Assessment Model updates

Summary: This pages lists the changes made to the "core" AIP Assessment Model between successive releases.

AIP 8.3.54 - 8.3.55

No changes.

AIP 8.3.53 - 8.3.54

This section lists the results of a comparison between a CAST AIP 8.3.53 Assessment Model and a CAST AIP 8.3.54 Assessment Model. You can download the original compare_8353_8354.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.53 Assessment ModelChangeCAST 8.3.54 Assessment Model
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishdescription = ...es should not call more than X times the + Method. \n\n However: \n * This does not...Updateddescription = ...es should resort to using "StringBuilder" or "StringBuffer" instead of "+" or "c...
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishrationale = String concatenation resolved at runtime is much slower than using StringBuffer.Updatedrationale = Prior to Java 9, the quickest way of concatenating String in Java is by using c...
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishreference = ...ttp://www.precisejava.com/javaperf/j2se/StringAndStringBuffer.htm#Strings104 \nht...Updatedreference = ...ttp://www.oracle.com/technetwork/java/javase/6u18-142093.html\nhttps://javapapers...
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishremediation = Use StringBuffer and StringBuffer.append() method insteadUpdatedremediation = Prior to Java 9, use StringBuffer and StringBuffer.append() method instead
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishsample = String result = "hello";\nresult += " John";\nresult += " Smith"; // VIOLATION if ...Updatedsample = Sample 1: \nString result = "hello";\nresult += " John";\nresult += " Smith"; // VI...
7344quality-ruleAvoid "SELECT *" queriesDocumentation englishdescription = ...ieves the artifacts containing queries using the "SELECT *" statement.Updateddescription = ...ieves the SQL artifacts containing queries using the "SELECT *" statement. This ...

AIP 8.3.52 - 8.3.53

No changes.

AIP 8.3.51 - 8.3.52

No changes.

AIP 8.3.50 - 8.3.51

This section lists the results of a comparison between a CAST AIP 8.3.50 Assessment Model and a CAST AIP 8.3.51 Assessment Model. You can download the original compare_8350_8351.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.50 Assessment ModelChangeCAST 8.3.51 Assessment Model
8022quality-ruleAvoid hiding attributesParameter #2: Types or sub-classes to excludevalues(JEE) = [org.apache.log4j.Logger, org.apache.commons.logging.Log]Updatedvalues(JEE) = [org.apache.logging.log4j.core.Logger, org.apache.log4j.Logger, org.apache.commons.logging.Log, org.apache.logging.log4j.Logger]

AIP 8.3.49 - 8.3.50

No changes.

AIP 8.3.48 - 8.3.49

No changes.

AIP 8.3.47 - 8.3.48

This section lists the results of a comparison between a CAST AIP 8.3.47 Assessment Model and a CAST AIP 8.3.48 Assessment Model. You can download the original compare_8347_8348.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.47 Assessment ModelChangeCAST 8.3.48 Assessment Model
4576quality-ruleProvide accessors to Private FieldsDiagnosisscopeID = 559, propertyID = 141004UpdatedscopeID = 0, propertyID = 0
4576quality-ruleProvide accessors to Private FieldsDocumentation englishdescription = ...ic fields.\n\n Accessors are identified using the following java bean naming conve...Updateddescription = ...ic fields. \n\n Accessors are identified using the following java bean naming conv...
4576quality-ruleProvide accessors to Private FieldsDocumentation englishrationale = ...accessors.\n\nThe only exception is injected fields of classes which are managed b...Updatedrationale = ...accessors. \n\nThe only exception is injected fields of classes which are managed ...
4576quality-ruleProvide accessors to Private FieldsDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
4576quality-ruleProvide accessors to Private FieldsOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVABEST014
4576quality-ruleProvide accessors to Private FieldsOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_PRIV_FIELD_TOTAL
4592quality-ruleAvoid hiding static MethodsDiagnosisscopeID = 557, propertyID = 140910UpdatedscopeID = 0, propertyID = 0
4592quality-ruleAvoid hiding static MethodsDocumentation englishassociatedValueName = Number of violation occurrencesUpdatedassociatedValueName = Associated Value
4592quality-ruleAvoid hiding static MethodsDocumentation englishdescription = ... allowed. \nThis Quality Rule retrieves all static methods that are redefined in ...Updateddescription = ... allowed. This Quality Rule retrieves all static methods that are redefined in s...
4592quality-ruleAvoid hiding static MethodsDocumentation englishoutput = Associated to each violation, the following information is provided:\n- The numbe...Updatedoutput = This report lists all hidden Static Methods. It provides the following informati...
4592quality-ruleAvoid hiding static MethodsDocumentation englishrationale = ... stability of the application.\n\nExcept for class derives from “javax.swing.plaf....Updatedrationale = ... stability of the application.
4592quality-ruleAvoid hiding static MethodsDocumentation englishreference = https://coderanch.com/wiki/659959/Overriding-Hiding\nhttps://coderanch.com/t/3800...Updatedreference = http://faq.javaranch.com/view?OverridingVsHiding
4592quality-ruleAvoid hiding static MethodsDocumentation englishremediation = ...eview the design of the Method.\nSimply not override the static (class) methods.Updatedremediation = ...eview the design of the Method
4592quality-ruleAvoid hiding static MethodsDocumentation englishremediationSample = class Foo {\n public static void classMethod() {\n System.out.println("c...RemovedMissing
4592quality-ruleAvoid hiding static MethodsDocumentation englishsample = class Foo {\n public static void classMethod() {\n System.out.println("c...RemovedMissing
4592quality-ruleAvoid hiding static MethodsDocumentation englishtotal = Number of methods.Updatedtotal = The total procedure counts the number of static methods.
4592quality-ruleAvoid hiding static MethodsDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
4592quality-ruleAvoid hiding static MethodsOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVABEST022
4592quality-ruleAvoid hiding static MethodsOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_ANA_CLASS_MET_TOTAL
4594quality-ruleAvoid using 'java.io.File'Documentation englishdescription = ...on Server to avoid any kind of dependencies with deployment environment of your ...Updateddescription = ...on Server (when web.xml or ejb-jar.xml file are present)
4594quality-ruleAvoid using 'java.io.File'Documentation englishrationale = ...e the application is deployed.\n\nAlso, a program violates the Enterprise JavaBean...Updatedrationale = ...e the application is deployed.
4594quality-ruleAvoid using 'java.io.File'Documentation englishreference = https://cwe.mitre.org/data/definitions/576.html\n\nhttps://cwe.mitre.org/data/defi...RemovedMissing
4594quality-ruleAvoid using 'java.io.File'Documentation englishsample = File f = new File(request.getParameter("fileName"))\n\n---------------\n\nFile f = n...RemovedMissing
4602quality-ruleAvoid using Fields (non static final) from other ClassesDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 559, propertyID = 140947
4602quality-ruleAvoid using Fields (non static final) from other ClassesDiagnosisdiagnosisValueType = objectUpdateddiagnosisValueType = integer
4602quality-ruleAvoid using Fields (non static final) from other ClassesOperationlocalSiteDiagnose = DIAG_SCOPE_JAVABEST027UpdatedlocalSiteDiagnose = null
4602quality-ruleAvoid using Fields (non static final) from other ClassesOperationlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTALUpdatedlocalSiteCountTotal = null
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDiagnosisscopeID = 558, propertyID = 140899UpdatedscopeID = 0, propertyID = 0
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVAPERF010
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTAL
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDiagnosisscopeID = 558, propertyID = 140899UpdatedscopeID = 0, propertyID = 0
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishassociatedValueName = Number of violation occurrencesUpdatedassociatedValueName = Associated Value
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishdescription = Throwable.printStackTrace(...) prints a Throwable and its stack trace to some st...Updateddescription = 'Throwable.printStackTrace()' should not be used outside a try catch block.
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishname = ...kTrace()' with no argumentUpdatedname = ...kTrace()' outside a try catch block
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishoutput = Associated to each violation, the following information is provided:\n- The numbe...Updatedoutput = This report lists all Java artifacts using 'Throwable.printStackTrace()' outside...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishrationale = ...kTrace()' usually means that it is used to log the stack of errors, which has th...Updatedrationale = ...kTrace()' outside a catch block usually means that it is used to log the stack o...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishreference = http://cwe.mitre.org/data/definitions/489.html\nOWASP Top 10 2017 Category A3 - S...RemovedMissing
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishremediation = Loggers should be used instead to print Throwables, as they have many advantages...RemovedMissing
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDocumentation englishsample = public static void main(String[] args){\n try {\n test();\n } catch (U...RemovedMissing
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVAPERF011
4702quality-ruleAvoid using 'Throwable.printStackTrace()' outside a try catch blockOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTAL
7200quality-ruleAvoid String concatenation in loops (JEE)DiagnosisscopeID = 1022002, propertyID = 140948UpdatedscopeID = 0, propertyID = 0
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishdescription = ...reported.\n \n Note that the JVM is optimizing code such as System.out.println("...Updateddescription = ...reported.\n\nNote that the JVM is optimizing code such as System.out.println("x:"+...
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishoutput = ...in loops.\n It provides the following information:\n Method full nameUpdatedoutput = ...in loops.\nIt provides the following information:\n Method full name
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishremediationSample = ..."hello");\n for (int i = 0; i < 1500; i++) {\n result.append("hello"); // FI...UpdatedremediationSample = ..."hello");\nfor (int i = 0; i < 1500; i++) {\n result.append("hello"); // FIXED\n...
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishsample = ... "hello";\n for (int i = 0; i < 1500; i++) {\n result += "hello"; // VIOLATI...Updatedsample = ... "hello";\nfor (int i = 0; i < 1500; i++) {\n result += "hello"; // VIOLATION\n}
7200quality-ruleAvoid String concatenation in loops (JEE)DiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7200quality-ruleAvoid String concatenation in loops (JEE)OperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM002
7200quality-ruleAvoid String concatenation in loops (JEE)OperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTAL
7202quality-ruleCheck usage of '==' and '!=' on objectsDiagnosisscopeID = 1022004, propertyID = 140955UpdatedscopeID = 0, propertyID = 0
7202quality-ruleCheck usage of '==' and '!=' on objectsDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7202quality-ruleCheck usage of '==' and '!=' on objectsOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM003
7202quality-ruleCheck usage of '==' and '!=' on objectsOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_NA_METH_CTOR_TOTAL
7210quality-ruleAvoid instantiations inside loopsDocumentation englishrationale = ...iples is to Avoid excessive object creation. This doesn't mean that you should g...Updatedrationale = ...iples is this: Avoid excessive object creation. This doesn't mean that you shoul...
7210quality-ruleAvoid instantiations inside loopsDocumentation englishtotal = Number of non abstract Java ArtifactsUpdatedtotal = Total number of methods and constructors
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishdescription = This rule detects all cases where this is - directly or not - referenced in a co...Updateddescription = This metric will detect all cases where this is - directly or not - referenced i...
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishtotal = Number of constructorsUpdatedtotal = the total procedure counts all constructors
7446quality-ruleAvoid double checked lockingDocumentation englishassociatedValueName = Number of violation occurrencesUpdatedassociatedValueName = Associated Value
7446quality-ruleAvoid double checked lockingDocumentation englishdescription = Double checked locking is a software design pattern used to reduce locking overh...Updateddescription = For JSE 4.x and previous version, all methods that are not synchronized and that...
7446quality-ruleAvoid double checked lockingDocumentation englishname = Avoid double checked locking for JSE 4.x and previous versionUpdatedname = Avoid double checked locking
7446quality-ruleAvoid double checked lockingDocumentation englishoutput = Associated to each violation, the following information is provided:\n- The numbe...Updatedoutput = This report lists all Methods that use double checked locking pattern.\nIt provid...
7446quality-ruleAvoid double checked lockingDocumentation englishrationale = Double-checked locking refers to the situation where a programmer checks to see ...Updatedrationale = Double checked locking is a software design pattern used to reduce locking overh...
7446quality-ruleAvoid double checked lockingDocumentation englishreference = https://cwe.mitre.org/data/definitions/609.html\nhttp://www.cs.umd.edu/~pugh/java...Updatedreference = http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html\nhttp://ww...
7446quality-ruleAvoid double checked lockingDocumentation englishtotal = Number of methods that are synchronized or use the synchronized keywordUpdatedtotal = The total will be the total of methods that are synchronized or use the synchron...
7446quality-ruleAvoid double checked lockingDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7492quality-ruleAvoid many-to-many associationDiagnosisscopeID = 1022005, propertyID = 140999UpdatedscopeID = 0, propertyID = 0
7492quality-ruleAvoid many-to-many associationDocumentation englishdescription = This rule reports all Hibernate or JPA Entities that use many-to-many associatio...Updateddescription = Reports all Hibernate or JPA Entities that use many-to-many association.
7492quality-ruleAvoid many-to-many associationDocumentation englishname = Avoid Hibernate and JPA Entities using many-to-many association.Updatedname = Avoid many-to-many association
7492quality-ruleAvoid many-to-many associationOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JEEAHML001
7492quality-ruleAvoid many-to-many associationOperationlocalSiteCountViolations = countUpdatedlocalSiteCountViolations = count-distinct
7492quality-ruleAvoid many-to-many associationOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JEE_HIBE_ASSO_TOTAL
7504quality-rulePersistent classes should Implement hashCode() and equals()DiagnosisscopeID = 532, propertyID = 140963UpdatedscopeID = 0, propertyID = 0
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishreference = ...tive-java-equals-and-hashcode/\n\nhttps://projectlombok.org/features/EqualsAndHash...Updatedreference = ...tive-java-equals-and-hashcode/
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishremediation = ...the case. \nIf it is not the case, we recommend implementing it anyway to avoid i...Updatedremediation = ...the case. If it is not the case, we recommend implementing it anyway to avoid is...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishremediationSample = ... hashCode() {\n ...\n }\n}\n\n// Use lombock annotation @EqualsAndHashCode;\n--...UpdatedremediationSample = ... hashCode() {\n ...\n }\n}
7504quality-rulePersistent classes should Implement hashCode() and equals()DiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7504quality-rulePersistent classes should Implement hashCode() and equals()OperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JEEUB002
7504quality-rulePersistent classes should Implement hashCode() and equals()OperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JEE_PERSISTCLS_TOTAL
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDiagnosisscopeID = 1022003, propertyID = 140954UpdatedscopeID = 0, propertyID = 0
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7652quality-ruleAvoid throwing an exception in a catch block without chaining itOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVAPPEE002
7652quality-ruleAvoid throwing an exception in a catch block without chaining itOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JAVA_CTORCATCH_TOTAL
7706quality-ruleAvoid table and column names that are too long (portability)DiagnosisscopeID = 1022001, propertyID = 140927UpdatedscopeID = 0, propertyID = 0
7706quality-ruleAvoid table and column names that are too long (portability)DiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7706quality-ruleAvoid table and column names that are too long (portability)OperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JEEAOPI002
7706quality-ruleAvoid table and column names that are too long (portability)OperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JEE_ENTPRPS_TOTAL
7714quality-ruleDo not use auto-wiringDiagnosisscopeID = 529, propertyID = 140919UpdatedscopeID = 0, propertyID = 0
7714quality-ruleDo not use auto-wiringDocumentation englishreference = https://blog.marcnuri.com/field-injection-is-not-recommended/\nhttps://howtodoinj...Updatedreference = http://www.onjava.com/pub/a/onjava/2006/01/25/spring-xml-configuration-best-prac...
7714quality-ruleDo not use auto-wiringDocumentation englishremediationSample = ...yBean"/> // FIXED\n...\n</beans>\n\n@Service\npublic class ModuleManagementService {\n...UpdatedremediationSample = ...yBean"/> // FIXED\n...\n</beans>
7714quality-ruleDo not use auto-wiringDocumentation englishsample = ...n"/> // VIOLATION\n...\n</beans>\n\n\n\nimport org.springframework.stereotype.Componen...Updatedsample = ...n"/> // VIOLATION\n...\n</beans>
7714quality-ruleDo not use auto-wiringDocumentation englishtotal = Number of Spring beanUpdatedtotal = The total number of Spring bean, 0 if Spring is not used
7714quality-ruleDo not use auto-wiringDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7714quality-ruleDo not use auto-wiringOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JEEARUSE004
7714quality-ruleDo not use auto-wiringOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JEE_SPRINGBEAN_TOTAL
7730quality-ruleUse declarative transactionDiagnosisscopeID = 531, propertyID = 140920UpdatedscopeID = 0, propertyID = 0
7730quality-ruleUse declarative transactionDocumentation englishdescription = The Bean Provider can choose between using programmatic transaction demarcation ...Updateddescription = When EJB Session and/or Message Driven Beans exist, this Quality Rule reports al...
7730quality-ruleUse declarative transactionDocumentation englishremediationSample = use container-managed transaction demarcation (@Transactional Annotation or Conf...RemovedMissing
7730quality-ruleUse declarative transactionDocumentation englishsample = programmatic transaction demarcation:\nsample 1:\n@Stateless\n@TransactionManagemen...RemovedMissing
7730quality-ruleUse declarative transactionDocumentation englishtotal = Number of Java Methods and Constructors (including generic methods and generic c...Updatedtotal = The number of Java Methods and Constructors when EJB Session and/or EJB Message ...
7730quality-ruleUse declarative transactionDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7730quality-ruleUse declarative transactionOperationlocalSiteDiagnose = nullUpdatedlocalSiteDiagnose = DIAG_SCOPE_JAVAPPUB004
7730quality-ruleUse declarative transactionOperationlocalSiteCountTotal = nullUpdatedlocalSiteCountTotal = DIAG_JEE_METBEAN_TOTAL
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishassociatedValueName = Number of violation occurrencesUpdatedassociatedValueName = Associated Value
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishdescription = ...methods accessing the closed SQL connections or data streams which are not valid...Updateddescription = ...methods acessing the closed SQL connections or data streams which are not valid....
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishname = Expired or Released Resource should not be usedUpdatedname = CWE-672: Expired or Released Resource should not be used
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishoutput = Associated to each violation, the following information is provided:\n- The numbe...Updatedoutput = This report lists all methods that access the closed SQL connections or data str...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishrationale = When a resource is released it might not be in an expected state, later attempts...Updatedrationale = This mainly comes from an incorrect code that by mistake access the invalid reso...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishreference = ....org/data/definitions/672.html\nASCSM-CWE-672: Expired or Released Resource UsageUpdatedreference = ....org/data/definitions/672.html
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishremediation = ...should be called before closing the application.Updatedremediation = ...should be always before closing the application.
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishremediationSample = ...sing a connection");\n connection.close();\n}UpdatedremediationSample = ...sing a conection");\n connection.close();\n}
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishsample = ...sing a connection");\n connection.close();\n\n connection.prepareStatemen...Updatedsample = ...sing a conection");\n connection.close();\n System.out.println("Connecti...
8214quality-ruleCWE-672: Expired or Released Resource should not be usedDocumentation englishtotal = ...hods that have invalid access to the database resource in the bodyUpdatedtotal = ...hods that open a database resource in the body
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDocumentation englishassociatedValueName = Number of violation occurrencesUpdatedassociatedValueName = Associated Value
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDocumentation englishdescription = This rule reports all incorrect numeric type conversions which may produce unexp...Updateddescription = Reports all incorrect numeric type conversions which may produce unexpected resu...
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDocumentation englishname = Avoid using incompatible mutationUpdatedname = CWE-681: Avoid numerical data corruption during incompatible mutation
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDocumentation englishoutput = Associated to each violation, the following information is provided:\n- The numbe...Updatedoutput = Reports all incorrect numeric type conversions which may produce unexpected resu...
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDocumentation englishtotal = Number of Java artifacts that can reference an incompatible mutation which inclu...Updatedtotal = All artifacts that reference a incompatible mutation
1020950quality-ruleAvoid providing password in Web Service URLQuality Contribution to 'Secure Coding - API Abuse' (66063)critical = true, weight = 7RemovedMissing contribution
1022000quality-ruleAvoid using weak encryption algorithm as DES and triple DESQuality Contribution to 'Secure Coding - Weak Security Features' (66064)critical = true, weight = 9RemovedMissing contribution
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Quality Contribution to 'Secure Coding - Weak Security Features' (66064)critical = true, weight = 9RemovedMissing contribution
1020950quality-ruleAvoid providing password in Web Service URLDefinitionactive = true, detached = falseRemovedMissing
1022000quality-ruleAvoid using weak encryption algorithm as DES and triple DESDefinitionactive = true, detached = falseRemovedMissing
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Definitionactive = true, detached = falseRemovedMissing

