P Artifacts containing OpenSQL statements
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishtotal = ...P Artifacts containing OpenSQLUpdatedtotal = ...P Artifacts containing OpenSQL statements
8128quality-ruleAvoid using UPDATE and DELETE without WHERE conditionDocumentation englishtotal = ...P Artifacts containing OpenSQLUpdatedtotal = ...P Artifacts containing OpenSQL statements
8130quality-ruleAvoid using database hintsDocumentation englishtotal = ...P Artifacts containing OpenSQLUpdatedtotal = ...P Artifacts containing OpenSQL statements
8132quality-ruleAvoid using CHECK, EXIT,or RETURN in SELECT ... ENDSELECT loopsDocumentation englishtotal = ...P Artifacts containing OpenSQLUpdatedtotal = ...P Artifacts containing OpenSQL statements
8134quality-ruleAvoid unsorted data after SELECT queriesDocumentation englishtotal = ...P Artifacts containing OpenSQLUpdatedtotal = ...P Artifacts containing OpenSQL statements
8140quality-ruleSubscripts and iterators must be defined with BINARY usageDocumentation englishtotal = Number of violationsUpdatedtotal = Number of Cobol Programs
8142quality-rulePrefer using indexes instead of subscriptsDocumentation englishtotal = Number of violationsUpdatedtotal = Number of Cobol Programs
8144quality-ruleAvoid using INITIALIZE statement on data structuresDocumentation englishtotal = Number of violationsUpdatedtotal = Number of Cobol Programs
8146quality-ruleAvoid calling programs staticallyDocumentation englishtotal = Number of Cobol Programs.Updatedtotal = Number of Cobol Programs
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishtotal = Number of Cobol Programs accessing IMS databaseUpdatedtotal = Number of Cobol Programs
8162quality-ruleCICS return code should be checkedDocumentation englishtotal = Number of Cobol Programs running under CICSUpdatedtotal = Number of Cobol Programs
8220quality-ruleAvoid using deprecated method, constructor, field, type or packageDocumentation englishtotal = Report if Deprecated class, method, field or type is used in the java code.Updatedtotal = Number of Java Artifacts
8236quality-ruleAvoid using hard-coded valuesDocumentation englishtotal = Number of Cobol Programs with Alphanumeric literals Matching the violation patte...Updatedtotal = Number of Cobol Programs
1022000quality-ruleAvoid using weak encryption algorithm as DES and triple DESDefinitionMissingAddedactive = true, detached = false
1022000quality-ruleAvoid using weak encryption algorithm as DES and triple DESQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)DefinitionMissingAddedactive = true, detached = false
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Quality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.2 - 8.3.3

This section lists the results of a comparison between a CAST AIP 8.3.2 Assessment Model and the CAST AIP 8.3.3 Assessment Model. You can download the original compare_832_833.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...
MetricTypeNameTopicCAST 8.3.2 Assessment ModelChangeCAST 8.3.3 Assessment Model
8222quality-ruleCWE-798: Use of hard-coded credentialsDocumentation englishname = CWE-798 : Use of Hard-coded CredentialsUpdatedname = CWE-798: Use of hard-coded credentials
8222quality-ruleCWE-798: Use of hard-coded credentialsDocumentation englishreference = CWE-798 : Use of Hard-coded Credentials http://cwe.mitre.org/data/definitions/79...Updatedreference = CWE-798: Use of hard-coded credentials http://cwe.mitre.org/data/definitions/798...
8222quality-ruleCWE-798: Use of hard-coded credentialsDocumentation englishsample = Java example : ... DriverManager.getConnection(url, "jeff", "1234"); ... C#...RemovedMissing
8238quality-ruleCWE-501: Trust boundary violationDefinitionMissingAddedactive = true, detached = false
8238quality-ruleCWE-501: Trust boundary violationQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8240quality-ruleCWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' AttributeDefinitionMissingAddedactive = true, detached = false
8240quality-ruleCWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' AttributeQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8242quality-ruleCWE-330: Use of insufficiently random valuesDefinitionMissingAddedactive = true, detached = false
8242quality-ruleCWE-330: Use of insufficiently random valuesQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.1 - 8.3.2

This section lists the results of a comparison between a CAST AIP 8.3.1 Assessment Model and the CAST AIP 8.3.2 Assessment Model. You can download the original compare_831_832.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...
MetricTypeNameTopicCAST 8.3.1 Assessment ModelChangeCAST 8.3.2 Assessment Model
4602quality-ruleAvoid using Fields (non static final) from other ClassesDocumentation englishdescription = ...concepts, Fields should not be accessed from outside the Class without going thr...Updateddescription = ...concepts, fields should not be accessed from outside the class without going thr...