AIP 8.3.46 - 8.3.47

No changes.

AIP 8.3.45 - 8.3.46

This section lists the results of a comparison between a CAST AIP 8.3.45 Assessment Model and a CAST AIP 8.3.46 Assessment Model. You can download the original compare_8345_8346.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.45 Assessment ModelChangeCAST 8.3.46 Assessment Model
7934quality-ruleAvoid Superclass (or Interface) knowing Subclass (or Interface)Technologies[ABAP, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedAdded: [C++]

AIP 8.3.44 - 8.3.45

This section lists the results of a comparison between a CAST AIP 8.3.44 Assessment Model and a CAST AIP 8.3.45 Assessment Model. You can download the original compare_8344_8345.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.44 Assessment ModelChangeCAST 8.3.45 Assessment Model
60015business-criterionSEI MaintainabilityDefinitionactive = true, detached = falseRemovedMissing
61016technical-criterionMaintainability Indexes (SEI)Activationactive = true, detached = falseUpdatedactive = false
62003quality-measureSEI Maintainability Index 3Activationactive = true, detached = falseUpdatedactive = false
62004quality-measureSEI Maintainability Index 4Activationactive = true, detached = falseUpdatedactive = false

AIP 8.3.43 - 8.3.44

This section lists the results of a comparison between a CAST AIP 8.3.43 Assessment Model and a CAST AIP 8.3.44 Assessment Model. You can download the original compare_8343_8344.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.43 Assessment ModelChangeCAST 8.3.44 Assessment Model
1020950quality-ruleAvoid providing password in Web Service URLQuality Contribution to 'Secure Coding - API Abuse' (66063)Missing contributionAddedcritical = true, weight = 7
1020950quality-ruleAvoid providing password in Web Service URLQuality Contribution to 'Secure Coding - Encapsulation' (66066)critical = true, weight = 7RemovedMissing contribution
1020950quality-ruleAvoid providing password in Web Service URLThresholds[50.0, 90.0, 95.0, 99.0]Updated[98.0, 99.0, 99.5, 99.99]
1020950quality-ruleAvoid providing password in Web Service URLDocumentation englishtotal = Number of url resourcesUpdatedtotal = Number of GET url resources

AIP 8.3.42 - 8.3.43

This section lists the results of a comparison between a CAST AIP 8.3.42 Assessment Model and a CAST AIP 8.3.43 Assessment Model. You can download the original compare_8342_8343.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.42 Assessment ModelChangeCAST 8.3.43 Assessment Model
7296quality-ruleNever define static variables in header filesDocumentation englishdescription = ..., are outside any class scope.Updateddescription = ..., are outside any class scope.\n- This applies even if the header file is not ref...
8550quality-ruleAvoid using ABAP command GENERATE SUBROUTINE POOLQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5Updatedcritical = true

AIP 8.3.41 - 8.3.42

This section lists the results of a comparison between a CAST AIP 8.3.41 Assessment Model and a CAST AIP 8.3.42 Assessment Model. You can download the original compare_8341_8342.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.41 Assessment ModelChangeCAST 8.3.42 Assessment Model
2616quality-ruleAvoid undocumented FormsDocumentation englishdescription = Forms should be documentedUpdateddescription = This reports lists all Forms that have neither heading comments nor inline comme...
2616quality-ruleAvoid undocumented FormsDocumentation englishtotal = Number of formsUpdatedtotal = Number of Forms
2616quality-ruleAvoid undocumented FormsDocumentation englishMissingAddedrationale = Maintainability of the code is facilitated if there is documentation in the code...
2616quality-ruleAvoid undocumented FormsDocumentation englishMissingAddedreference = https://cwe.mitre.org/data/definitions/1053.html
2616quality-ruleAvoid undocumented FormsDocumentation englishMissingAddedremediation = Add comments into the Form to explain what is its goal and how it works.
7126quality-ruleAvoid Artifacts with high Commented-out Code Lines/Code Lines ratioDocumentation englishdescription = ... artifact.\n\nPlease note that unless the following criteria are met by the source...Updateddescription = ... artifact. \n\nPlease note that the number of Commented-out Code Lines is measured...
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediationSample = .../Sample 1\n// A possibility is to sanitize the rawInputData variable\nimport org.o...UpdatedremediationSample = .../Sample 1\nimport org.owasp.esapi.Encoder;\nString rawInputData = request.getParam...
7740quality-ruleAvoid HTTP response splittingDocumentation englishsample = .../Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\n//Sample 2\nString head...Updatedsample = .../Sample 1\nString rawInputData = request.getParameter(INPUT);\nresponse.addHeader(...
7748quality-ruleAvoid OS command injectionDocumentation englishremediationSample = ...inates)\n{\nString utmCoords = null;\ntry {\nString latlonCoords = coordinates;\nRunt...UpdatedremediationSample = ...inates)\n{\n String utmCoords = null;\n try {\n String latlonCoords = coordinat...
7748quality-ruleAvoid OS command injectionDocumentation englishsample = ...inates)\n{\nString utmCoords = null;\ntry {\nString latlonCoords = coordinates;\nRunt...Updatedsample = ...inates)\n{\n String utmCoords = null;\n try {\n String latlonCoords = coordinat...
7782quality-ruleAvoid empty finally blocksDocumentation englishMissingAddedreference = https://cwe.mitre.org/data/definitions/1069.html
7782quality-ruleAvoid empty finally blocksDocumentation englishMissingAddedremediation = Add code to the finally block, especially the release of resources used in the t...
7792quality-ruleAvoid Classes with a High Number Of ChildrenDocumentation englishassociatedValueName = ...umber of classesUpdatedassociatedValueName = ...umber of children
7882quality-ruleAvoid using Native SQLDocumentation englishMissingAddedreference = https://blogs.sap.com/2013/11/20/how-to-protect-your-abap-code-against-sql-injec...
8028quality-ruleAvoid missing default in switch statementsDocumentation englishreference = CISQ rule: ASCMM-MNT-1.Updatedreference = CISQ rule: ASCMM-MNT-1.\n\nMISRA C++ 2008, 6-4-3: A switch statement shall be a we...
8032quality-ruleAvoid using break statement in FOR loopsDocumentation englishname = ...oid using a break statement in 'for' loopsUpdatedname = ...oid using break statement in FOR loops
8032quality-ruleAvoid using break statement in FOR loopsDocumentation englishsample = ...ion\n }\n // ...\n}Updatedsample = ...ion\n }\n}
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishremediationSample = static SecureRandom ranGen = new SecureRandom();\n\nString GenerateReceiptURL(Stri...UpdatedremediationSample = @Override\npublic void doPost(HttpServletRequest request, HttpServletResponse res...
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishsample = static Random ranGen = new Random();\n\nString GenerateReceiptURL(String baseUrl) ...Updatedsample = @Override\npublic void doPost(HttpServletRequest request, HttpServletResponse res...
8480quality-ruleAvoid using PREPARE STMT statement (Dynamic SQL) with STRING containing HOST variablesDocumentation englishsample = ... inputs:\n\n* Potential SQL injection if X, Y or Z host variables come from untrus...Updatedsample = ... inputs:\n\n\nSTRING "INSERT INTO TBL (a,b,c) VALUES (" X "," Y "," Z ")" INTO MY-S...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishremediationSample = .../Sample 1\n// A possibility is to sanitize the rawInputData variable\nimport org.o...UpdatedremediationSample = .../Sample 1\nimport org.owasp.esapi.Encoder;\nString rawInputData; // value given by...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishsample = .../Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\n//Sample 2\nString head...Updatedsample = .../Sample 1\nString rawInputData; // value given by an API request\nresponse.addHead...
8494quality-ruleAvoid OS command injection through API requestsDocumentation englishremediationSample = Sample 1:\npublic String coordinateTransformLatLonToUTM(String coordinates)\n{\nStr...UpdatedremediationSample = public String coordinateTransformLatLonToUTM(String coordinates)\n{\n String utmC...
8494quality-ruleAvoid OS command injection through API requestsDocumentation englishsample = Sample 1:\npublic String coordinateTransformLatLonToUTM(String coordinates)\n{\nStr...Updatedsample = public String coordinateTransformLatLonToUTM(String coordinates)\n{\n String utmC...
8518quality-ruleAvoid regular expression injectionDocumentation englishname = Avoid Regular expression injectionUpdatedname = Avoid regular expression injection
8554quality-ruleAvoid using insufficient random generatorDocumentation englishdescription = This rule will check if the library used to generate random number.Updateddescription = The application uses a Pseudo-Random Number Generator (PRNG), but the PRNG's alg...
8554quality-ruleAvoid using insufficient random generatorDocumentation englishremediationSample = ...aseUrl) {\nranGen.setSeed((new Date()).getTime());\nreturn(baseUrl + ranGen.nextIn...UpdatedremediationSample = ...aseUrl) {\n ranGen.setSeed((new Date()).getTime());\n return(baseUrl + ranGe...
8554quality-ruleAvoid using insufficient random generatorDocumentation englishsample = ...aseUrl) {\nranGen.setSeed((new Date()).getTime());\nreturn(baseUrl + ranGen.nextIn...Updatedsample = ...aseUrl) {\n ranGen.setSeed((new Date()).getTime());\n return(baseUrl + ranGe...
8566quality-ruleAvoid cyclic references in the definition of CDS views (S4/HAHA)DefinitionMissingAddedactive = true, detached = false
8566quality-ruleAvoid cyclic references in the definition of CDS views (S4/HAHA)Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)Missing contributionAddedcritical = false, weight = 7
8568quality-ruleAvoid calculated fields in WHERE-clauses and ON-clauses of CDS views (S4/HANA)DefinitionMissingAddedactive = true, detached = false
8568quality-ruleAvoid calculated fields in WHERE-clauses and ON-clauses of CDS views (S4/HANA)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 7

AIP 8.3.40 - 8.3.41

This section lists the results of a comparison between a CAST AIP 8.3.40 Assessment Model and a CAST AIP 8.3.41 Assessment Model. You can download the original compare_8340_8341.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.40 Assessment ModelChangeCAST 8.3.41 Assessment Model
7766quality-ruleAvoid Artifacts with High Cyclomatic ComplexityDocumentation englishreference = ...etric\nhttp://hissa.nist.gov/HHRFdata/Artifacts/ITLdoc/235/sttoc.htmUpdatedreference = ...etric\nhttps://www.nist.gov/publications/structured-testing-testing-methodology-u...
8420quality-ruleAvoid second order SQL injectionDocumentation englishoutput = ...forged by user input\n\nIt provides the following information:\n - Method full name...Updatedoutput = ...forged by database content\n\nIt provides the following information:\n - Method ful...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishsample = ...ER_NAME);\nCookie cookie = new Cookie("header", header);\nresponse.addCookie(cooki...Updatedsample = ...ER_NAME);\n// ...\nCookie cookie = new Cookie("header", header);\nresponse.addCooki...
8520quality-ruleAvoid second order regular expression injectionDocumentation englishoutput = ...forged by user input\n\nIt provides the following information:\n - Method full name...Updatedoutput = ...forged by database content\n\nIt provides the following information:\n - Method ful...
8526quality-ruleAvoid second order deserialization injectionDocumentation englishoutput = ...forged by user input\n\nIt provides the following information:\n - Method full name...Updatedoutput = ...forged by database content\n\nIt provides the following information:\n - Method ful...
8526quality-ruleAvoid second order deserialization injectionDocumentation englishMissingAddedassociatedValueName = Call stack from user input source down to the target method
8532quality-ruleAvoid second order XQuery injectionDocumentation englishoutput = ...forged by user input\n\nIt provides the following information:\n - Method full name...Updatedoutput = ...forged by database content\n\nIt provides the following information:\n - Method ful...
8538quality-ruleAvoid second order expression language injectionDocumentation englishoutput = ...forged by user input\n\nIt provides the following information:\n - Method full name...Updatedoutput = ...forged by database content\n\nIt provides the following information:\n - Method ful...
8560quality-ruleAvoid server-side request forgeryDefinitionMissingAddedactive = true, detached = false
8560quality-ruleAvoid server-side request forgeryQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8562quality-ruleAvoid server-side request forgery through API requestsDefinitionMissingAddedactive = true, detached = false
8562quality-ruleAvoid server-side request forgery through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8564quality-ruleAvoid second order server-side request forgeryDefinitionMissingAddedactive = true, detached = false
8564quality-ruleAvoid second order server-side request forgeryQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.39 - 8.3.40

This section lists the results of a comparison between a CAST AIP 8.3.39 Assessment Model and a CAST AIP 8.3.40 Assessment Model. You can download the original compare_8339_8340.xlsx file (which you should open in Microsoft Excel) if you prefer. 

Click here to view the results...

MetricTypeNameTopicCAST 8.3.39 Assessment ModelChangeCAST 8.3.40 Assessment Model
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishremediationSample = ...er.ReadToEnd();\n }\n }\n}UpdatedremediationSample = ...er.ReadToEnd();\n }\n }\n}\n\n------- VB.NET ---------\n\n' with using statement...
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishsample = ... return reader.ReadToEnd();\n}Updatedsample = ... return reader.ReadToEnd();\n}\n\n------- VB.NET ---------\n\nPublic Function ReadTe...

AIP 8.3.38 - 8.3.39

This section lists the results of a comparison between a CAST AIP 8.3.38 Assessment Model and a CAST AIP 8.3.39 Assessment Model. You can download the original compare_8338_8339.xlsx file (which you should open in Microsoft Excel) if you prefer. Note that in AIP Core 8.3.39, main extensions that were previous shipped with AIP Core were removed.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.38 Assessment ModelChangeCAST 8.3.39 Assessment Model
1606quality-ruleTriggers should not directly modify tables, a procedure or function should be used insteadTechnologies[Forms, PL/SQL, SQL]UpdatedRemoved: [SQL]
1634quality-ruleAvoid unreferenced TablesTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
3570quality-ruleAvoid using Keywords as namesActivationactive = false, detached = trueUpdatedactive = true, detached = false
3570quality-ruleAvoid using Keywords as namesDocumentation englishdescription = ...ds should not be used as names. For list of supported keyword for C# please see ...Updateddescription = ...ds should not be used as names
3570quality-ruleAvoid using Keywords as namesDocumentation englishname = DELETED: Avoid using Keywords as namesUpdatedname = Avoid using Keywords as names
3570quality-ruleAvoid using Keywords as namesQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 2
7404quality-ruleAvoid unreferenced viewsTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7760quality-ruleAvoid triggers, functions and procedures with a very low comment/code ratioTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7760quality-ruleAvoid triggers, functions and procedures with a very low comment/code ratioParameter #1: Minimum % Comment / Code Ratiovalues(SQL) = [5]Updatedvalues(SQL) = No default values
7762quality-ruleAvoid undocumented Triggers, Functions and ProceduresTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7766quality-ruleAvoid Artifacts with High Cyclomatic ComplexityTechnologies[ASP, ABAP, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [SQL]
7768quality-ruleAvoid Artifacts with High Depth of CodeTechnologies[ASP, ABAP, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [SQL]
7772quality-ruleAvoid Artifacts with High Essential ComplexityTechnologies[ASP, ABAP, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [SQL]
7774quality-ruleAvoid Artifacts with High Integration ComplexityTechnologies[ASP, ABAP, SQL Server, Forms, Visual Basic, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), SQL]UpdatedRemoved: [SQL]
7776quality-ruleAvoid Artifacts with High Fan-InTechnologies[ASP, ABAP, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [HTML5, SQL]
7778quality-ruleAvoid Artifacts with High Fan-OutTechnologies[ASP, ABAP, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [HTML5, SQL]
7782quality-ruleAvoid empty finally blocksTechnologies[ASP, C#, VB.NET, JEE, .NET (Legacy Analyzer), HTML5]UpdatedRemoved: [HTML5]
7784quality-ruleAvoid Artifacts with lines longer than X charactersTechnologies[ASP, SQL Server, Forms, Visual Basic, C++, C, C#, VB.NET, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [HTML5, SQL]
7786quality-ruleAvoid long Table or View namesTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7788quality-ruleAvoid empty catch blocksTechnologies[ABAP, C#, VB.NET, JEE, .NET (Legacy Analyzer), HTML5]UpdatedRemoved: [HTML5]
7792quality-ruleAvoid Classes with a High Number Of ChildrenTechnologies[ABAP, Visual Basic, PowerBuilder, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer), HTML5]UpdatedRemoved: [HTML5]
7808quality-ruleAvoid Artifacts with SQL statement including subqueriesTechnologies[ABAP, SQL Server, Forms, Visual Basic, Cobol, C++, C, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7814quality-ruleAvoid Tables not using referential integrityTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7816quality-ruleAvoid using GOTO statementTechnologies[SQL Server, Forms, C++, C, C#, VB.NET, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7828quality-ruleAvoid Artifacts with High RAW SQL ComplexityTechnologies[ABAP, SQL Server, Forms, Visual Basic, PowerBuilder, Cobol, C++, C, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7840quality-ruleTrigger naming convention - prefix controlTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7840quality-ruleTrigger naming convention - prefix controlParameter #1: Trigger name prefixvalues(SQL) = [D_, U_, L_]Updatedvalues(SQL) = No default values
7842quality-ruleAvoid large Artifacts - too many Lines of CodeTechnologies[ABAP, SQL Server, Forms, Cobol, C++, C, C#, VB.NET, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, .NET (Legacy Analyzer), HTML5, SQL]UpdatedRemoved: [HTML5, SQL]
7842quality-ruleAvoid large Artifacts - too many Lines of CodeParameter #1: Maximum Line Countvalues(HTML5) = [100]Updatedvalues(HTML5) = No default values
7842quality-ruleAvoid large Artifacts - too many Lines of CodeParameter #1: Maximum Line Countvalues(SQL) = [50]Updatedvalues(SQL) = No default values
7844quality-ruleAvoid undocumented ClassesTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer), HTML5]UpdatedRemoved: [HTML5]
7852quality-ruleDatabase view naming convention - prefix controlTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7852quality-ruleDatabase view naming convention - prefix controlParameter #1: Prefixvalues(SQL) = [v_, V_]Updatedvalues(SQL) = No default values
7854quality-ruleDatabase table naming convention - prefix controlTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7854quality-ruleDatabase table naming convention - prefix controlParameter #1: Prefixvalues(SQL) = [T_, t_]Updatedvalues(SQL) = No default values
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7860quality-ruleAvoid unreferenced Functions and ProceduresTechnologies[ASP, ABAP, Forms, Visual Basic, C++, C, JavaScript, PL/SQL, JEE, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7898quality-ruleSQL Function naming convention - prefix controlTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7898quality-ruleSQL Function naming convention - prefix controlParameter #1: Prefixvalues(SQL) = [fn_, F_]Updatedvalues(SQL) = No default values
7900quality-ruleStored Procedure naming convention - prefix controlTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL, SQL]UpdatedRemoved: [SQL]
7900quality-ruleStored Procedure naming convention - prefix controlParameter #1: Prefixvalues(SQL) = [SP_, P_, usp_]Updatedvalues(SQL) = No default values
7944quality-ruleAvoid High Response for ClassesTechnologies[ABAP, PowerBuilder, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer), HTML5]UpdatedRemoved: [HTML5]
8028quality-ruleAvoid missing default in switch statementsTechnologies[C++, C, C#, VB.NET, JEE, HTML5]UpdatedRemoved: [HTML5]
8032quality-ruleAvoid using a break statement in 'for' loopsTechnologies[C++, C, C#, VB.NET, JEE, .NET (Legacy Analyzer), HTML5]UpdatedRemoved: [HTML5]
10201sizing-measureBackfired Function PointsParameter #1: BackFired FP ratiovalues(SQL) = [60.0]Updatedvalues(SQL) = No default values
65105quality-distributionSize DistributionParameter #1: Average Size Thresholdvalues(HTML5) = [100.0]Updatedvalues(HTML5) = No default values
65105quality-distributionSize DistributionParameter #1: Average Size Thresholdvalues(SQL) = [100.0]Updatedvalues(SQL) = No default values
65105quality-distributionSize DistributionParameter #2: Large Size Thresholdvalues(HTML5) = [500.0]Updatedvalues(HTML5) = No default values
65105quality-distributionSize DistributionParameter #2: Large Size Thresholdvalues(SQL) = [500.0]Updatedvalues(SQL) = No default values
65105quality-distributionSize DistributionParameter #3: Very Large Size Thresholdvalues(HTML5) = [1000.0]Updatedvalues(HTML5) = No default values
65105quality-distributionSize DistributionParameter #3: Very Large Size Thresholdvalues(SQL) = [1000.0]Updatedvalues(SQL) = No default values
65350quality-distributionCoupling DistributionParameter #1: Average Coupling Artifacts Thresholdvalues(HTML5) = [4.0]Updatedvalues(HTML5) = No default values
65350quality-distributionCoupling DistributionParameter #1: Average Coupling Artifacts Thresholdvalues(SQL) = [4.0]Updatedvalues(SQL) = No default values
65350quality-distributionCoupling DistributionParameter #2: High Coupling Artifacts Thresholdvalues(HTML5) = [10.0]Updatedvalues(HTML5) = No default values
65350quality-distributionCoupling DistributionParameter #2: High Coupling Artifacts Thresholdvalues(SQL) = [10.0]Updatedvalues(SQL) = No default values
65350quality-distributionCoupling DistributionParameter #3: Very High Coupling Artifacts Thresholdvalues(HTML5) = [30.0]Updatedvalues(HTML5) = No default values
65350quality-distributionCoupling DistributionParameter #3: Very High Coupling Artifacts Thresholdvalues(SQL) = [30.0]Updatedvalues(SQL) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #1: Average Complexity Artifact Thresholdvalues(HTML5) = [5.0]Updatedvalues(HTML5) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #1: Average Complexity Artifact Thresholdvalues(SQL) = [5.0]Updatedvalues(SQL) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #2: High Complexity Artifact Thresholdvalues(HTML5) = [15.0]Updatedvalues(HTML5) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #2: High Complexity Artifact Thresholdvalues(SQL) = [15.0]Updatedvalues(SQL) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #3: Very High Complexity Artifact Thresholdvalues(HTML5) = [30.0]Updatedvalues(HTML5) = No default values
65501quality-distributionCyclomatic Complexity DistributionParameter #3: Very High Complexity Artifact Thresholdvalues(SQL) = [30.0]Updatedvalues(SQL) = No default values
65601quality-distribution4GL Complexity DistributionParameter #1: Heavy Forms thresholdvalues(JSP) = [20.0]Updatedvalues(JSP) = No default values
65601quality-distribution4GL Complexity DistributionParameter #2: Lengthy Forms thresholdvalues(JSP) = [20.0]Updatedvalues(JSP) = No default values
65601quality-distribution4GL Complexity DistributionParameter #3: High Data Layer thresholdvalues(JSP) = [20.0]Updatedvalues(JSP) = No default values
65601quality-distribution4GL Complexity DistributionParameter #4: High Fan out thresholdvalues(JSP) = [20.0]Updatedvalues(JSP) = No default values
66010quality-distributionReuse by Call DistributionParameter #1: Average Reuse Thresholdvalues(SQL) = [4.0]Updatedvalues(SQL) = No default values
66010quality-distributionReuse by Call DistributionParameter #2: High Reuse Thresholdvalues(SQL) = [10.0]Updatedvalues(SQL) = No default values
66010quality-distributionReuse by Call DistributionParameter #3: Very High Reuse Thresholdvalues(SQL) = [50.0]Updatedvalues(SQL) = No default values
66015quality-distributionClass Complexity Distribution (WMC)Parameter #1: Average Class Complexity Thresholdvalues(SQL) = [100.0]Updatedvalues(SQL) = No default values
66015quality-distributionClass Complexity Distribution (WMC)Parameter #2: High Class Complexity Thresholdvalues(SQL) = [500.0]Updatedvalues(SQL) = No default values
66015quality-distributionClass Complexity Distribution (WMC)Parameter #3: Very High Class Complexity Thresholdvalues(SQL) = [1000.0]Updatedvalues(SQL) = No default values
66020quality-distributionClass Fan-Out DistributionParameter #1: Average Class Fan-Out Thresholdvalues(SQL) = [5.0]Updatedvalues(SQL) = No default values
66020quality-distributionClass Fan-Out DistributionParameter #2: High Class Fan-Out Thresholdvalues(SQL) = [15.0]Updatedvalues(SQL) = No default values
66020quality-distributionClass Fan-Out DistributionParameter #3: Very High Class Fan-Out Thresholdvalues(SQL) = [30.0]Updatedvalues(SQL) = No default values
66021quality-distributionClass Fan-In DistributionParameter #1: Average Class Fan-In Thresholdvalues(SQL) = [4.0]Updatedvalues(SQL) = No default values
66021quality-distributionClass Fan-In DistributionParameter #2: High Class Fan-In Thresholdvalues(SQL) = [10.0]Updatedvalues(SQL) = No default values
66021quality-distributionClass Fan-In DistributionParameter #3: Very High Class Fan-In Thresholdvalues(SQL) = [30.0]Updatedvalues(SQL) = No default values
1020000quality-ruleAvoid Artifacts with High Cyclomatic Complexity (HTML5/Javascript)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 5RemovedMissing contribution
1020000quality-ruleAvoid Artifacts with High Cyclomatic Complexity (HTML5/Javascript)Definitionactive = true, detached = falseRemovedMissing
1020002quality-ruleAvoid programs with low comment / code ratio (HTML5/Javascript)Quality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 6RemovedMissing contribution
1020002quality-ruleAvoid programs with low comment / code ratio (HTML5/Javascript)Definitionactive = true, detached = falseRemovedMissing
1020004quality-ruleAvoid using querySelectorAllQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 7RemovedMissing contribution
1020004quality-ruleAvoid using querySelectorAllDefinitionactive = true, detached = falseRemovedMissing
1020006quality-ruleAvoid calling a function in a termination loopQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 7RemovedMissing contribution
1020006quality-ruleAvoid calling a function in a termination loopDefinitionactive = true, detached = falseRemovedMissing
1020008quality-ruleAvoid using for-in loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = false, weight = 4RemovedMissing contribution
1020008quality-ruleAvoid using for-in loopDefinitionactive = true, detached = falseRemovedMissing
1020010quality-ruleAvoid using forEach()Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1020010quality-ruleAvoid using forEach()Definitionactive = true, detached = falseRemovedMissing
1020012quality-ruleAvoid using a web service with WebSocket inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 7RemovedMissing contribution
1020012quality-ruleAvoid using a web service with WebSocket inside a loopDefinitionactive = true, detached = falseRemovedMissing
1020014quality-ruleAvoid using a web service with XMLHttpRequest inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 7RemovedMissing contribution
1020014quality-ruleAvoid using a web service with XMLHttpRequest inside a loopDefinitionactive = true, detached = falseRemovedMissing
1020016quality-ruleAvoid using too much dot notation in loopQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 4RemovedMissing contribution
1020016quality-ruleAvoid using too much dot notation in loopDefinitionactive = true, detached = falseRemovedMissing
1020018quality-ruleAvoid using Web SQL databasesQuality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = true, weight = 9RemovedMissing contribution
1020018quality-ruleAvoid using Web SQL databasesDefinitionactive = true, detached = falseRemovedMissing
1020020quality-ruleAvoid JavaScript to block page loadingQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)critical = false, weight = 5RemovedMissing contribution
1020020quality-ruleAvoid JavaScript to block page loadingDefinitionactive = true, detached = falseRemovedMissing
1020022quality-ruleAvoid using submitted markup containing "form" and "formaction" attributesQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020022quality-ruleAvoid using submitted markup containing "form" and "formaction" attributesDefinitionactive = true, detached = falseRemovedMissing
1020024quality-ruleAvoid using submit markup related to "form" with id attributeQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020024quality-ruleAvoid using submit markup related to "form" with id attributeDefinitionactive = true, detached = falseRemovedMissing
1020026quality-ruleAvoid using autofocus and onfocus in submitted markupQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020026quality-ruleAvoid using autofocus and onfocus in submitted markupDefinitionactive = true, detached = falseRemovedMissing
1020028quality-ruleAvoid using autofocus and onblur in submitted markupQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020028quality-ruleAvoid using autofocus and onblur in submitted markupDefinitionactive = true, detached = falseRemovedMissing
1020030quality-ruleAvoid using javascript or expression in the CSS fileQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020030quality-ruleAvoid using javascript or expression in the CSS fileDefinitionactive = true, detached = falseRemovedMissing
1020032quality-ruleAvoid using video poster attributes in combination with javascriptQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020032quality-ruleAvoid using video poster attributes in combination with javascriptDefinitionactive = true, detached = falseRemovedMissing
1020034quality-ruleAvoid hosting HTML code in iframe srcdocQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020034quality-ruleAvoid hosting HTML code in iframe srcdocDefinitionactive = true, detached = falseRemovedMissing
1020036quality-ruleAvoid using onscroll event with autofocus inputQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020036quality-ruleAvoid using onscroll event with autofocus inputDefinitionactive = true, detached = falseRemovedMissing
1020038quality-ruleAvoid defining and calling functions inside loopsQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = false, weight = 5RemovedMissing contribution
1020038quality-ruleAvoid defining and calling functions inside loopsDefinitionactive = true, detached = falseRemovedMissing
1020040quality-ruleAvoid using delete with no object propertiesQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1020040quality-ruleAvoid using delete with no object propertiesDefinitionactive = true, detached = falseRemovedMissing
1020042quality-ruleAvoid having iframe inside a tagQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020042quality-ruleAvoid having iframe inside a tagDefinitionactive = true, detached = falseRemovedMissing
1020044quality-ruleAvoid using setData in ondragstart with attribute draggable set to trueQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020044quality-ruleAvoid using setData in ondragstart with attribute draggable set to trueDefinitionactive = true, detached = falseRemovedMissing
1020046quality-ruleAvoid using oninput in body containing input autofocusQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020046quality-ruleAvoid using oninput in body containing input autofocusDefinitionactive = true, detached = falseRemovedMissing
1020048quality-ruleAvoid using source tag in video/audio with event handlerQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020048quality-ruleAvoid using source tag in video/audio with event handlerDefinitionactive = true, detached = falseRemovedMissing
1020050quality-ruleAvoid white-listing the "dirname" attribute in user generated contentQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020050quality-ruleAvoid white-listing the "dirname" attribute in user generated contentDefinitionactive = true, detached = falseRemovedMissing
1020052quality-ruleAvoid using import with external URIQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020052quality-ruleAvoid using import with external URIDefinitionactive = true, detached = falseRemovedMissing
1020054quality-ruleAvoid using delete on arraysQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1020054quality-ruleAvoid using delete on arraysDefinitionactive = true, detached = falseRemovedMissing
1020056quality-ruleAvoid using Javascript Document.all collectionQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)critical = false, weight = 4RemovedMissing contribution
1020056quality-ruleAvoid using Javascript Document.all collectionDefinitionactive = true, detached = falseRemovedMissing
1020058quality-ruleAvoid using eval()Quality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020058quality-ruleAvoid using eval()Definitionactive = true, detached = falseRemovedMissing
1020060quality-ruleAvoid using console.log()Quality Contribution to 'Secure Coding - Encapsulation' (66066)critical = false, weight = 5RemovedMissing contribution
1020060quality-ruleAvoid using console.log()Definitionactive = true, detached = falseRemovedMissing
1020062quality-ruleAvoid using non thread-safe Javascript singleton patternQuality Contribution to 'Secure Coding - API Abuse' (66063)critical = false, weight = 8RemovedMissing contribution
1020062quality-ruleAvoid using non thread-safe Javascript singleton patternDefinitionactive = true, detached = falseRemovedMissing
1020064quality-ruleAvoid Superclass knowing Subclass in JavascriptQuality Contribution to 'Programming Practices - OO Inheritance and Polymorphism' (61003)critical = false, weight = 9RemovedMissing contribution
1020064quality-ruleAvoid Superclass knowing Subclass in JavascriptDefinitionactive = true, detached = falseRemovedMissing
1020066quality-ruleAvoid using Javascript Function constructorQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 7RemovedMissing contribution
1020066quality-ruleAvoid using Javascript Function constructorDefinitionactive = true, detached = falseRemovedMissing
1020068quality-ruleAvoid return statement in finally blockQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 8RemovedMissing contribution
1020068quality-ruleAvoid return statement in finally blockDefinitionactive = true, detached = falseRemovedMissing
1020070quality-ruleAvoid hardcoded network resource names in JavascriptQuality Contribution to 'Architecture - OS and Platform Independence' (61004)critical = false, weight = 7RemovedMissing contribution
1020070quality-ruleAvoid hardcoded network resource names in JavascriptDefinitionactive = true, detached = falseRemovedMissing
1020072quality-ruleAvoid direct access to Database Tables in JavascriptQuality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = false, weight = 6RemovedMissing contribution
1020072quality-ruleAvoid direct access to Database Tables in JavascriptDefinitionactive = true, detached = falseRemovedMissing
1020074quality-ruleAvoid enabling autocomplete "on" for inputs/formsQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 7RemovedMissing contribution
1020074quality-ruleAvoid enabling autocomplete "on" for inputs/formsDefinitionactive = true, detached = falseRemovedMissing
1020076quality-ruleAvoid Artifacts with too many parameters (Javascript)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 8RemovedMissing contribution
1020076quality-ruleAvoid Artifacts with too many parameters (Javascript)Definitionactive = true, detached = falseRemovedMissing
1020078quality-ruleAvoid using setTimeout()Quality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020078quality-ruleAvoid using setTimeout()Definitionactive = true, detached = falseRemovedMissing
1020080quality-ruleAvoid using setInterval()Quality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020080quality-ruleAvoid using setInterval()Definitionactive = true, detached = falseRemovedMissing
1020082quality-ruleAvoid undocumented FunctionsQuality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 7RemovedMissing contribution
1020082quality-ruleAvoid undocumented FunctionsDefinitionactive = true, detached = falseRemovedMissing
1020084quality-ruleAvoid unreferenced FunctionsQuality Contribution to 'Dead code (static)' (61027)critical = false, weight = 4RemovedMissing contribution
1020084quality-ruleAvoid unreferenced FunctionsDefinitionactive = true, detached = falseRemovedMissing
1020086quality-ruleAvoid Functions having a very low Comment/Code ratioQuality Contribution to 'Documentation - Volume of Comments' (61028)critical = false, weight = 3RemovedMissing contribution
1020086quality-ruleAvoid Functions having a very low Comment/Code ratioDefinitionactive = true, detached = falseRemovedMissing
1020088quality-ruleAvoid Artifacts with lines longer than X charactersQuality Contribution to 'Documentation - Style Conformity' (61006)critical = false, weight = 2RemovedMissing contribution
1020088quality-ruleAvoid Artifacts with lines longer than X charactersDefinitionactive = true, detached = falseRemovedMissing
1020090quality-ruleAvoid Artifacts with High Depth of CodeQuality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 5RemovedMissing contribution