4602quality-ruleAvoid using Fields (non static final) from other ClassesDocumentation englishMissingAddedrationale = On of the fundamental concept of this rule is encapsulation: Hiding the internal...
7210quality-ruleAvoid instantiations inside loopsDocumentation englishdescription = ...instantiation occurs in a call to one of the following methods: . java.util.C...Updateddescription = ...instantiated object is one of the arguments of a call to one of the following me...
7366quality-ruleFile descriptor block must be defined with 0 recordDocumentation englishdescription = ...ED clause), sort files (SD), and input files are not considered as violating the...Updateddescription = ...ED clause) and sort files (SD) are not considered as violating the rule.
7548quality-ruleNever use incompatible statements with the CICS environmentDocumentation englishdescription = ...- DISPLAY - FD and SD - SELECT <file> ASSIGN TO - OPEN, CLOSE, READ, WRITE, REWR...Updateddescription = ...- DISPLAY UPON CONSOLE - DISPLAY UPON SYSPUNCH - FD and SD - SELECT <file> ASS...
7784quality-ruleAvoid Artifacts with lines longer than X charactersTechnologies[ASP, DB2 Server, SQL Server, Forms, Visual Basic, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedAdded: [HTML5]
7844quality-ruleAvoid undocumented ClassesTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, .NET (Legacy Analyzer)]UpdatedAdded: [HTML5]
7944quality-ruleAvoid High Response for ClassesTechnologies[ABAP, PowerBuilder, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedAdded: [HTML5]
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDiagnosisscopeID = 535, propertyID = 140550UpdatedscopeID = 911, propertyID = 140550
8236quality-ruleAvoid using hard-coded valuesDefinitionMissingAddedactive = true, detached = false
8236quality-ruleAvoid using hard-coded valuesQuality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)Missing contributionAddedcritical = false, weight = 4
66064technical-criterionSecure Coding - Weak Security FeaturesQuality Contribution to 'Security' (60016)Missing contributionAddedcritical = false, weight = 8
66064technical-criterionSecure Coding - Weak Security FeaturesActivationactive = true, detached = trueUpdateddetached = false
1020082quality-ruleAvoid undocumented FunctionsDefinitionMissingAddedactive = true, detached = false
1020082quality-ruleAvoid undocumented FunctionsQuality Contribution to 'Documentation - Volume of Comments' (61028)Missing contributionAddedcritical = false, weight = 7
1020084quality-ruleAvoid unreferenced FunctionsDefinitionMissingAddedactive = true, detached = false
1020084quality-ruleAvoid unreferenced FunctionsQuality Contribution to 'Dead code (static)' (61027)Missing contributionAddedcritical = false, weight = 4
1020086quality-ruleAvoid Functions having a very low Comment/Code ratioDefinitionMissingAddedactive = true, detached = false
1020086quality-ruleAvoid Functions having a very low Comment/Code ratioQuality Contribution to 'Documentation - Volume of Comments' (61028)Missing contributionAddedcritical = false, weight = 3
1020088quality-ruleAvoid Artifacts with lines longer than X charactersDefinitionMissingAddedactive = true, detached = false
1020088quality-ruleAvoid Artifacts with lines longer than X charactersQuality Contribution to 'Documentation - Style Conformity' (61006)Missing contributionAddedcritical = false, weight = 2
1020090quality-ruleAvoid Artifacts with High Depth of CodeDefinitionMissingAddedactive = true, detached = false
1020090quality-ruleAvoid Artifacts with High Depth of CodeQuality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)Missing contributionAddedcritical = false, weight = 5
1020304quality-ruleImplement success and error callbacks when using jquery web service callDocumentation englishdescription = ...ise $.ajax interface to implement success and error callbacks. This rule is comp...Updateddescription = ...ise $.ajax, $.get, $.getJSON interface to implement success and error callbacks....
1020304quality-ruleImplement success and error callbacks when using jquery web service callDocumentation englishname = ...hen using $.ajax interfaceUpdatedname = ...hen using jquery web service call

AIP 8.3.0 - 8.3.1

This section lists the results of a comparison between a CAST AIP 8.3.0 Assessment Model and the CAST AIP 8.3.1 Assessment Model. You can download the original compare_830_831.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.3.0 Assessment ModelChangeCAST 8.3.1 Assessment Model
2232quality-rulePages should use error handling pageDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 555, propertyID = 140268
2232quality-rulePages should use error handling pageOperationlocalSiteDiagnose = DIAG_SCOPE_JSPBEST002UpdatedlocalSiteDiagnose = null
2232quality-rulePages should use error handling pageOperationlocalSiteCountTotal = DIAG_JSP_PAGE_DESC_TOTALUpdatedlocalSiteCountTotal = null
2232quality-rulePages should use error handling pageQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 7Updatedweight = 5
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 540, propertyID = 140796
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)OperationlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM007UpdatedlocalSiteDiagnose = null
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)OperationlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTALUpdatedlocalSiteCountTotal = null
7510quality-ruleUse only Hibernate API to access to the databaseDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 554, propertyID = 140792
7510quality-ruleUse only Hibernate API to access to the databaseOperationlocalSiteDiagnose = DIAG_SCOPE_JEEAHML002UpdatedlocalSiteDiagnose = null
7510quality-ruleUse only Hibernate API to access to the databaseOperationlocalSiteCountTotal = DIAG_JEE_ANA_API_TOTALUpdatedlocalSiteCountTotal = null
7518quality-ruleAvoid missing WHEN OTHERS in CASE statementsDocumentation englishdescription = ...ment with a missing WHEN OTHERS.Updateddescription = ...ment with no or with an empty WHEN OTHERS clause.
8082quality-ruleAvoid Tables without Primary KeyDiagnosisscopeID = 400, propertyID = 140202UpdatedscopeID = 0, propertyID = 0
8082quality-ruleAvoid Tables without Primary KeyOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIA_MANY_TABNOTINPKEY
8082quality-ruleAvoid Tables without Primary KeyOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIT_MANY_TABLES
8112quality-ruleAvoid improper processing of the execution status of data handling operationsTechnologies[JEE]UpdatedAdded: [C#, VB.NET]
8116quality-ruleAvoid calling system function (CALL 'cfunc')Activationactive = false, detached = falseUpdatedactive = true
8118quality-ruleAvoid using the RFC_ABAP_INSTALL_AND_RUN functionActivationactive = false, detached = falseUpdatedactive = true
8120quality-ruleAvoid using CALL FUNCTION without error handlingActivationactive = false, detached = falseUpdatedactive = true
8120quality-ruleAvoid using CALL FUNCTION without error handlingQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 9Updatedcritical = false, weight = 8
8122quality-ruleAvoid using CALL METHOD without error handlingActivationactive = false, detached = falseUpdatedactive = true
8122quality-ruleAvoid using CALL METHOD without error handlingQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 9Updatedcritical = false, weight = 8
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Activationactive = false, detached = falseUpdatedactive = true
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Quality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = true, weight = 9Updatedcritical = false, weight = 7
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopActivationactive = false, detached = falseUpdatedactive = true
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishremediationSample = ...CT SINGLE * FROM sflight INTO ls_flight WHERE carrid EQ lv_carrid AND connid ...UpdatedremediationSample = ...CT SINGLE flnam FROM sflight INTO ls_flight WHERE carrid EQ lv_carrid AND con...
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishsample = SELECT * FROM sflight INTO ls_flight WHERE carrid EQ lv_carrid AND connid EQ l...Updatedsample = SELECT flnam FROM sflight INTO ls_flight WHERE carrid EQ lv_carrid AND connid...
8128quality-ruleAvoid using UPDATE and DELETE without WHERE conditionQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 9RemovedMissing contribution
8130quality-ruleAvoid using database hintsActivationactive = false, detached = falseUpdatedactive = true
8130quality-ruleAvoid using database hintsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 9Updatedcritical = false, weight = 7
8132quality-ruleAvoid using CHECK, EXIT,or RETURN in SELECT ... ENDSELECT loopsActivationactive = false, detached = falseUpdatedactive = true
8134quality-ruleAvoid unsorted data after SELECT queriesActivationactive = false, detached = falseUpdatedactive = true
8140quality-ruleSubscripts and iterators must be defined with BINARY usageQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 5
8140quality-ruleSubscripts and iterators must be defined with BINARY usageQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = false, weight = 3RemovedMissing contribution
8142quality-rulePrefer using indexes instead of subscriptsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 5
8142quality-rulePrefer using indexes instead of subscriptsQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = false, weight = 3RemovedMissing contribution
8144quality-ruleAvoid using INITIALIZE statement on data structuresQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)critical = false, weight = 4RemovedMissing contribution
8144quality-ruleAvoid using INITIALIZE statement on data structuresQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 5
8148quality-ruleAvoid artifacts having Incorrect Type Conversion or CastQuality Contribution to 'Complexity - Dynamic Instantiation' (61029)Missing contributionAddedcritical = true, weight = 8
8148quality-ruleAvoid artifacts having Incorrect Type Conversion or CastQuality Contribution to 'Secure Coding - Encapsulation' (66066)critical = true, weight = 8RemovedMissing contribution
8400quality-ruleAvoid having lock on this objectDefinitionMissingAddedactive = true, detached = true
8402quality-ruleAll types of a serializable class must be serializableDefinitionMissingAddedactive = true, detached = false
8402quality-ruleAll types of a serializable class must be serializableQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 5

AIP 8.2.6 - 8.3.0

This section lists the results of a comparison between a CAST AIP 8.2.6 Assessment Model and the CAST AIP 8.3.0 Assessment Model. You can download the original compare_826_830.xlsx file (which you should open in Microsoft Excel) if you prefer.