1020090quality-ruleAvoid Artifacts with High Depth of CodeDefinitionactive = true, detached = falseRemovedMissing
1020300quality-ruleAvoid using the call of web service $.ajax inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 9RemovedMissing contribution
1020300quality-ruleAvoid using the call of web service $.ajax inside a loopDefinitionactive = true, detached = falseRemovedMissing
1020302quality-ruleAvoid using element type in jQueryQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1020302quality-ruleAvoid using element type in jQueryDefinitionactive = true, detached = falseRemovedMissing
1020304quality-ruleImplement success and error callbacks when using jquery web service callQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 8RemovedMissing contribution
1020304quality-ruleImplement success and error callbacks when using jquery web service callDefinitionactive = true, detached = falseRemovedMissing
1020306quality-ruleAlways use find for Id->Child nested selectorsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1020306quality-ruleAlways use find for Id->Child nested selectorsDefinitionactive = true, detached = falseRemovedMissing
1020308quality-ruleAlways cache the returned objects in variables to be reusedQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1020308quality-ruleAlways cache the returned objects in variables to be reusedDefinitionactive = true, detached = falseRemovedMissing
1020310quality-ruleUse "type=" to select elements by typeQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1020310quality-ruleUse "type=" to select elements by typeDefinitionactive = true, detached = falseRemovedMissing
1020312quality-ruleAvoid use of anonymous functions to attach eventsQuality Contribution to 'Architecture - Reuse' (66009)critical = false, weight = 5RemovedMissing contribution
1020312quality-ruleAvoid use of anonymous functions to attach eventsDefinitionactive = true, detached = falseRemovedMissing
1020314quality-ruleAvoid using css() of many elementsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1020314quality-ruleAvoid using css() of many elementsDefinitionactive = true, detached = falseRemovedMissing
1020316quality-ruleAvoid Universal SelectorsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1020316quality-ruleAvoid Universal SelectorsDefinitionactive = true, detached = falseRemovedMissing
1020318quality-ruleAvoid using jQuery deprecated methodsQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1020318quality-ruleAvoid using jQuery deprecated methodsDefinitionactive = true, detached = falseRemovedMissing
1020500quality-ruleAvoid the use of the default JavaScript implementation [].forEach in AngularJS web appQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = false, weight = 4RemovedMissing contribution
1020500quality-ruleAvoid the use of the default JavaScript implementation [].forEach in AngularJS web appDefinitionactive = true, detached = falseRemovedMissing
1020502quality-ruleAvoid the use of JSON.parse and JSON.stringify in AngularJS web appQuality Contribution to 'Architecture - Reuse' (66009)critical = false, weight = 4RemovedMissing contribution
1020502quality-ruleAvoid the use of JSON.parse and JSON.stringify in AngularJS web appDefinitionactive = true, detached = falseRemovedMissing
1020504quality-ruleAvoid using the call of web service with AngularJS $http inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 5RemovedMissing contribution
1020504quality-ruleAvoid using the call of web service with AngularJS $http inside a loopDefinitionactive = true, detached = falseRemovedMissing
1020506quality-ruleAvoid using $scope in controllersQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020506quality-ruleAvoid using $scope in controllersDefinitionactive = false, detached = falseRemovedMissing
1020508quality-ruleUse Angular wrapper service $documentQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 3RemovedMissing contribution
1020508quality-ruleUse Angular wrapper service $documentDefinitionactive = true, detached = falseRemovedMissing
1020510quality-ruleUse Angular wrapper service $windowQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 3RemovedMissing contribution
1020510quality-ruleUse Angular wrapper service $windowDefinitionactive = true, detached = falseRemovedMissing
1020512quality-ruleUse Angular wrapper service $timeoutQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 3RemovedMissing contribution
1020512quality-ruleUse Angular wrapper service $timeoutDefinitionactive = true, detached = falseRemovedMissing
1020514quality-ruleOnly use the angular.isUndefined or angular.isDefined methods in AngularJS applicationQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 3RemovedMissing contribution
1020514quality-ruleOnly use the angular.isUndefined or angular.isDefined methods in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020516quality-ruleAvoid using Javascript Array typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020516quality-ruleAvoid using Javascript Array typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020518quality-ruleAvoid using Javascript Date typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020518quality-ruleAvoid using Javascript Date typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020520quality-ruleAvoid using Javascript Function typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020520quality-ruleAvoid using Javascript Function typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020522quality-ruleAvoid using Javascript String typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020522quality-ruleAvoid using Javascript String typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020524quality-ruleAvoid using Javascript Object typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020524quality-ruleAvoid using Javascript Object typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020526quality-ruleAvoid using Javascript Number typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020526quality-ruleAvoid using Javascript Number typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020528quality-ruleAvoid using Javascript Regexp typecheck in AngularJS applicationQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020528quality-ruleAvoid using Javascript Regexp typecheck in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020530quality-ruleAvoid using !angular.isUndefined() and !angular.isDefined() in AngularJS applicationQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 3RemovedMissing contribution
1020530quality-ruleAvoid using !angular.isUndefined() and !angular.isDefined() in AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020532quality-ruleUse Angular factory() instead of service()Quality Contribution to 'Programming Practices - Structuredness' (61024)critical = false, weight = 5RemovedMissing contribution
1020532quality-ruleUse Angular factory() instead of service()Definitionactive = true, detached = falseRemovedMissing
1020534quality-ruleAvoid using a web service with AngularJS $resource inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 5RemovedMissing contribution
1020534quality-ruleAvoid using a web service with AngularJS $resource inside a loopDefinitionactive = true, detached = falseRemovedMissing
1020536quality-ruleAvoid using $ or jQuery, use angular.element insteadQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1020536quality-ruleAvoid using $ or jQuery, use angular.element insteadDefinitionactive = true, detached = falseRemovedMissing
1020538quality-ruleAvoid wrapping angular.element objects with jQuery or $Quality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1020538quality-ruleAvoid wrapping angular.element objects with jQuery or $Definitionactive = true, detached = falseRemovedMissing
1020540quality-ruleAvoid using $http success and error functionQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = false, weight = 8RemovedMissing contribution
1020540quality-ruleAvoid using $http success and error functionDefinitionactive = true, detached = falseRemovedMissing
1020542quality-ruleEnable Content Security Policy when creating an AngularJS applicationQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020542quality-ruleEnable Content Security Policy when creating an AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020544quality-ruleAvoid disabling Strict Contextual Escaping (SCE) when createdQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020544quality-ruleAvoid disabling Strict Contextual Escaping (SCE) when createdDefinitionactive = true, detached = falseRemovedMissing
1020546quality-ruleAvoid using unsanitized AngularJS applicationQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020546quality-ruleAvoid using unsanitized AngularJS applicationDefinitionactive = true, detached = falseRemovedMissing
1020548quality-ruleAvoid disabling withCredentials option for the httpProviderQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020548quality-ruleAvoid disabling withCredentials option for the httpProviderDefinitionactive = true, detached = falseRemovedMissing
1020700quality-ruleAvoid the lack of error handling in the Node.js callbacksQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = false, weight = 5RemovedMissing contribution
1020700quality-ruleAvoid the lack of error handling in the Node.js callbacksDefinitionactive = true, detached = falseRemovedMissing
1020702quality-ruleAvoid using process.exit()Quality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = false, weight = 7RemovedMissing contribution
1020702quality-ruleAvoid using process.exit()Definitionactive = true, detached = falseRemovedMissing
1020704quality-ruleAvoid using string concatenation when using __dirname and __filenameQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1020704quality-ruleAvoid using string concatenation when using __dirname and __filenameDefinitionactive = true, detached = falseRemovedMissing
1020706quality-ruleEnsure the Content-Security-Policy is activatedQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020706quality-ruleEnsure the Content-Security-Policy is activatedDefinitionactive = true, detached = falseRemovedMissing
1020708quality-ruleEnsure the X-Powered-By header is disabledQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020708quality-ruleEnsure the X-Powered-By header is disabledDefinitionactive = true, detached = falseRemovedMissing
1020710quality-ruleEnsure the X-XSS-Protection header is enabledQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020710quality-ruleEnsure the X-XSS-Protection header is enabledDefinitionactive = true, detached = falseRemovedMissing
1020712quality-ruleEnsure the X-Frame-Options header is setupQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020712quality-ruleEnsure the X-Frame-Options header is setupDefinitionactive = true, detached = falseRemovedMissing
1020714quality-ruleAvoid having multiple routes for the same path with Node.js Express AppQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 8RemovedMissing contribution
1020714quality-ruleAvoid having multiple routes for the same path with Node.js Express AppDefinitionactive = true, detached = falseRemovedMissing
1020716quality-ruleAvoid using the call of web service with Node.js http.get or http.request inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 8RemovedMissing contribution
1020716quality-ruleAvoid using the call of web service with Node.js http.get or http.request inside a loopDefinitionactive = true, detached = falseRemovedMissing
1020718quality-ruleEnsure that browser cannot cache or store a pageQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 7RemovedMissing contribution
1020718quality-ruleEnsure that browser cannot cache or store a pageDefinitionactive = true, detached = falseRemovedMissing
1020720quality-ruleAllow only HTTPS communicationQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020720quality-ruleAllow only HTTPS communicationDefinitionactive = true, detached = falseRemovedMissing
1020722quality-ruleEnsure to use secure HTTPS protocolQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020722quality-ruleEnsure to use secure HTTPS protocolDefinitionactive = true, detached = falseRemovedMissing
1020724quality-ruleEnsure that marked is sanitizedQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 7RemovedMissing contribution
1020724quality-ruleEnsure that marked is sanitizedDefinitionactive = true, detached = falseRemovedMissing
1020726quality-ruleEnsure that CSRF Protection is enabledQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = true, weight = 9RemovedMissing contribution
1020726quality-ruleEnsure that CSRF Protection is enabledDefinitionactive = true, detached = falseRemovedMissing
1020728quality-ruleAvoid creating cookie without setting httpOnly optionQuality Contribution to 'Secure Coding - Encapsulation' (66066)critical = true, weight = 7RemovedMissing contribution
1020728quality-ruleAvoid creating cookie without setting httpOnly optionDefinitionactive = true, detached = falseRemovedMissing
1020730quality-ruleEnsure Node.js filesystem are closedQuality Contribution to 'Secure Coding - API Abuse' (66063)critical = false, weight = 7RemovedMissing contribution
1020730quality-ruleEnsure Node.js filesystem are closedDefinitionactive = true, detached = falseRemovedMissing
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Definitionactive = true, detached = falseRemovedMissing
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 9RemovedMissing contribution
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Definitionactive = true, detached = falseRemovedMissing
1101004quality-ruleAvoid non-indexed SQL queriesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 9RemovedMissing contribution
1101004quality-ruleAvoid non-indexed SQL queriesDefinitionactive = true, detached = falseRemovedMissing
1101006quality-ruleAvoid non-indexed XXL SQL queriesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 9RemovedMissing contribution
1101006quality-ruleAvoid non-indexed XXL SQL queriesDefinitionactive = true, detached = falseRemovedMissing
1101008quality-ruleAvoid non-SARGable queriesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 3RemovedMissing contribution
1101008quality-ruleAvoid non-SARGable queriesDefinitionactive = true, detached = falseRemovedMissing
1101010quality-ruleAvoid NATURAL JOIN queriesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1101010quality-ruleAvoid NATURAL JOIN queriesDefinitionactive = true, detached = falseRemovedMissing
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 3RemovedMissing contribution
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDefinitionactive = true, detached = falseRemovedMissing
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 4RemovedMissing contribution
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Definitionactive = true, detached = falseRemovedMissing
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 4RemovedMissing contribution
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Definitionactive = true, detached = falseRemovedMissing
1101018quality-ruleAvoid using the GROUP BY clauseQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1101018quality-ruleAvoid using the GROUP BY clauseDefinitionactive = true, detached = falseRemovedMissing
1101020quality-ruleAvoid using quoted identifiersQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 3RemovedMissing contribution
1101020quality-ruleAvoid using quoted identifiersDefinitionactive = true, detached = falseRemovedMissing
1101022quality-ruleAvoid Tables without Primary Key (SQL)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 5RemovedMissing contribution
1101022quality-ruleAvoid Tables without Primary Key (SQL)Definitionactive = true, detached = falseRemovedMissing
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDefinitionactive = true, detached = falseRemovedMissing
1101026quality-ruleAlways define column names when inserting valuesQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 5RemovedMissing contribution
1101026quality-ruleAlways define column names when inserting valuesDefinitionactive = true, detached = falseRemovedMissing
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDefinitionactive = true, detached = falseRemovedMissing
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 7RemovedMissing contribution
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDefinitionactive = true, detached = falseRemovedMissing
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Quality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = true, weight = 6RemovedMissing contribution
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Definitionactive = true, detached = falseRemovedMissing
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDefinitionactive = true, detached = falseRemovedMissing
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesQuality Contribution to 'Architecture - OS and Platform Independence' (61004)critical = false, weight = 3RemovedMissing contribution
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDefinitionactive = true, detached = falseRemovedMissing
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 5RemovedMissing contribution
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDefinitionactive = true, detached = falseRemovedMissing
1101040quality-ruleAvoid empty catch blocks (SQL)Quality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 7RemovedMissing contribution
1101040quality-ruleAvoid empty catch blocks (SQL)Definitionactive = true, detached = falseRemovedMissing
1101042quality-ruleTable naming convention - character set control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 1RemovedMissing contribution
1101042quality-ruleTable naming convention - character set control (SQL)Definitionactive = true, detached = falseRemovedMissing
1101044quality-ruleView naming convention - character set control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 1RemovedMissing contribution
1101044quality-ruleView naming convention - character set control (SQL)Definitionactive = true, detached = falseRemovedMissing
1101046quality-rulePackage naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1101046quality-rulePackage naming convention - prefix control (SQL)Definitionactive = false, detached = falseRemovedMissing
1101048quality-rulePackage Function naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1101048quality-rulePackage Function naming convention - prefix control (SQL)Definitionactive = false, detached = falseRemovedMissing
1101050quality-rulePackage Stored Procedure naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 5RemovedMissing contribution
1101050quality-rulePackage Stored Procedure naming convention - prefix control (SQL)Definitionactive = false, detached = falseRemovedMissing
1101052quality-ruleUse WHEN OTHERS in exception management (SQL)Quality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 8RemovedMissing contribution
1101052quality-ruleUse WHEN OTHERS in exception management (SQL)Definitionactive = true, detached = falseRemovedMissing
1101054quality-ruleNever use WHEN OTHER THEN NULLQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = true, weight = 8RemovedMissing contribution
1101054quality-ruleNever use WHEN OTHER THEN NULLDefinitionactive = true, detached = falseRemovedMissing
1101056quality-ruleAvoid large Tables - too many columns (SQL)Quality Contribution to 'Volume - Number of Components' (61022)critical = false, weight = 6RemovedMissing contribution
1101056quality-ruleAvoid large Tables - too many columns (SQL)Definitionactive = true, detached = falseRemovedMissing
1101058quality-ruleDo not mix ANSI and non-ANSI JOIN syntax in the same queryQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 4RemovedMissing contribution
1101058quality-ruleDo not mix ANSI and non-ANSI JOIN syntax in the same queryDefinitionactive = true, detached = falseRemovedMissing
1101060quality-ruleLIKE operator should not start with a wildcard characterQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 4RemovedMissing contribution
1101060quality-ruleLIKE operator should not start with a wildcard characterDefinitionactive = true, detached = falseRemovedMissing
1101062quality-ruleUse at most one statement per line (SQL)Quality Contribution to 'Documentation - Style Conformity' (61006)critical = false, weight = 1RemovedMissing contribution
1101062quality-ruleUse at most one statement per line (SQL)Definitionactive = true, detached = falseRemovedMissing
1101064quality-ruleAvoid cascading Triggers (SQL)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)critical = false, weight = 4RemovedMissing contribution
1101064quality-ruleAvoid cascading Triggers (SQL)Definitionactive = true, detached = falseRemovedMissing
1101066quality-ruleAvoid improperly written triangular joins with XXL tablesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 4RemovedMissing contribution
1101066quality-ruleAvoid improperly written triangular joins with XXL tablesDefinitionactive = true, detached = falseRemovedMissing
1101068quality-ruleAvoid synonym with both private and public definitionQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 1RemovedMissing contribution
1101068quality-ruleAvoid synonym with both private and public definitionDefinitionactive = true, detached = falseRemovedMissing
1101070quality-ruleAvoid explicit comparison with NULLQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 4RemovedMissing contribution
1101070quality-ruleAvoid explicit comparison with NULLDefinitionactive = true, detached = falseRemovedMissing
1101072quality-ruleTables should be aliasedQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 4RemovedMissing contribution
1101072quality-ruleTables should be aliasedDefinitionactive = true, detached = falseRemovedMissing
1101074quality-ruleTables aliases should not end with a numeric suffixQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 4RemovedMissing contribution
1101074quality-ruleTables aliases should not end with a numeric suffixDefinitionactive = true, detached = falseRemovedMissing
1101076quality-ruleColumn references should be qualifiedQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 4RemovedMissing contribution
1101076quality-ruleColumn references should be qualifiedDefinitionactive = true, detached = falseRemovedMissing
1101078quality-rulePrefer PRIVATE to PUBLIC synonymQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 1RemovedMissing contribution
1101078quality-rulePrefer PRIVATE to PUBLIC synonymDefinitionactive = true, detached = falseRemovedMissing
1101080quality-ruleAvoid orphaned synonymsQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)critical = false, weight = 1RemovedMissing contribution
1101080quality-ruleAvoid orphaned synonymsDefinitionactive = true, detached = falseRemovedMissing
1101082quality-ruleAvoid looping chain of synonymsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 1RemovedMissing contribution
1101082quality-ruleAvoid looping chain of synonymsDefinitionactive = true, detached = falseRemovedMissing
1101084quality-ruleAvoid Cursors inside a loop (SQL)Quality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 7RemovedMissing contribution
1101084quality-ruleAvoid Cursors inside a loop (SQL)Definitionactive = true, detached = falseRemovedMissing
1101086quality-ruleVARCHAR2 and NVARCHAR2 should be usedQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)critical = false, weight = 2RemovedMissing contribution
1101086quality-ruleVARCHAR2 and NVARCHAR2 should be usedDefinitionactive = true, detached = falseRemovedMissing
1101088quality-ruleLONG and LONG RAW datatypes should no longer be usedQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)critical = false, weight = 8RemovedMissing contribution
1101088quality-ruleLONG and LONG RAW datatypes should no longer be usedDefinitionactive = true, detached = falseRemovedMissing