 Click here to view the results...

MetricTypeNameTopicCAST 8.2.6 Assessment ModelChangeCAST 8.3.0 Assessment Model
574quality-ruleAvoid large Methods/Functions - too many Lines of Code (C++)Definitionactive = true, detached = trueRemovedMissing
574quality-ruleAvoid large Methods/Functions - too many Lines of Code (C++)Quality Contribution to 'Volume - Number of LOC' (61023)critical = false, weight = 6RemovedMissing contribution
596quality-ruleAvoid unreferenced Classes (C++)Definitionactive = true, detached = trueRemovedMissing
596quality-ruleAvoid unreferenced Classes (C++)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
598quality-ruleAvoid unreferenced Methods (C++)Definitionactive = true, detached = trueRemovedMissing
598quality-ruleAvoid unreferenced Methods (C++)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
600quality-ruleAvoid unreferenced Data Members (C++)Definitionactive = true, detached = trueRemovedMissing
600quality-ruleAvoid unreferenced Data Members (C++)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 2RemovedMissing contribution
602quality-ruleAvoid undocumented Functions, Methods, Constructors, and Destructors (C++)Definitionactive = true, detached = trueRemovedMissing
602quality-ruleAvoid undocumented Functions, Methods, Constructors, and Destructors (C++)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 8RemovedMissing contribution
604quality-ruleAvoid undocumented Classes (C++)Definitionactive = true, detached = trueRemovedMissing
604quality-ruleAvoid undocumented Classes (C++)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 8RemovedMissing contribution
606quality-ruleAvoid Functions, Methods, Constructors, and Destructors with a very low comment/code ratio (C++)Definitionactive = true, detached = trueRemovedMissing
606quality-ruleAvoid Functions, Methods, Constructors, and Destructors with a very low comment/code ratio (C++)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 3RemovedMissing contribution
608quality-ruleAvoid Classes with a very low comment/code ratio (C++)Definitionactive = true, detached = trueRemovedMissing
608quality-ruleAvoid Classes with a very low comment/code ratio (C++)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 3RemovedMissing contribution
612quality-ruleAvoid included files including other files (C++)Definitionactive = true, detached = trueRemovedMissing
612quality-ruleAvoid included files including other files (C++)Quality Contribution to 'Programming Practices - File Organization Conformity' (61015)critical = false, weight = 6RemovedMissing contribution
614quality-ruleAvoid direct usage of database tables (C++)Definitionactive = true, detached = trueRemovedMissing
614quality-ruleAvoid direct usage of database tables (C++)Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = true, weight = 8RemovedMissing contribution
636quality-ruleAvoid Artifacts with High Fan-In (C++)Definitionactive = true, detached = trueRemovedMissing
636quality-ruleAvoid Artifacts with High Fan-In (C++)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
638quality-ruleAvoid High Response for a Class (C++)Definitionactive = true, detached = trueRemovedMissing
638quality-ruleAvoid High Response for a Class (C++)Quality Contribution to 'Volume - Number of Components' (61022)critical = false, weight = 8RemovedMissing contribution
640quality-ruleAvoid Artifacts with High Fan-Out (C++)Definitionactive = true, detached = trueRemovedMissing
640quality-ruleAvoid Artifacts with High Fan-Out (C++)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
642quality-ruleAvoid Artifacts with High Integration Complexity (C++)Definitionactive = true, detached = trueRemovedMissing
642quality-ruleAvoid Artifacts with High Integration Complexity (C++)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 6RemovedMissing contribution
644quality-ruleAvoid Classes with High Coupling Between Objects (C++)Definitionactive = true, detached = trueRemovedMissing
644quality-ruleAvoid Classes with High Coupling Between Objects (C++)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
646quality-ruleAvoid Classes with a High Lack of Cohesion (C++)Definitionactive = true, detached = trueRemovedMissing
646quality-ruleAvoid Classes with a High Lack of Cohesion (C++)Quality Contribution to 'Programming Practices - Modularity and OO Encapsulation Conformity' (61020)critical = false, weight = 7RemovedMissing contribution
648quality-ruleAvoid Classes with High Weighted Methods per Class (C++)Definitionactive = true, detached = trueRemovedMissing
648quality-ruleAvoid Classes with High Weighted Methods per Class (C++)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 6RemovedMissing contribution
650quality-ruleAvoid Classes with a High Depth of Inheritance Tree (C++)Definitionactive = true, detached = trueRemovedMissing
650quality-ruleAvoid Classes with a High Depth of Inheritance Tree (C++)Quality Contribution to 'Complexity - OO Inheritance and Polymorphism' (61010)critical = false, weight = 6RemovedMissing contribution
652quality-ruleAvoid Classes with a High Public Data Ratio (C++)Definitionactive = true, detached = trueRemovedMissing
652quality-ruleAvoid Classes with a High Public Data Ratio (C++)Quality Contribution to 'Programming Practices - Modularity and OO Encapsulation Conformity' (61020)critical = false, weight = 2RemovedMissing contribution
652quality-ruleAvoid Classes with a High Public Data Ratio (C++)Quality Contribution to 'Secure Coding - Encapsulation' (66066)critical = false, weight = 2RemovedMissing contribution
654quality-ruleAvoid Classes with a High Number Of Children (C++)Definitionactive = true, detached = trueRemovedMissing
654quality-ruleAvoid Classes with a High Number Of Children (C++)Quality Contribution to 'Complexity - OO Inheritance and Polymorphism' (61010)critical = false, weight = 5RemovedMissing contribution
656quality-ruleAvoid Functions/Methods with queries on too many Tables (C++)Definitionactive = true, detached = trueRemovedMissing
656quality-ruleAvoid Functions/Methods with queries on too many Tables (C++)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
658quality-ruleAvoid Functions/Methods with SQL statement using Group By clause (C++)Definitionactive = true, detached = trueRemovedMissing
658quality-ruleAvoid Functions/Methods with SQL statement using Group By clause (C++)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
660quality-ruleAvoid Functions/Methods with SQL statement including Subqueries (C++)Definitionactive = true, detached = trueRemovedMissing
660quality-ruleAvoid Functions/Methods with SQL statement including Subqueries (C++)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
662quality-ruleAvoid Functions/Methods with a complex SELECT clause (C++)Definitionactive = true, detached = trueRemovedMissing
662quality-ruleAvoid Functions/Methods with a complex SELECT clause (C++)Quality Contribution to 'Complexity - SQL Queries' (61011)critical = false, weight = 6RemovedMissing contribution
664quality-ruleAvoid Functions/Methods with High RAW SQL Complexity (C++)Definitionactive = true, detached = trueRemovedMissing
664quality-ruleAvoid Functions/Methods with High RAW SQL Complexity (C++)Quality Contribution to 'Complexity - SQL Queries' (61011)critical = false, weight = 6RemovedMissing contribution
666quality-ruleAvoid Artifacts with High Cyclomatic Complexity (C++)Definitionactive = true, detached = trueRemovedMissing
666quality-ruleAvoid Artifacts with High Cyclomatic Complexity (C++)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 8RemovedMissing contribution
668quality-ruleAvoid Artifacts with High Essential Complexity (C++)Definitionactive = true, detached = trueRemovedMissing
668quality-ruleAvoid Artifacts with High Essential Complexity (C++)Quality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 7RemovedMissing contribution
670quality-ruleAvoid artifacts with too many parameters (C++)Definitionactive = true, detached = trueRemovedMissing
670quality-ruleAvoid artifacts with too many parameters (C++)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 4RemovedMissing contribution
672quality-ruleAvoid Artifacts with lines longer than 80 characters (C++)Definitionactive = true, detached = trueRemovedMissing
672quality-ruleAvoid Artifacts with lines longer than 80 characters (C++)Quality Contribution to 'Documentation - Style Conformity' (61006)critical = false, weight = 3RemovedMissing contribution
674quality-ruleAvoid Artifacts with High Depth of Code (C++)Definitionactive = true, detached = trueRemovedMissing
674quality-ruleAvoid Artifacts with High Depth of Code (C++)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 6RemovedMissing contribution
676quality-ruleAvoid Classes with a High Lack of Cohesion - variant (C++)Definitionactive = true, detached = trueRemovedMissing
676quality-ruleAvoid Classes with a High Lack of Cohesion - variant (C++)Quality Contribution to 'Programming Practices - Modularity and OO Encapsulation Conformity' (61020)critical = false, weight = 7RemovedMissing contribution
680quality-ruleAvoid Dynamic SQL Objects With Queries on more than 4 Tables (C++)Definitionactive = true, detached = trueRemovedMissing
680quality-ruleAvoid Dynamic SQL Objects With Queries on more than 4 Tables (C++)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1056quality-ruleAvoid large Functions - too many Lines of Code (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1056quality-ruleAvoid large Functions - too many Lines of Code (C Lang.)Quality Contribution to 'Volume - Number of LOC' (61023)critical = false, weight = 6RemovedMissing contribution
1064quality-ruleAvoid Artifacts with lines longer than 80 characters (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1064quality-ruleAvoid Artifacts with lines longer than 80 characters (C Lang.)Quality Contribution to 'Documentation - Style Conformity' (61006)critical = false, weight = 3RemovedMissing contribution
1068quality-ruleAvoid Includes in Header Files (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1068quality-ruleAvoid Includes in Header Files (C Lang.)Quality Contribution to 'Programming Practices - File Organization Conformity' (61015)critical = false, weight = 6RemovedMissing contribution
1076quality-ruleAvoid undocumented Functions (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1076quality-ruleAvoid undocumented Functions (C Lang.)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 8RemovedMissing contribution
1080quality-ruleAvoid Functions and Methods with a very low comment/code ratioDefinitionactive = true, detached = trueRemovedMissing
1080quality-ruleAvoid Functions and Methods with a very low comment/code ratioQuality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 3RemovedMissing contribution