AIP 8.3.37 - 8.3.38

This section lists the results of a comparison between a CAST AIP 8.3.37 Assessment Model and a CAST AIP 8.3.38 Assessment Model. You can download the original compare_8337_8338.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.37 Assessment ModelChangeCAST 8.3.38 Assessment Model
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishdescription = ...at contains multiple 'break' statement in a 'for' loop. 'break' statements locat...Updateddescription = ...at contain a 'break' statement in a 'for' loop. 'break' statements located in ne...
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishname = ...oid using multiple break statement in 'for' loopsUpdatedname = ...oid using a break statement in 'for' loops
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishrationale = ...ad. Using many 'break' statements in 'for' loops makes them more difficult to re...Updatedrationale = ...ad. Using too many 'break' statements in 'for' loops makes them more difficult t...
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishreference = MISRA C++:2008, 6-6-4 - For any iteration statement there shall be no more than ...RemovedMissing
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishremediationSample = for (int i = 0; i < 10; i++) \n{ \n if ( ... ) \n {\n // do some...RemovedMissing
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishsample = ... \n if ( ... ) \n {\n // do something..\n\n break; // compliant...Updatedsample = ... \n if (true) \n {\n break; // Violation\n }\n // ...\n}
8556quality-rule'XML GENERATE' should be used with 'WITH ENCODING'DefinitionMissingAddedactive = true, detached = false
8556quality-rule'XML GENERATE' should be used with 'WITH ENCODING'Quality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)Missing contributionAddedcritical = false, weight = 7
8558quality-ruleAvoid using XML PARSE without 'VALIDATING'DefinitionMissingAddedactive = true, detached = false
8558quality-ruleAvoid using XML PARSE without 'VALIDATING'Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 8

AIP 8.3.36 - 8.3.37

This section lists the results of a comparison between a CAST AIP 8.3.36 Assessment Model and a CAST AIP 8.3.37 Assessment Model. You can download the original compare_8336_8337.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.36 Assessment ModelChangeCAST 8.3.37 Assessment Model
7796quality-ruleAvoid Classes with a High Lack of Cohesion - variantOperationlocalSiteCountTotal = DIT_MANY_CLASSUpdatedlocalSiteCountTotal = DIT_LCOM_CLASS
7798quality-ruleAvoid Classes with a High Lack of CohesionOperationlocalSiteCountTotal = DIT_MANY_CLASSUpdatedlocalSiteCountTotal = DIT_LCOM_CLASS

AIP 8.3.35 - 8.3.36

This section lists the results of a comparison between a CAST AIP 8.3.35 Assessment Model and a CAST AIP 8.3.36 Assessment Model. You can download the original compare_8335_8336.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.35 Assessment ModelChangeCAST 8.3.36 Assessment Model
8116quality-ruleAvoid calling system function (CALL 'cfunc')Documentation englishsample = ... CALL 'SYSTEM' ID 'COMMAND' FIELD command \n ID 'TAB' FIELD tabl-...Updatedsample = ... CALL 'C_SAPGPARAM' ID 'NAME' FIELD 'SAPDBHOST'\n ID 'V...
8534quality-ruleAvoid XQuery injection through API requestsDocumentation englishsample = ...ring login = request.getParameter("login");\nXQDataSource dataSource = new SaxonX...Updatedsample = ...ring login; // value given by an API request\nXQDataSource dataSource = new Saxon...
8536quality-ruleAvoid expression language injectionDefinitionMissingAddedactive = true, detached = false
8536quality-ruleAvoid expression language injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8538quality-ruleAvoid second order expression language injectionDefinitionMissingAddedactive = true, detached = false
8538quality-ruleAvoid second order expression language injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8540quality-ruleAvoid expression language injection through API requestsDefinitionMissingAddedactive = true, detached = false
8540quality-ruleAvoid expression language injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8542quality-ruleAvoid debug forgingDefinitionMissingAddedactive = true, detached = false
8542quality-ruleAvoid debug forgingQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = false, weight = 8
8544quality-ruleAvoid debug forging through API requestsDefinitionMissingAddedactive = true, detached = false
8544quality-ruleAvoid debug forging through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = false, weight = 8
8546quality-ruleAvoid using ABAP command CALL 'SYSTEM'DefinitionMissingAddedactive = true, detached = false
8546quality-ruleAvoid using ABAP command CALL 'SYSTEM'Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8548quality-ruleAvoid using ABAP command INSERT REPORTDefinitionMissingAddedactive = true, detached = false
8548quality-ruleAvoid using ABAP command INSERT REPORTQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8550quality-ruleAvoid using ABAP command GENERATE SUBROUTINE POOLDefinitionMissingAddedactive = true, detached = false
8550quality-ruleAvoid using ABAP command GENERATE SUBROUTINE POOLQuality Contribution to 'Programming Practices - Structuredness' (61024)Missing contributionAddedcritical = false, weight = 5
8552quality-ruleAvoid using ABAP command OPEN DATASET with the FILTER additionDefinitionMissingAddedactive = true, detached = false
8552quality-ruleAvoid using ABAP command OPEN DATASET with the FILTER additionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 8
8554quality-ruleAvoid using insufficient random generatorDefinitionMissingAddedactive = true, detached = false
8554quality-ruleAvoid using insufficient random generatorQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = false, weight = 8

AIP 8.3.34 - 8.3.35

This section lists the results of a comparison between a CAST AIP 8.3.34 Assessment Model and a CAST AIP 8.3.35 Assessment Model. You can download the original compare_8334_8335.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.34 Assessment ModelChangeCAST 8.3.35 Assessment Model
7742quality-ruleAvoid SQL injectionDocumentation englishname = Avoid SQL injection vulnerabilitiesUpdatedname = Avoid SQL injection
7746quality-ruleAvoid LDAP injectionDocumentation englishname = Avoid LDAP injection vulnerabilitiesUpdatedname = Avoid LDAP injection
7748quality-ruleAvoid OS command injectionDocumentation englishname = Avoid OS command injection vulnerabilitiesUpdatedname = Avoid OS command injection
7750quality-ruleAvoid XPath injectionDocumentation englishname = Avoid XPath injection vulnerabilitiesUpdatedname = Avoid XPath injection
7752quality-ruleAvoid file path manipulationDocumentation englishname = Avoid file path manipulation vulnerabilitiesUpdatedname = Avoid file path manipulation
8044quality-ruleAvoid log forgingDocumentation englishname = Avoid log forging vulnerabilitiesUpdatedname = Avoid log forging
8044quality-ruleAvoid log forgingDocumentation englishremediationSample = String val = request.getParameter("value");\ntry {\n int value = Integer.parseI...UpdatedremediationSample = String taintedInput = request.getParameter("value");\ntry {\n int value = Integ...
8044quality-ruleAvoid log forgingDocumentation englishsample = String val = request.getParameter("value");\ntry {\n int value = Integer.parseI...Updatedsample = String taintedInput = request.getParameter("value");\ntry {\n int value = Integ...
8436quality-ruleAvoid thread injectionDocumentation englishname = Avoid thread injection vulnerabilitiesUpdatedname = Avoid thread injection
8490quality-ruleAvoid SQL injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8492quality-ruleAvoid LDAP injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8494quality-ruleAvoid OS command injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8498quality-ruleAvoid thread injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8504quality-ruleAvoid XPath injection through API requestsDocumentation englishname = ...injection vulnerabilities through API requestsUpdatedname = ...injection through API requests
8506quality-ruleAvoid file path manipulation through API requestsDocumentation englishname = ...ipulation vulnerabilities through API requestsUpdatedname = ...ipulation through API requests
8508quality-ruleAvoid log forging through API requestsDocumentation englishname = ...g forging vulnerabilities through API requestsUpdatedname = ...g forging through API requests
8508quality-ruleAvoid log forging through API requestsDocumentation englishremediationSample = String val; // value given by an API request\ntry {\n int value = Integer.parse...UpdatedremediationSample = String taintedInput; // value given by an API request\ntry {\n int value = Inte...
8508quality-ruleAvoid log forging through API requestsDocumentation englishsample = String val; // value given by an API request\ntry {\n int value = Integer.parse...Updatedsample = String taintedInput; // value given by an API request\ntry {\n int value = Inte...
8520quality-ruleAvoid second order regular expression injectionDocumentation englishname = ...ond order Regular expression injectionUpdatedname = ...ond order regular expression injection
8522quality-ruleAvoid regular expression injection through API requestsDocumentation englishname = Avoid Regular expression injection through API requestsUpdatedname = Avoid regular expression injection through API requests
8530quality-ruleAvoid XQuery injectionDefinitionMissingAddedactive = true, detached = false
8530quality-ruleAvoid XQuery injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8532quality-ruleAvoid second order XQuery injectionDefinitionMissingAddedactive = true, detached = false
8532quality-ruleAvoid second order XQuery injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8534quality-ruleAvoid XQuery injection through API requestsDefinitionMissingAddedactive = true, detached = false
8534quality-ruleAvoid XQuery injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.33 - 8.3.34

This section lists the results of a comparison between a CAST AIP 8.3.33 Assessment Model and a CAST AIP 8.3.34 Assessment Model. You can download the original compare_8333_8334.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.33 Assessment ModelChangeCAST 8.3.34 Assessment Model
1596quality-ruleAvoid using "nullable" Columns except in the last position in a TableDocumentation englishassociatedValueName = Column nameRemovedMissing
1596quality-ruleAvoid using "nullable" Columns except in the last position in a TableDiagnosisdiagnosisValueType = textUpdateddiagnosisValueType = no-value
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediationSample = Sample 1\n// include validation code for rawInputData --> cleanData\nresponse.add...UpdatedremediationSample = //Sample 1\n// A possibility is to sanitize the rawInputData variable\nimport org....
7740quality-ruleAvoid HTTP response splittingDocumentation englishsample = Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\nSample 2\nString header ...Updatedsample = //Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\n//Sample 2\nString hea...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishremediationSample = Sample 1\n// include validation code for rawInputData --> cleanData\nresponse.add...UpdatedremediationSample = //Sample 1\n// A possibility is to sanitize the rawInputData variable\nimport org....
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishsample = Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\nSample 2\nString header ...Updatedsample = //Sample 1\nresponse.addHeader(HEADER_NAME, rawInputData);\n\n//Sample 2\nString hea...

AIP 8.3.32 - 8.3.33

This section lists the results of a comparison between a CAST AIP 8.3.32 Assessment Model and a CAST AIP 8.3.33 Assessment Model. You can download the original compare_8332_8333.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.32 Assessment ModelChangeCAST 8.3.33 Assessment Model
8034quality-ruleWorking-Storage variables must be initialized before being readDocumentation englishname = Variables defined in Working-Storage section must be initialized before to be re...Updatedname = Working-Storage variables must be initialized before being read

AIP 8.3.31 - 8.3.32

This section lists the results of a comparison between a CAST AIP 8.3.31 Assessment Model and a CAST AIP 8.3.32 Assessment Model. You can download the original compare_8331_8332.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.31 Assessment ModelChangeCAST 8.3.32 Assessment Model
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishdescription = ...at contain a 'break' statement in a 'for' loop. 'break' statements located in ne...Updateddescription = ...at contains multiple 'break' statement in a 'for' loop. 'break' statements locat...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishname = ...oid using a break statement in 'for' loopsUpdatedname = ...oid using multiple break statement in 'for' loops
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishrationale = ...ad. Using too many 'break' statements in 'for' loops makes them more difficult t...Updatedrationale = ...ad. Using many 'break' statements in 'for' loops makes them more difficult to re...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishsample = ... \n if (true) \n {\n break; // Violation\n }\n // ...\n}Updatedsample = ... \n if ( ... ) \n {\n // do something..\n\n break; // compliant...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishMissingAddedreference = MISRA C++:2008, 6-6-4 - For any iteration statement there shall be no more than ...
8032quality-ruleAvoid using multiple break statement in 'for' loopsDocumentation englishMissingAddedremediationSample = for (int i = 0; i < 10; i++) \n{ \n if ( ... ) \n {\n // do some...