1086quality-ruleAvoid unreferenced Data Members (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1086quality-ruleAvoid unreferenced Data Members (C Lang.)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 2RemovedMissing contribution
1088quality-ruleAvoid unreferenced Functions (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1088quality-ruleAvoid unreferenced Functions (C Lang.)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
1096quality-ruleAvoid direct usage of database Tables (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1096quality-ruleAvoid direct usage of database Tables (C Lang.)Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = true, weight = 8RemovedMissing contribution
1100quality-ruleNever use strcat() function (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1100quality-ruleNever use strcat() function (C Lang.)Quality Contribution to 'Secure Coding - API Abuse' (66063)critical = false, weight = 7RemovedMissing contribution
1102quality-ruleAvoid Artifacts with High Fan-In (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1102quality-ruleAvoid Artifacts with High Fan-In (C Lang.)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
1104quality-ruleAvoid Artifacts with High Fan-Out (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1104quality-ruleAvoid Artifacts with High Fan-Out (C Lang.)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
1106quality-ruleAvoid Artifacts with High Integration Complexity (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1106quality-ruleAvoid Artifacts with High Integration Complexity (C Lang.)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 6RemovedMissing contribution
1108quality-ruleAvoid Functions with queries on too many Tables (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1108quality-ruleAvoid Functions with queries on too many Tables (C Lang.)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1110quality-ruleAvoid Functions with SQL statement including Subqueries (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1110quality-ruleAvoid Functions with SQL statement including Subqueries (C Lang.)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1112quality-ruleAvoid Functions with SQL statement using Group By clause (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1112quality-ruleAvoid Functions with SQL statement using Group By clause (C Lang.)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1114quality-ruleAvoid Functions with High RAW SQL Complexity (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1114quality-ruleAvoid Functions with High RAW SQL Complexity (C Lang.)Quality Contribution to 'Complexity - SQL Queries' (61011)critical = false, weight = 6RemovedMissing contribution
1116quality-ruleAvoid Functions with a complex SELECT clause (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1116quality-ruleAvoid Functions with a complex SELECT clause (C Lang.)Quality Contribution to 'Complexity - SQL Queries' (61011)critical = false, weight = 6RemovedMissing contribution
1118quality-ruleAvoid Artifacts with High Cyclomatic Complexity (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1118quality-ruleAvoid Artifacts with High Cyclomatic Complexity (C Lang.)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 8RemovedMissing contribution
1120quality-ruleAvoid artifacts with too many parameters (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1120quality-ruleAvoid artifacts with too many parameters (C Lang.)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 4RemovedMissing contribution
1122quality-ruleAvoid Artifacts with High Depth of Code (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1122quality-ruleAvoid Artifacts with High Depth of Code (C Lang.)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 6RemovedMissing contribution
1124quality-ruleAvoid Artifacts with High Essential Complexity (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1124quality-ruleAvoid Artifacts with High Essential Complexity (C Lang.)Quality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 7RemovedMissing contribution
1126quality-ruleAvoid Dynamic SQL Objects With Queries on more than 4 Tables (C Lang.)Definitionactive = true, detached = trueRemovedMissing
1126quality-ruleAvoid Dynamic SQL Objects With Queries on more than 4 Tables (C Lang.)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1550quality-ruleTable naming convention - prefix control (PL/SQL Oracle)Definitionactive = false, detached = trueRemovedMissing
1550quality-ruleTable naming convention - prefix control (PL/SQL Oracle)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1552quality-ruleView naming convention - prefix control (PL/SQL Oracle)Definitionactive = false, detached = trueRemovedMissing
1552quality-ruleView naming convention - prefix control (PL/SQL Oracle)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1554quality-ruleStored Procedure naming convention - prefix control (PL/SQL Oracle)Definitionactive = false, detached = trueRemovedMissing
1554quality-ruleStored Procedure naming convention - prefix control (PL/SQL Oracle)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1556quality-ruleFunction naming convention - prefix control (PL/SQL Oracle)Definitionactive = false, detached = trueRemovedMissing
1556quality-ruleFunction naming convention - prefix control (PL/SQL Oracle)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1566quality-ruleTrigger naming convention - prefix control (PL/SQL Oracle)Definitionactive = false, detached = trueRemovedMissing
1566quality-ruleTrigger naming convention - prefix control (PL/SQL Oracle)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1584quality-ruleAvoid Artifacts with too many lines of code (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1584quality-ruleAvoid Artifacts with too many lines of code (PL/SQL Oracle)Quality Contribution to 'Volume - Number of LOC' (61023)critical = false, weight = 6RemovedMissing contribution
1586quality-ruleAvoid using GOTO statement (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1586quality-ruleAvoid using GOTO statement (PL/SQL Oracle)Quality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 7RemovedMissing contribution
1628quality-ruleAvoid unreferenced functions, procedures and package functions & procedures (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1628quality-ruleAvoid unreferenced functions, procedures and package functions & procedures (PL/SQL Oracle)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
1634quality-ruleAvoid unreferenced TablesTechnologies[DB2 Server, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL Analyzer]
1636quality-ruleAvoid Artifacts with High Fan-In (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1636quality-ruleAvoid Artifacts with High Fan-In (PL/SQL Oracle)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
1638quality-ruleAvoid Artifacts with High Integration Complexity (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1638quality-ruleAvoid Artifacts with High Integration Complexity (PL/SQL Oracle)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 6RemovedMissing contribution
1640quality-ruleAvoid Artifacts with High Fan-Out (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1640quality-ruleAvoid Artifacts with High Fan-Out (PL/SQL Oracle)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
1642quality-ruleAvoid Functions/Procedures with queries on too many Tables (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1642quality-ruleAvoid Functions/Procedures with queries on too many Tables (PL/SQL Oracle)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1644quality-ruleAvoid Functions/Procedures/Triggers with a complex SELECT clause (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1644quality-ruleAvoid Functions/Procedures/Triggers with a complex SELECT clause (PL/SQL Oracle)Quality Contribution to 'Complexity - SQL Queries' (61011)critical = false, weight = 6RemovedMissing contribution
1646quality-ruleAvoid Functions/Procedures with SQL statement using Group By clause (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1646quality-ruleAvoid Functions/Procedures with SQL statement using Group By clause (PL/SQL Oracle)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1648quality-ruleAvoid Functions/Procedures with SQL statement including Subqueries (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1648quality-ruleAvoid Functions/Procedures with SQL statement including Subqueries (PL/SQL Oracle)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1650quality-ruleAvoid PL/SQL Artifacts with High RAW SQL Complexity (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1650quality-ruleAvoid PL/SQL Artifacts with High RAW SQL Complexity (PL/SQL Oracle)Quality Contribution to 'Complexity - SQL Queries' (61011)critical = false, weight = 6RemovedMissing contribution
1652quality-ruleAvoid Artifacts with High Cyclomatic Complexity (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1652quality-ruleAvoid Artifacts with High Cyclomatic Complexity (PL/SQL Oracle)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 8RemovedMissing contribution
1654quality-ruleAvoid Artifacts with High Essential Complexity (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1654quality-ruleAvoid Artifacts with High Essential Complexity (PL/SQL Oracle)Quality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 7RemovedMissing contribution
1656quality-ruleAvoid artifacts with too many parameters (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1656quality-ruleAvoid artifacts with too many parameters (PL/SQL Oracle)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 4RemovedMissing contribution
1658quality-ruleAvoid Artifacts with lines longer than 80 characters (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1658quality-ruleAvoid Artifacts with lines longer than 80 characters (PL/SQL Oracle)Quality Contribution to 'Documentation - Style Conformity' (61006)critical = false, weight = 3RemovedMissing contribution
1660quality-ruleAvoid Artifacts with High Depth of Code (PL/SQL Oracle)Definitionactive = true, detached = trueRemovedMissing
1660quality-ruleAvoid Artifacts with High Depth of Code (PL/SQL Oracle)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 6RemovedMissing contribution
2240quality-ruleAvoid unreferenced JavaScript Functions (JEE)Definitionactive = true, detached = trueRemovedMissing
2240quality-ruleAvoid unreferenced JavaScript Functions (JEE)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
2246quality-ruleAvoid undocumented JavaScript Functions (JSP)Definitionactive = true, detached = trueRemovedMissing