AIP 8.3.30 - 8.3.31

This section lists the results of a comparison between a CAST AIP 8.3.30 Assessment Model and a CAST AIP 8.3.31 Assessment Model. You can download the original compare_8330_8331.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.30 Assessment ModelChangeCAST 8.3.31 Assessment Model
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishdescription = ...e pattern (defined here: http://msdn.microsoft.com/en-us/library/b1yfkh5e(VS.71)...Updateddescription = ...e pattern that is 'Dispose(bool)' methods. You should keep it\ninside try of try/...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishreference = Resource Management in .NET\nby Krzysztof Cwalina\nProgram Manager - Microsoft .NE...Updatedreference = https://docs.microsoft.com/en-us/dotnet/standard/garbage-collection/implementing...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishMissingAddedoutput = This report lists all Dispose methods with no try/finally block or with no call ...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishMissingAddedremediation = keep dispose(bool) method in try-finally block and inside finally block make use...
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishMissingAddedsample = protected virtual void Dispose(bool disposing) \n{\n if (disposing) \n {\n ...
7526quality-ruleAvoid using hard-coded pathsDocumentation englishdescription = ...using hardcoded paths instead of using logical file pathsUpdateddescription = ...using hard-coded paths instead of using logical file paths
7526quality-ruleAvoid using hard-coded pathsDocumentation englishname = ...using hardcoded pathsUpdatedname = ...using hard-coded paths
7526quality-ruleAvoid using hard-coded pathsDocumentation englishrationale = ...ad of hardcoded paths.Updatedrationale = ...ad of hard-coded paths.
7526quality-ruleAvoid using hard-coded pathsDocumentation englishremediation = ...ad of hardcoded paths and the standard ABAP function "FILE_GET_NAME" instead.Updatedremediation = ...ad of hard-coded paths and the standard ABAP function "FILE_GET_NAME" instead.
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishdescription = ...ode after accessing an IMS database.Updateddescription = ...ode after calling the DL/I call.
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishrationale = When accessing IMS databases it is recommended to check the return code based on...Updatedrationale = When calling the DL/I call it is recommended to check the return code based on t...
8430quality-ruleAvoid using hard-coded seed or no seed at all for random values generationDocumentation englishname = ...using hardcoded seed or no seed at all for random values generationUpdatedname = ...using hard-coded seed or no seed at all for random values generation

AIP 8.3.29 - 8.3.30

This section lists the results of a comparison between a CAST AIP 8.3.29 Assessment Model and a CAST AIP 8.3.30 Assessment Model. You can download the original compare_8329_8330.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.29 Assessment ModelChangeCAST 8.3.30 Assessment Model
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishdescription = ...Functions that are not referenced except main.\n\nNotes: \n- JavaScript eventHandle...Updateddescription = ...Functions and Procedures that are not referenced except main.\n\nNotes: \n- JavaScr...
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishname = Avoid unreferenced FunctionsUpdatedname = Avoid unreferenced Functions and Procedures
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishoutput = ... Functions\nIt provides the following information:\n Function full name.Updatedoutput = ... Functions / Procedures\nIt provides the following information:\n Function / Proc...
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishremediation = ... Function is truly unnecessary.\nRemove Functions that are not used.Updatedremediation = ... Function / Procedure is truly unnecessary.\nRemove Functions / Procedures that a...
7860quality-ruleAvoid unreferenced Functions and ProceduresDocumentation englishMissingAddedreference = CISQ/OMG : ASCMM-MNT-20 (Unreachable Named Callable or Method Control Element)\nh...

AIP 8.3.28 - 8.3.29

This section lists the results of a comparison between a CAST AIP 8.3.28 Assessment Model and a CAST AIP 8.3.29 Assessment Model. You can download the original compare_8328_8329.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.28 Assessment ModelChangeCAST 8.3.29 Assessment Model
3570quality-ruleDELETED: Avoid using Keywords as namesQuality Contribution to 'Documentation - Naming Convention Conformity' (61017)critical = false, weight = 2RemovedMissing contribution
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
7832quality-ruleAvoid unreferenced ClassesTechnologies[ABAP, Visual Basic, C++, JEE]UpdatedRemoved: [JEE]
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishoutput = - Method full name - Call stack from user input source down to the target log me...Updatedoutput = List all methods that make resource calls forged by user input It provides the ...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishreference = ....org/data/definitions/117.html Open Web Application Security Project (OWASP) ht...Updatedreference = ....org/data/definitions/117.html
8098quality-ruleAvoid uncontrolled format stringDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the foll...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishremediationSample = // Never mix trusted and untrusted dataUpdatedremediationSample = // The goal is to never mix trusted and untrusted data. // There is no generic s...
8240quality-ruleAvoid using unsecured cookieDocumentation englishdescription = The 'Secure' attribute for sensitive cookies in HTTPS sessions is not set, which...Updateddescription = This rule will check in the source code if the 'Secure' attribute for sensitive ...
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishreference = ....org/data/definitions/330.html Open Web Application Security Project (OWASP) ht...Updatedreference = ....org/data/definitions/330.html
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishoutput = List all methods that miss calling the required input validation calls It provi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishoutput = List all methods that miss calling the required input validation calls It provi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8418quality-ruleAvoid NoSQL injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8420quality-ruleAvoid second order SQL injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8434quality-ruleAvoid process controlDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8438quality-ruleAvoid code injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8440quality-ruleAvoid reflection injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8442quality-ruleAvoid resource injectionDocumentation englishdescription = ...he intended sphere of control.Updateddescription = ...he intended sphere of control. Resources may be sockets or connection strings.
8442quality-ruleAvoid resource injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8442quality-ruleAvoid resource injectionDocumentation englishremediationSample = ... int result = VALUE; serverSocket = new ServerSocket(result); ...UpdatedremediationSample = Using "socket injection" (JEE) ______________________________ ... int result = V...
8442quality-ruleAvoid resource injectionDocumentation englishsample = ... String value = request.getParameter("value"); int result = Integer.parseInt(...Updatedsample = Using "socket injection" (JEE) ______________________________ ... String value =...
8444quality-ruleAvoid resource URL manipulationDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8446quality-ruleAvoid URL redirection to untrusted siteDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8482quality-ruleAvoid cross-site scripting through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8484quality-ruleAvoid HTTP response splitting through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8486quality-ruleAvoid resource injection through API requestsDocumentation englishdescription = ...he intended sphere of control.Updateddescription = ...he intended sphere of control. Resources may be sockets or connection strings.
8486quality-ruleAvoid resource injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8486quality-ruleAvoid resource injection through API requestsDocumentation englishremediationSample = ... int result = VALUE; serverSocket = new ServerSocket(result); ...UpdatedremediationSample = Using "socket injection" (JEE) ______________________________ ... int result = V...
8486quality-ruleAvoid resource injection through API requestsDocumentation englishsample = ... // value is the String given by an API request int result = Integer.parseInt...Updatedsample = Using "socket injection" (JEE) ______________________________ ... // value is th...
8488quality-ruleAvoid resource URL manipulation through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8490quality-ruleAvoid SQL injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8492quality-ruleAvoid LDAP injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8494quality-ruleAvoid OS command injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8496quality-ruleAvoid process control through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8498quality-ruleAvoid thread injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8500quality-ruleAvoid code injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8502quality-ruleAvoid reflection injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8506quality-ruleAvoid file path manipulation vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8508quality-ruleAvoid log forging vulnerabilities through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8508quality-ruleAvoid log forging vulnerabilities through API requestsDocumentation englishreference = ....org/data/definitions/117.html Open Web Application Security Project (OWASP) ht...Updatedreference = ....org/data/definitions/117.html
8510quality-ruleAvoid uncontrolled format string through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8512quality-ruleAvoid mixing trusted and untrusted data in HTTP requests through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8514quality-ruleAvoid NoSQL injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8516quality-ruleAvoid URL redirection to untrusted site through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8518quality-ruleAvoid Regular expression injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8520quality-ruleAvoid second order Regular expression injectionDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8522quality-ruleAvoid Regular expression injection through API requestsDocumentation englishoutput = ...ods that miss calling the required input validation calls It provides the follo...Updatedoutput = ...ods that make resource calls forged by user input It provides the following inf...
8524quality-ruleAvoid deserialization injectionDefinitionMissingAddedactive = true, detached = false
8524quality-ruleAvoid deserialization injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8526quality-ruleAvoid second order deserialization injectionDefinitionMissingAddedactive = true, detached = false
8526quality-ruleAvoid second order deserialization injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8528quality-ruleAvoid deserialization injection through API requestsDefinitionMissingAddedactive = true, detached = false
8528quality-ruleAvoid deserialization injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.27 - 8.3.28

No change between a CAST AIP 8.3.27 Assessment Model and a CAST AIP 8.3.28 Assessment Model.

AIP 8.3.26 - 8.3.27

This section lists the results of a comparison between a CAST AIP 8.3.26 Assessment Model and a CAST AIP 8.3.27 Assessment Model. You can download the original compare_8326_8327.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.26 Assessment ModelChangeCAST 8.3.27 Assessment Model
7792quality-ruleAvoid Classes with a High Number Of ChildrenDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of classes
7834quality-ruleAvoid undocumented InterfacesTechnologies[ABAP, C++, C#, VB.NET, .NET (Legacy Analyzer)]UpdatedAdded: [JEE]
7838quality-ruleAvoid undocumented MethodsTechnologies[ABAP, Visual Basic, PowerBuilder, C++, C#, VB.NET, .NET (Legacy Analyzer)]UpdatedAdded: [JEE]
7844quality-ruleAvoid undocumented ClassesTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, .NET (Legacy Analyzer), HTML5]UpdatedAdded: [JEE]
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishrationale = ...ser. The most dangerous web application vulnerabilty is known as cross-site scr...Updatedrationale = ...ser. The cross-site scripting (XSS) is a dangerous web application vulnerabilit...
8478quality-ruleAvoid Buffer Overruns when using ADD, SUBTRACT, MULTIPLY, DIVIDE & COMPUTE statement inside a loopDocumentation englishremediation = ...these statments inside a loop.Updatedremediation = ...these statements inside a loop.
8482quality-ruleAvoid cross-site scripting through API requestsDocumentation englishrationale = ...ser. The most dangerous web application vulnerabilty is known as cross-site scr...Updatedrationale = ...ser. The cross-site scripting (XSS) is a dangerous web application vulnerabilit...

AIP 8.3.25 - 8.3.26

This section lists the results of a comparison between a CAST AIP 8.3.25 Assessment Model and a CAST AIP 8.3.26 Assessment Model. You can download the original compare_8325_8326.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.25 Assessment ModelChangeCAST 8.3.26 Assessment Model
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsTechnologies[C#, VB.NET]UpdatedAdded: [JEE]
8516quality-ruleAvoid URL redirection to untrusted site through API requestsTechnologies[VB.NET, JEE]UpdatedAdded: [C#]
8518quality-ruleAvoid Regular expression injectionDefinitionMissingAddedactive = true, detached = false
8518quality-ruleAvoid Regular expression injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8520quality-ruleAvoid second order Regular expression injectionDefinitionMissingAddedactive = true, detached = false
8520quality-ruleAvoid second order Regular expression injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8522quality-ruleAvoid Regular expression injection through API requestsDefinitionMissingAddedactive = true, detached = false
8522quality-ruleAvoid Regular expression injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.24 - 8.3.25

This section lists the results of a comparison between a CAST AIP 8.3.24 Assessment Model and a CAST AIP 8.3.25 Assessment Model. You can download the original compare_8324_8325.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.24 Assessment ModelChangeCAST 8.3.25 Assessment Model
8468quality-ruleProgram semantic should respect the logic of flow executionDocumentation englishrationale = error-proneUpdatedrationale = The code contains a control flow path that does not reflect the algorithm that t...
8482quality-ruleAvoid cross-site scripting through API requestsDefinitionMissingAddedactive = true, detached = false
8482quality-ruleAvoid cross-site scripting through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8484quality-ruleAvoid HTTP response splitting through API requestsDefinitionMissingAddedactive = true, detached = false
8484quality-ruleAvoid HTTP response splitting through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8486quality-ruleAvoid resource injection through API requestsDefinitionMissingAddedactive = true, detached = false
8486quality-ruleAvoid resource injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8488quality-ruleAvoid resource URL manipulation through API requestsDefinitionMissingAddedactive = true, detached = false
8488quality-ruleAvoid resource URL manipulation through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8490quality-ruleAvoid SQL injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8490quality-ruleAvoid SQL injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8492quality-ruleAvoid LDAP injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8492quality-ruleAvoid LDAP injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8494quality-ruleAvoid OS command injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8494quality-ruleAvoid OS command injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8496quality-ruleAvoid process control through API requestsDefinitionMissingAddedactive = true, detached = false
8496quality-ruleAvoid process control through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8498quality-ruleAvoid thread injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8498quality-ruleAvoid thread injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8500quality-ruleAvoid code injection through API requestsDefinitionMissingAddedactive = true, detached = false
8500quality-ruleAvoid code injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8502quality-ruleAvoid reflection injection through API requestsDefinitionMissingAddedactive = true, detached = false
8502quality-ruleAvoid reflection injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8504quality-ruleAvoid XPath injection vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8506quality-ruleAvoid file path manipulation vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8506quality-ruleAvoid file path manipulation vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8508quality-ruleAvoid log forging vulnerabilities through API requestsDefinitionMissingAddedactive = true, detached = false
8508quality-ruleAvoid log forging vulnerabilities through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 8
8510quality-ruleAvoid uncontrolled format string through API requestsDefinitionMissingAddedactive = true, detached = false
8510quality-ruleAvoid uncontrolled format string through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8512quality-ruleAvoid mixing trusted and untrusted data in HTTP requests through API requestsDefinitionMissingAddedactive = true, detached = false
8512quality-ruleAvoid mixing trusted and untrusted data in HTTP requests through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8514quality-ruleAvoid NoSQL injection through API requestsDefinitionMissingAddedactive = true, detached = false
8514quality-ruleAvoid NoSQL injection through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8516quality-ruleAvoid URL redirection to untrusted site through API requestsDefinitionMissingAddedactive = true, detached = false
8516quality-ruleAvoid URL redirection to untrusted site through API requestsQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.23 - 8.3.24

This section lists the results of a comparison between a CAST AIP 8.3.23 Assessment Model and a CAST AIP 8.3.24 Assessment Model. You can download the original compare_8323_8324.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.23 Assessment ModelChangeCAST 8.3.24 Assessment Model
634quality-ruleAvoid using VARIANT StructuresDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = object
4576quality-ruleProvide accessors to Private FieldsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 559, propertyID = 141004
4576quality-ruleProvide accessors to Private FieldsDocumentation englishdescription = ...fields. Accessors are identified using the following java bean naming convent...Updateddescription = ...fields. Accessors are identified using the following java bean naming conventi...
4576quality-ruleProvide accessors to Private FieldsDocumentation englishrationale = ...cessors. The only exception is injected fields of classes which are managed by...Updatedrationale = ...cessors. The only exception is injected fields of classes which are managed by ...
4576quality-ruleProvide accessors to Private FieldsDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4576quality-ruleProvide accessors to Private FieldsOperationlocalSiteDiagnose = DIAG_SCOPE_JAVABEST014UpdatedlocalSiteDiagnose = null
4576quality-ruleProvide accessors to Private FieldsOperationlocalSiteCountTotal = DIAG_JAVA_PRIV_FIELD_TOTALUpdatedlocalSiteCountTotal = null
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishremediationSample = ...X classes update the same table public class TestUpdate { public static void...UpdatedremediationSample = ...X classes delete the same table public class TestDelete { public static void...
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishsample = ...class TestUpdate1 { public static void main(java.lang.String[] args) { ...Updatedsample = ...class TestDelete1 { public static void main(java.lang.String[] args) { ...
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022005, propertyID = 140999
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.Documentation englishdescription = Reports all Hibernate or JPA Entities that use many-to-many association.Updateddescription = This rule reports all Hibernate or JPA Entities that use many-to-many associatio...
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.Documentation englishname = Avoid many-to-many associationUpdatedname = Avoid Hibernate and JPA Entities using many-to-many association.
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.OperationlocalSiteDiagnose = DIAG_SCOPE_JEEAHML001UpdatedlocalSiteDiagnose = null
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.OperationlocalSiteCountViolations = count-distinctUpdatedlocalSiteCountViolations = count
7492quality-ruleAvoid Hibernate and JPA Entities using many-to-many association.OperationlocalSiteCountTotal = DIAG_JEE_HIBE_ASSO_TOTALUpdatedlocalSiteCountTotal = null
8240quality-ruleAvoid using unsecured cookieDocumentation englishdescription = ...he method "setSecure" ensures that the session cookie is not visible to an attac...Updateddescription = ...he method 'setSecure' ensures that the session cookie is not visible to an attac...
8438quality-ruleAvoid code injectionDocumentation englishreference = CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS C...Updatedreference = CWE-94: Improper Control of Generation of Code ('Code Injection') https://cwe.mi...
8468quality-ruleProgram semantic should respect the logic of flow executionDefinitionMissingAddedactive = true, detached = false
8468quality-ruleProgram semantic should respect the logic of flow executionQuality Contribution to 'Programming Practices - Structuredness' (61024)Missing contributionAddedcritical = true, weight = 8
8470quality-ruleAvoid using STRING without overflow checkDefinitionMissingAddedactive = true, detached = false
8470quality-ruleAvoid using STRING without overflow checkQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)Missing contributionAddedcritical = true, weight = 8
8476quality-ruleAvoid calling unsafe C library functions from COBOLDefinitionMissingAddedactive = true, detached = false
8476quality-ruleAvoid calling unsafe C library functions from COBOLQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 8
8478quality-ruleAvoid Buffer Overruns when using ADD, SUBTRACT, MULTIPLY, DIVIDE & COMPUTE statement inside a loopDefinitionMissingAddedactive = true, detached = false
8478quality-ruleAvoid Buffer Overruns when using ADD, SUBTRACT, MULTIPLY, DIVIDE & COMPUTE statement inside a loopQuality Contribution to 'Secure Coding - Time and State' (66065)Missing contributionAddedcritical = true, weight = 8
8480quality-ruleAvoid using PREPARE STMT statement (Dynamic SQL) with STRING containing HOST variablesDefinitionMissingAddedactive = true, detached = false
8480quality-ruleAvoid using PREPARE STMT statement (Dynamic SQL) with STRING containing HOST variablesQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 10

AIP 8.3.22 - 8.3.23

This section lists the results of a comparison between a CAST AIP 8.3.22 Assessment Model and a CAST AIP 8.3.23 Assessment Model. You can download the original compare_8322_8323.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.22 Assessment ModelChangeCAST 8.3.23 Assessment Model
2586quality-ruleDELETED: Utilization of "DoEvents" inside a loopActivationactive = true, detached = falseUpdateddetached = true
2586quality-ruleDELETED: Utilization of "DoEvents" inside a loopDocumentation englishname = Utilization of "DoEvents" inside a loopUpdatedname = DELETED: Utilization of "DoEvents" inside a loop
2586quality-ruleUtilization of "DoEvents" inside a loopQuality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)critical = true, weight = 8RemovedMissing contribution
8062quality-ruleAn unconditional 'throw', 'return' or 'break' shall terminate every non-empty switch-clauseDocumentation englishreference = MISRA C++Updatedreference = MISRA C++, 2008 Rule 6-4-5: An unconditional throw or break statement shall ter...
8098quality-ruleAvoid uncontrolled format stringDocumentation englishremediationSample = ...l inputs. Don't use inputs in formatters.UpdatedremediationSample = ...l inputs. Never use inputs in formatters.
8098quality-ruleAvoid uncontrolled format stringDocumentation englishsample = ...rmatter = FormatterCase(); PrintReq() {} public void execute...Updatedsample = ...rmatter = new FormatterCase(); PrintReq() {} public void exe...
8240quality-ruleAvoid using unsecured cookieDocumentation englishdescription = ...s in plaintext over an HTTP session. Using the method "setSecure" ensures that ...Updateddescription = ...s in plain text over an HTTP session. Using the method "setSecure" ensures that...