2246quality-ruleAvoid undocumented JavaScript Functions (JSP)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 8RemovedMissing contribution
2250quality-ruleAvoid JavaScript Functions having a very low Comment/Code ratio (JSP)Definitionactive = true, detached = trueRemovedMissing
2250quality-ruleAvoid JavaScript Functions having a very low Comment/Code ratio (JSP)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 3RemovedMissing contribution
2252quality-ruleAvoid direct access to database Tables (JSP)Definitionactive = true, detached = trueRemovedMissing
2252quality-ruleAvoid direct access to database Tables (JSP)Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = true, weight = 8RemovedMissing contribution
2256quality-ruleAvoid direct access to database Procedures/Functions (JSP)Definitionactive = true, detached = trueRemovedMissing
2256quality-ruleAvoid direct access to database Procedures/Functions (JSP)Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = false, weight = 8RemovedMissing contribution
2290quality-ruleAvoid Artifacts with High Fan-In (JSP)Definitionactive = true, detached = trueRemovedMissing
2290quality-ruleAvoid Artifacts with High Fan-In (JSP)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
2292quality-ruleAvoid Artifacts with High Fan-Out (JSP)Definitionactive = true, detached = trueRemovedMissing
2292quality-ruleAvoid Artifacts with High Fan-Out (JSP)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 4RemovedMissing contribution
2294quality-ruleAvoid Artifacts with High Integration Complexity (JSP)Definitionactive = true, detached = trueRemovedMissing
2294quality-ruleAvoid Artifacts with High Integration Complexity (JSP)Quality Contribution to 'Architecture - Object-level Dependencies' (61013)critical = false, weight = 6RemovedMissing contribution
2296quality-ruleAvoid Artifacts with High Cyclomatic Complexity (JSP)Definitionactive = true, detached = trueRemovedMissing
2296quality-ruleAvoid Artifacts with High Cyclomatic Complexity (JSP)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 8RemovedMissing contribution
2298quality-ruleAvoid Artifacts with lines longer than 80 characters (JSP)Definitionactive = true, detached = trueRemovedMissing
2298quality-ruleAvoid Artifacts with lines longer than 80 characters (JSP)Quality Contribution to 'Documentation - Style Conformity' (61006)critical = false, weight = 3RemovedMissing contribution
2300quality-ruleAvoid artifacts with too many parameters (JSP)Definitionactive = true, detached = trueRemovedMissing
2300quality-ruleAvoid artifacts with too many parameters (JSP)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 4RemovedMissing contribution
2302quality-ruleAvoid Artifacts with High Essential Complexity (JSP)Definitionactive = true, detached = trueRemovedMissing
2302quality-ruleAvoid Artifacts with High Essential Complexity (JSP)Quality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 7RemovedMissing contribution
2304quality-ruleAvoid Artifacts with High Depth of Code (JSP)Definitionactive = true, detached = trueRemovedMissing
2304quality-ruleAvoid Artifacts with High Depth of Code (JSP)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 6RemovedMissing contribution
2550quality-ruleClass Naming convention - character set and case control (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2550quality-ruleClass Naming convention - character set and case control (Visual Basic)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 2RemovedMissing contribution
2556quality-ruleForm Naming convention - prefix control (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2556quality-ruleForm Naming convention - prefix control (Visual Basic)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 2RemovedMissing contribution
2604quality-ruleAvoid undocumented Functions and Methods (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2604quality-ruleAvoid undocumented Functions and Methods (Visual Basic)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 8RemovedMissing contribution
2610quality-ruleAvoid Classes with a very low comment/code ratio (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2610quality-ruleAvoid Classes with a very low comment/code ratio (Visual Basic)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 3RemovedMissing contribution
2612quality-ruleAvoid Direct usage of database Tables (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2612quality-ruleAvoid Direct usage of database Tables (Visual Basic)Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = true, weight = 8RemovedMissing contribution
2614quality-ruleAvoid undocumented Classes (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2614quality-ruleAvoid undocumented Classes (Visual Basic)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 8RemovedMissing contribution
2628quality-ruleUnreferenced Classes (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2628quality-ruleUnreferenced Classes (Visual Basic)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
2630quality-ruleUnreferenced Functions and Methods (Visual Basic)Definitionactive = true, detached = trueRemovedMissing
2630quality-ruleUnreferenced Functions and Methods (Visual Basic)Quality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
2632quality-ruleAvoid Artifacts with High Fan-In (Visual Basic)