AIP 8.3.21 - 8.3.22

This section lists the results of a comparison between a CAST AIP 8.3.21 Assessment Model and a CAST AIP 8.3.22 Assessment Model. You can download the original compare_8321_8322.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.21 Assessment ModelChangeCAST 8.3.22 Assessment Model
7246quality-ruleAvoid Packages with High Efferent Coupling (CE)OperationlocalSiteCountTotal = DIAG_JAVA_ALLCLASS_INT_TOTALUpdatedlocalSiteCountTotal = DIAG_JAVA_CLASS_PACKAGES_TOTAL
7248quality-ruleAvoid Packages with High Afferent Coupling (CA)OperationlocalSiteCountTotal = DIAG_JAVA_APP_CLASS_INT_TOTALUpdatedlocalSiteCountTotal = DIAG_JAVA_CLASS_PACKAGES_TOTAL

AIP 8.3.20 - 8.3.21

This section lists the results of a comparison between a CAST AIP 8.3.20 Assessment Model and the CAST AIP 8.3.21 Assessment Model. You can download the original compare_8320_8321.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.20 Assessment ModelChangeCAST 8.3.21 Assessment Model
3570quality-ruleDELETED: Avoid using Keywords as namesActivationactive = true, detached = falseUpdatedactive = false
3570quality-ruleDELETED: Avoid using Keywords as namesDocumentation englishname = Avoid using Keywords as namesUpdatedname = DELETED: Avoid using Keywords as names
7862quality-ruleAvoid catching an exception of type Exception, RuntimeException, or ThrowableDocumentation englishreference = Exception-Handling Antipatterns by Tim McCune http://today.java.net/pub/a/today/...Updatedreference = SEI CERT Oracle Coding Standard for Java https://wiki.sei.cmu.edu/confluence/dis...

AIP 8.3.19 - 8.3.20

This section lists the results of a comparison between a CAST AIP 8.3.19 Assessment Model and the CAST AIP 8.3.20 Assessment Model. You can download the original compare_8319_8320.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.19 Assessment ModelChangeCAST 8.3.20 Assessment Model
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishremediation = Apply referential integrity through constraint::Updatedremediation = Check the statement and if so, add primary key.
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishsample = ...d_col INT PRIMARY KEY, col2 CHARACTER VARYING(20), ... )Updatedsample = ...d_col INT, col2 CHARACTER VARYING(20), ... )
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishMissingAddedreference = https://stackoverflow.com/questions/39649981/why-is-it-a-bad-idea-to-have-a-tabl...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishdescription = ...g a query that has only non-SARGable arquments expressions in where clauses or i...Updateddescription = ...g a query having 100% non-SARGable arguments expressions in where clauses or in ...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishrationale = non-SARGable WHERE clauses are performances killers : for a non-SARGable query, ...Updatedrationale = Non-SARGable WHERE clauses, having 100% Non-SARGable arguments, are performances...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishMissingAddedreference = http://dotnetvj.blogspot.com/2010/02/sargable-vs-non-sargable-queries.html

AIP 8.3.18 - 8.3.19

This section lists the results of a comparison between a CAST AIP 8.3.18 Assessment Model and the CAST AIP 8.3.19 Assessment Model. You can download the original compare_8318_8319.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.18 Assessment ModelChangeCAST 8.3.19 Assessment Model
4594quality-ruleAvoid using 'java.io.File'Documentation englishdescription = ...on Server (when web.xml or ejb-jar.xml file are present)Updateddescription = ...on Server to avoid any kind of dependencies with deployment environment of your ...
4594quality-ruleAvoid using 'java.io.File'Documentation englishrationale = ...e the application is deployed.Updatedrationale = ...e the application is deployed. Also, a program violates the Enterprise JavaBean...
4594quality-ruleAvoid using 'java.io.File'Documentation englishMissingAddedreference = https://cwe.mitre.org/data/definitions/576.html https://cwe.mitre.org/data/defi...
4594quality-ruleAvoid using 'java.io.File'Documentation englishMissingAddedsample = File f = new File(request.getParameter("fileName")) --------------- File f = n...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishoutput = This report lists all Java artifacts using 'Throwable.printStackTrace()'. It pro...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
4702quality-ruleAvoid using 'Throwable.printStackTrace()' with no argumentDocumentation englishrationale = ...up the stdout or the log file.Updatedrationale = ...up the stdout or the log file. It is recommended to use a Logger instead.
7202quality-ruleCheck usage of '==' and '!=' on objectsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022004, propertyID = 140955
7202quality-ruleCheck usage of '==' and '!=' on objectsDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7202quality-ruleCheck usage of '==' and '!=' on objectsOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM003UpdatedlocalSiteDiagnose = null
7202quality-ruleCheck usage of '==' and '!=' on objectsOperationlocalSiteCountTotal = DIAG_JAVA_NA_METH_CTOR_TOTALUpdatedlocalSiteCountTotal = null
7210quality-ruleAvoid instantiations inside loopsDocumentation englishrationale = ...iples is this: Avoid excessive object creation. This doesn't mean that you shoul...Updatedrationale = ...iples is to Avoid excessive object creation. This doesn't mean that you should g...
7210quality-ruleAvoid instantiations inside loopsDocumentation englishtotal = Total number of methods and constructorsUpdatedtotal = Number of non abstract Java Artifacts
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishdescription = This metric will detect all cases where this is - directly or not - referenced i...Updateddescription = This rule detects all cases where this is - directly or not - referenced in a co...
7442quality-ruleAvoid to use this within Constructor in multi-thread environmentDocumentation englishtotal = the total procedure counts all constructorsUpdatedtotal = Number of constructors
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishdescription = For JSE 4.x and previous version, all methods that are not synchronized and that...Updateddescription = Double checked locking is a software design pattern used to reduce locking overh...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishname = Avoid double checked lockingUpdatedname = Avoid double checked locking for JSE 4.x and previous version
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishoutput = This report lists all Methods that use double checked locking pattern. It provid...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishrationale = Double checked locking is a software design pattern used to reduce locking overh...Updatedrationale = Double-checked locking refers to the situation where a programmer checks to see ...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishreference = http://www.cs.umd.edu/~pugh/java/memoryModel/DoubleCheckedLocking.html http://ww...Updatedreference = https://cwe.mitre.org/data/definitions/609.html http://www.cs.umd.edu/~pugh/java...
7446quality-ruleAvoid double checked locking for JSE 4.x and previous versionDocumentation englishtotal = The total will be the total of methods that are synchronized or use the synchron...Updatedtotal = Number of methods that are synchronized or use the synchronized keyword
7504quality-rulePersistent classes should Implement hashCode() and equals()DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 532, propertyID = 140963
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishreference = ...tive-java-equals-and-hashcode/Updatedreference = ...tive-java-equals-and-hashcode/ https://projectlombok.org/features/EqualsAndHash...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishremediation = ...the case. If it is not the case, we recommend implementing it anyway to avoid is...Updatedremediation = ...the case. If it is not the case, we recommend implementing it anyway to avoid i...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishremediationSample = ... hashCode() { ... } }UpdatedremediationSample = ... hashCode() { ... } } // Use lombock annotation @EqualsAndHashCode; --...
7504quality-rulePersistent classes should Implement hashCode() and equals()DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7504quality-rulePersistent classes should Implement hashCode() and equals()OperationlocalSiteDiagnose = DIAG_SCOPE_JEEUB002UpdatedlocalSiteDiagnose = null
7504quality-rulePersistent classes should Implement hashCode() and equals()OperationlocalSiteCountTotal = DIAG_JEE_PERSISTCLS_TOTALUpdatedlocalSiteCountTotal = null
8216quality-ruleAvoid using incompatible mutationDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8216quality-ruleAvoid using incompatible mutationDocumentation englishdescription = Reports all incorrect numeric type conversions which may produce unexpected resu...Updateddescription = This rule reports all incorrect numeric type conversions which may produce unexp...
8216quality-ruleAvoid using incompatible mutationDocumentation englishname = CWE-681: Avoid numerical data corruption during incompatible mutationUpdatedname = Avoid using incompatible mutation
8216quality-ruleAvoid using incompatible mutationDocumentation englishoutput = Reports all incorrect numeric type conversions which may produce unexpected resu...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
8216quality-ruleAvoid using incompatible mutationDocumentation englishtotal = All artefacts that can reference an incompatible mutation which includes methods...Updatedtotal = Number of Java artifacts that can reference an incompatible mutation which inclu...
8418quality-ruleAvoid NoSQL injectionDocumentation englishreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...Updatedreference = CWE-943: Improper Neutralization of Special Elements in Data Query Logic https:/...
8464quality-ruleAvoid Open SQL SELECT queries without WHERE condition on XXL TablesDefinitionMissingAddedactive = true, detached = false
8464quality-ruleAvoid Open SQL SELECT queries without WHERE condition on XXL TablesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = true, weight = 9
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishdescription = ...A/NONE is found in source code This rule is compliant with : CWE-780 - Use of ...Updateddescription = ...A/NONE is found in source code
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishoutput = This rule reports full name of the java method using RSA encryption algorithm wi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishrationale = ...act of predictable common textUpdatedrationale = ...act of predictable common text.
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishremediationSample = ...("RSA/ECB/PKCS1Padding", "BC");UpdatedremediationSample = ...("RSA/ECB/OAEPWithMD5AndMGF1Padding", "BC");
1022002quality-ruleAvoid using RSA Cryptographic algorithms without OAEP (Optimal Asymmetric Encryption Padding)Documentation englishtotal = java methodUpdatedtotal = Number of Java methods

AIP 8.3.17 - 8.3.18

This section lists the results of a comparison between a CAST AIP 8.3.17 Assessment Model and the CAST AIP 8.3.18 Assessment Model. You can download the original compare_8317_8318.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.17 Assessment ModelChangeCAST 8.3.18 Assessment Model
7522quality-ruleDELETED: Avoid using literals in assignments (hardcoded values)Documentation englishname = Avoid using literals in assignments (hardcoded values)Updatedname = DELETED: Avoid using literals in assignments (hardcoded values)
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishdescription = The product mixes trusted and untrusted data in the same data structure or struc...Updateddescription = Using CAST data-flow engine, this quality rule detects paths from user input met...

AIP 8.3.16 - 8.3.17

This section lists the results of a comparison between a CAST AIP 8.3.16 Assessment Model and the CAST AIP 8.3.17 Assessment Model. You can download the original compare_8316_8317.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.16 Assessment ModelChangeCAST 8.3.17 Assessment Model
1606quality-ruleTriggers should not directly modify tables, a procedure or function should be used insteadTechnologies[Forms, PL/SQL]UpdatedAdded: [SQL]
3612quality-ruleAvoid missing release of SQL connection after an effective lifetime (C#, VB.NET)Documentation englishname = Close SQL connection ASAPUpdatedname = Avoid missing release of SQL connection after an effective lifetime (C#, VB.NET)
3612quality-ruleAvoid missing release of SQL connection after an effective lifetime (C#, VB.NET)Documentation englishreference = CISQ rules: ASCPEM-PRF-15, ASCRM-CWE-772.Updatedreference = https://cwe.mitre.org/data/definitions/772.html ASCPEM-PRF-15, ASCRM-CWE-772.
7786quality-ruleAvoid long Table or View namesTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7824quality-ruleAvoid directly throwing instance of Exception classDocumentation englishname = The exception Exception should never been thrown. Always Subclass Exception and ...Updatedname = Avoid directly throwing instance of Exception class
7840quality-ruleTrigger naming convention - prefix controlTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7840quality-ruleTrigger naming convention - prefix controlParameter #1: Trigger name prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [U_, D_, L_]
7852quality-ruleDatabase view naming convention - prefix controlTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7852quality-ruleDatabase view naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [V_, v_]
7854quality-ruleDatabase table naming convention - prefix controlTechnologies[SAP SQL, SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7854quality-ruleDatabase table naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [T_, t_]
7898quality-ruleSQL Function naming convention - prefix controlTechnologies[SQL Server, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7898quality-ruleSQL Function naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [F_, fn_]
7900quality-ruleStored Procedure naming convention - prefix controlTechnologies[SQL Server, Forms, PL/SQL, Microsoft T-SQL, Sybase T-SQL]UpdatedAdded: [SQL]
7900quality-ruleStored Procedure naming convention - prefix controlParameter #1: Prefixvalues(SQL) = No default valuesUpdatedvalues(SQL) = [usp_, SP_, P_]
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishname = Close the outermost stream ASAPUpdatedname = Avoid missing release of stream connection after an effective lifetime
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishremediation = ...up annotation (lombok.Cleanup)Updatedremediation = ...up annotation (lombok.Cleanup) - or use a using statement (.NET only)
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishremediationSample = with finally ~~~~~~~~~~~~ private void correctWriting() throws IOException { ...UpdatedremediationSample = ------- Java ------- with finally ~~~~~~~~~~~~ private void correctWriting()...
8108quality-ruleAvoid missing release of stream connection after an effective lifetimeDocumentation englishsample = private void incorrectWriting() throws IOException { DataOutputStream out = ...Updatedsample = ------- Java ------- private void incorrectWriting() throws IOException { D...
8110quality-ruleAvoid not using dedicated stored procedures when processing multiple data accessesDocumentation englishdescription = ...that exceed a threshold value. The threshold for the number of data queries is ...Updateddescription = ...that exceed a threshold value.
8110quality-ruleAvoid not using dedicated stored procedures when processing multiple data accessesDocumentation englishname = Use dedicated stored procedures when multiple data accesses are needed (ASCPEM-P...Updatedname = Avoid not using dedicated stored procedures when processing multiple data access...
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDocumentation englishdescription = ...xception are said to be valid. Note: This quality rule implements the rule ASC...Updateddescription = ...xception are said to be valid.
8240quality-ruleAvoid using unsecured cookieDocumentation englishname = Sensitive cookie in HTTPS session without 'Secure' attributeUpdatedname = Avoid using unsecured cookie
8240quality-ruleAvoid using unsecured cookieDocumentation englishreference = ...017_A3-Sensitive_Data_Exposure https://www.owasp.org/index.php/Top_10-2017_A2-Br...Updatedreference = ...017_A3-Sensitive_Data_Exposure
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishname = Use of insufficiently random valuesUpdatedname = Avoid using insufficient random values for cookies
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishMissingAddedremediationSample = static SecureRandom ranGen = new SecureRandom(); String GenerateReceiptURL(Stri...
8242quality-ruleAvoid using insufficient random values for cookiesDocumentation englishMissingAddedsample = static Random ranGen = new Random(); String GenerateReceiptURL(String baseUrl) ...
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishdescription = ...re key to generate a HMAC hashUpdateddescription = ...re key to generate a HMAC hash.
8434quality-ruleAvoid process controlDocumentation englishdescription = The software accesses to a library using externally-influenced input from an ups...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishdescription = The software constructs all or part of a thread parameter using externally-influ...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishrationale = ...behavior. This could allow attackers to execute unexpected, dangerous commands d...Updatedrationale = ...behavior. This could allow attackers to execute unexpected, dangerous commands ...
8438quality-ruleAvoid code injectionDocumentation englishdescription = The software constructs all or part of a dynamic evaluation using externally-inf...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8438quality-ruleAvoid code injectionDocumentation englishrationale = ...omponent. This could allow attackers to execute unexpected, dangerous commands d...Updatedrationale = ...omponent. This could allow attackers to execute unexpected, dangerous commands ...
8440quality-ruleAvoid reflection injectionDocumentation englishdescription = The application uses external input with reflection to select which classes or c...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8440quality-ruleAvoid reflection injectionDocumentation englishrationale = ...ectly on the operating system.Updatedrationale = ...ectly on the operating system. The application uses external input with reflect...
8444quality-ruleAvoid resource URL manipulationDocumentation englishdescription = The application uses external input with reflection methods manipulating resourc...Updateddescription = Using CAST data-flow engine, this metric detects paths from user input methods d...
8444quality-ruleAvoid resource URL manipulationDocumentation englishrationale = ...behavior. This may enable an attacker to access or modify otherwise protected sy...Updatedrationale = ...behavior. This may enable an attacker to access or modify otherwise protected s...
8446quality-ruleAvoid URL redirection to untrusted siteDefinitionMissingAddedactive = true, detached = false
8446quality-ruleAvoid URL redirection to untrusted siteQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
1020950quality-ruleAvoid providing password in Web Service URLDefinitionMissingAddedactive = true, detached = false
1020950quality-ruleAvoid providing password in Web Service URLQuality Contribution to 'Secure Coding - Encapsulation' (66066)Missing contributionAddedcritical = true, weight = 7
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishname = ...eries with a cartesian productUpdatedname = ...eries with a cartesian product (SQL)
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishoutput = List all Artifacts which contain a cartesian join. The following information is ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101000quality-ruleNever use SQL queries with a cartesian product (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishassociatedValueName = number of violation patternsUpdatedassociatedValueName = Number of violation occurrences
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishname = ...artesian product on XXL TablesUpdatedname = ...artesian product on XXL Tables (SQL)
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishoutput = The output lists all SQL Artifacts using at least one SQL query with a Cartesian...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101002quality-ruleNever use SQL queries with a cartesian product on XXL Tables (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code from schemas containing XXL t...Updatedtotal = Number of Artifacts with SQL code from schemas containing XXL tables or views.
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishremediationSample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are not XXS. F...UpdatedremediationSample = The remediation is to add index on TABLE1 (COL3, COL1).
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code from schemas containing table...Updatedtotal = Number of Artifacts with SQL code from schemas containing tables or views.
1101004quality-ruleAvoid non-indexed SQL queriesDocumentation englishMissingAddedsample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are not XXS. F...
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishremediationSample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are XXL. For t...UpdatedremediationSample = The remediation is to add index on TABLE1 (COL3, COL1).
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code from schemas containing XXL t...Updatedtotal = Number of Artifacts with SQL code from schemas containing XXL tables or views.
1101006quality-ruleAvoid non-indexed XXL SQL queriesDocumentation englishMissingAddedsample = TABLE1 is indexed on (COL2, COL1) and TABLE2 on COL3. Both tables are XXL. For t...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishoutput = List all Artifacts having a non-SARGable query. The following information is pro...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishremediationSample = -- Index scan (slow) WHERE UPPER(ColumnValue) = 'SUMMER' -- not sargable predica...UpdatedremediationSample = -- Index seek (fast) WHERE ColumnValue = 'Summer' -- sargable predicate ------...
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101008quality-ruleAvoid non-SARGable queriesDocumentation englishMissingAddedsample = -- Index scan (slow) WHERE UPPER(ColumnValue) = 'SUMMER' -- not sargable predica...
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishoutput = List all Artifacts having NATURAL JOINs. The following information is provided: ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishremediationSample = The following example: SELECT first_name, department_name FROM employees NA...UpdatedremediationSample = Could be rewritten as: SELECT first_name,department_name FROM employees JOI...
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101010quality-ruleAvoid NATURAL JOIN queriesDocumentation englishMissingAddedsample = SELECT first_name, department_name FROM employees NATURAL JOIN departments;
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishoutput = List all Artifacts containing column numbers in ORDER BY clauses. The following ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishremediationSample = The following example: SELECT first_name, department_name FROM employees JO...UpdatedremediationSample = SELECT first_name, department_name FROM employees JOIN departments ON (empl...
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101012quality-ruleSpecify column names instead of column numbers in ORDER BY clausesDocumentation englishMissingAddedsample = SELECT first_name, department_name FROM employees JOIN departments ON (empl...
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishname = ...onvention instead of ANSI-Standard joinsUpdatedname = ...onvention instead of ANSI-Standard joins (SQL)
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishoutput = List all Artifacts containing NON ANSI joins. The following information is provi...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishremediationSample = The following example: SELECT first_name, department_name FROM employees, depart...UpdatedremediationSample = SELECT first_name, department_name FROM employees JOIN departments ON (empl...
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101014quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joins (SQL)Documentation englishMissingAddedsample = SELECT first_name, department_name FROM employees, departments where(employees.m...
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of parameters
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Documentation englishname = ...facts with too many parametersUpdatedname = ...facts with too many parameters (SQL)
1101016quality-ruleAvoid Artifacts with too many parameters (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101018quality-ruleAvoid using the GROUP BY clauseTechnologies[SQL]UpdatedAdded: [ABAP]
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishoutput = List all Artifacts containing GROUP BY clauses. The following information is pro...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishremediationSample = The following query should be reviewed: Select T.title_id, T.def_id, T.publisher...RemovedMissing
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101018quality-ruleAvoid using the GROUP BY clauseDocumentation englishMissingAddedsample = The following query should be reviewed: Select T.title_id, T.def_id, T.publisher...
1101020quality-ruleAvoid using quoted identifiersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101020quality-ruleAvoid using quoted identifiersDocumentation englishoutput = List all Artifacts containing quoted identifiers. The following information is p...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101020quality-ruleAvoid using quoted identifiersDocumentation englishremediationSample = ...DECLARE "End" NUMBER := 1; BEGIN dbms_output.put_line('A quoted identifier E...UpdatedremediationSample = ...DECLARE L_End NUMBER := 1; BEGIN dbms_output.put_line('A quoted identifier E...
1101020quality-ruleAvoid using quoted identifiersDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101020quality-ruleAvoid using quoted identifiersDocumentation englishMissingAddedsample = The following statement should be reviewed: DECLARE "End" NUMBER := 1; BEGIN ...
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishassociatedValueName = This metric displays the list of tables without Primary key constraintsUpdatedassociatedValueName = List of tables without Primary key constraints
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishname = ...oid Tables without Primary KeyUpdatedname = ...oid Tables without Primary Key (SQL)
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishremediationSample = The following statement should be reviewed: create table SQLAMDA001_7_TBL1 (cate...UpdatedremediationSample = Add a primary key: alter table SQLAMDA001_7_TBL1 add constraint SQLAMDA001_7_TBL...
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishtotal = The total procedure counts Tables.Updatedtotal = Number of Tables.
1101022quality-ruleAvoid Tables without Primary Key (SQL)Documentation englishMissingAddedsample = The following statement should be reviewed: create table SQLAMDA001_7_TBL1 (cate...
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsTechnologies[SQL]UpdatedAdded: [ABAP]
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishassociatedValueName = This metric lists SQL Artifacts using dynamic SQL.UpdatedassociatedValueName = Number of violation occurrences
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishoutput = List all Artifacts using dynamic SQL. The following information is provided: - T...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishremediationSample = The following procedure should be reviewed: CREATE PROCEDURE SEARCH (IN V_DYNAMI...RemovedMissing
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101024quality-ruleAvoid using dynamic SQL in SQL ArtifactsDocumentation englishMissingAddedsample = The following procedure should be reviewed: CREATE PROCEDURE SEARCH (IN V_DYNAMI...
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishassociatedValueName = This metric lists SQL Artifacts without columns in insert clauses.UpdatedassociatedValueName = Number of violation occurrences
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishoutput = List all Artifacts without columns in INSERT clause. The following information i...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishremediationSample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_VALUES BEGIN...UpdatedremediationSample = Add columns in INSERT clause: CREATE PROCEDURE INSERT_VALUES BEGIN INSERT INTO...
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101026quality-ruleAlways define column names when inserting valuesDocumentation englishMissingAddedsample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_VALUES BEGIN...
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishassociatedValueName = This metric lists SQL Artifacts with NOT EXISTS or NOT IN subqueries.UpdatedassociatedValueName = Number of violation occurrences
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishoutput = List all Artifacts with NO EXISTS and NOT IN subqueries. The following informati...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishremediationSample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_BOOK_TITLE B...UpdatedremediationSample = Replace NOT EXISTS suquerie with MINUS operator: CREATE PROCEDURE INSERT_BOOK_TI...
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101028quality-ruleUse MINUS or EXCEPT operator instead of NOT EXISTS and NOT IN subqueriesDocumentation englishMissingAddedsample = The following procedure should be reviewed: CREATE PROCEDURE INSERT_BOOK_TITLE B...
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsTechnologies[SQL]UpdatedAdded: [ABAP]
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of joined Tables and/or Views
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDocumentation englishname = ...Tables and or ViewsUpdatedname = ...Tables and/or Views
1101030quality-ruleAvoid Artifacts with queries on too many Tables and/or ViewsDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishname = ...not exists independent clausesUpdatedname = ...not exists independent clauses (SQL)
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishoutput = List all Artifacts which contain independent "exists" and "not exists" clause. ...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101032quality-ruleAvoid exists and not exists independent clauses (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDocumentation englishoutput = List all Artifacts which contain "DISTINCT", "DISTINCTROW", "UNIQUE" modifiers i...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101034quality-ruleDISTINCT should not be used in SQL SELECT statementsDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesTechnologies[Visual Basic, PowerBuilder, Cobol, C++, C, C#, VB.NET, ASP.NET, JEE]UpdatedRemoved: [ASP.NET]
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDocumentation englishoutput = List all Artifacts which contain !=, !> and !< operators in SQL WHERE clauses.Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101036quality-ruleUse ANSI standard operators in SQL WHERE clausesDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishoutput = List all Artifacts which contain OR conditions testing equality on the same iden...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101038quality-ruleReplace OR conditions testing equality on the same identifier in SQL WHERE clauses by an IN test conditionDocumentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishassociatedValueName = This metric lists SQL Artifacts with empty catch blocks.UpdatedassociatedValueName = Number of violation occurrences
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishname = Avoid empty catch blocksUpdatedname = Avoid empty catch blocks (SQL)
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishoutput = This report lists all SQL Artifacts with empty catch blocks. The following infor...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
1101040quality-ruleAvoid empty catch blocks (SQL)Documentation englishtotal = The total procedure counts Artifacts with SQL code.Updatedtotal = Number of Artifacts with SQL code.
1101042quality-ruleTable naming convention - character set control (SQL)DefinitionMissingAddedactive = true, detached = false
1101042quality-ruleTable naming convention - character set control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 1
1101044quality-ruleView naming convention - character set control (SQL)DefinitionMissingAddedactive = true, detached = false
1101044quality-ruleView naming convention - character set control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 1
1101046quality-rulePackage naming convention - prefix control (SQL)DefinitionMissingAddedactive = false, detached = false
1101046quality-rulePackage naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 5
1101048quality-rulePackage Function naming convention - prefix control (SQL)DefinitionMissingAddedactive = false, detached = false
1101048quality-rulePackage Function naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 5
1101050quality-rulePackage Stored Procedure naming convention - prefix control (SQL)DefinitionMissingAddedactive = false, detached = false
1101050quality-rulePackage Stored Procedure naming convention - prefix control (SQL)Quality Contribution to 'Documentation - Naming Convention Conformity' (61017)Missing contributionAddedcritical = false, weight = 5
1101052quality-ruleUse WHEN OTHERS in exception management (SQL)DefinitionMissingAddedactive = true, detached = false
1101052quality-ruleUse WHEN OTHERS in exception management (SQL)Quality Contribution to 'Programming Practices - Error and Exception Handling' (61014)Missing contributionAddedcritical = true, weight = 8
1101054quality-ruleNever use WHEN OTHER THEN NULLDefinitionMissingAddedactive = true, detached = false
1101054quality-ruleNever use WHEN OTHER THEN NULLQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)Missing contributionAddedcritical = true, weight = 8
1101056quality-ruleAvoid large Tables - too many columns (SQL)DefinitionMissingAddedactive = true, detached = false
1101056quality-ruleAvoid large Tables - too many columns (SQL)Quality Contribution to 'Volume - Number of Components' (61022)Missing contributionAddedcritical = false, weight = 6
1101058quality-ruleDo not mix ANSI and non-ANSI JOIN syntax in the same queryDefinitionMissingAddedactive = true, detached = false
1101058quality-ruleDo not mix ANSI and non-ANSI JOIN syntax in the same queryQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101060quality-ruleLIKE operator should not start with a wildcard characterDefinitionMissingAddedactive = true, detached = false
1101060quality-ruleLIKE operator should not start with a wildcard characterQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101062quality-ruleUse at most one statement per line (SQL)DefinitionMissingAddedactive = true, detached = false
1101062quality-ruleUse at most one statement per line (SQL)Quality Contribution to 'Documentation - Style Conformity' (61006)Missing contributionAddedcritical = false, weight = 1
1101064quality-ruleAvoid cascading Triggers (SQL)DefinitionMissingAddedactive = true, detached = false
1101064quality-ruleAvoid cascading Triggers (SQL)Quality Contribution to 'Complexity - Algorithmic and Control Structure Complexity' (61009)Missing contributionAddedcritical = false, weight = 4
1101066quality-ruleAvoid improperly written triangular joins with XXL tablesDefinitionMissingAddedactive = true, detached = false
1101066quality-ruleAvoid improperly written triangular joins with XXL tablesQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101068quality-ruleAvoid synonym with both private and public definitionDefinitionMissingAddedactive = true, detached = false
1101068quality-ruleAvoid synonym with both private and public definitionQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 1
1101070quality-ruleAvoid explicit comparison with NULLDefinitionMissingAddedactive = true, detached = false
1101070quality-ruleAvoid explicit comparison with NULLQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 4
1101072quality-ruleTables should be aliasedDefinitionMissingAddedactive = true, detached = false
1101072quality-ruleTables should be aliasedQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 4
1101074quality-ruleTables aliases should not end with a numeric suffixDefinitionMissingAddedactive = true, detached = false
1101074quality-ruleTables aliases should not end with a numeric suffixQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 4
1101076quality-ruleColumn references should be qualifiedDefinitionMissingAddedactive = true, detached = false
1101076quality-ruleColumn references should be qualifiedQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 4
1101078quality-rulePrefer PRIVATE to PUBLIC synonymDefinitionMissingAddedactive = true, detached = false
1101078quality-rulePrefer PRIVATE to PUBLIC synonymQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 1
1101080quality-ruleAvoid orphaned synonymsDefinitionMissingAddedactive = true, detached = false
1101080quality-ruleAvoid orphaned synonymsQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 1
1101082quality-ruleAvoid looping chain of synonymsDefinitionMissingAddedactive = true, detached = false
1101082quality-ruleAvoid looping chain of synonymsQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 1
1101084quality-ruleAvoid Cursors inside a loop (SQL)DefinitionMissingAddedactive = true, detached = false
1101084quality-ruleAvoid Cursors inside a loop (SQL)Quality Contribution to 'Efficiency - Expensive Calls in Loops' (66068)Missing contributionAddedcritical = true, weight = 7
1101086quality-ruleVARCHAR2 and NVARCHAR2 should be usedDefinitionMissingAddedactive = true, detached = false
1101086quality-ruleVARCHAR2 and NVARCHAR2 should be usedQuality Contribution to 'Efficiency - Memory, Network and Disk Space Management' (61018)Missing contributionAddedcritical = false, weight = 2
1101088quality-ruleLONG and LONG RAW datatypes should no longer be usedDefinitionMissingAddedactive = true, detached = false
1101088quality-ruleLONG and LONG RAW datatypes should no longer be usedQuality Contribution to 'Efficiency - SQL and Data Handling Performance' (61019)Missing contributionAddedcritical = false, weight = 8

AIP 8.3.15 - 8.3.16

This section lists the results of a comparison between a CAST AIP 8.3.15 Assessment Model and the CAST AIP 8.3.16 Assessment Model. You can download the original compare_8315_8316.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.15 Assessment ModelChangeCAST 8.3.16 Assessment Model
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishdescription = ... programs using the SEARCH statement without the ALL addition, with only one WHE...Updateddescription = ... programs containing SEARCH ALL statements not using the sort key of the table.
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishname = Avoid using SEARCH without the ALL additionUpdatedname = Using SEARCH ALL only with sorted data
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishoutput = This report lists all Cobol Programs that use SEARCH statements without the ALL ...Updatedoutput = Associated to each COBOL Program with violations, the Quality Rule provides: - T...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishrationale = A binary search is a very efficient search when you are dealing with a large tab...Updatedrationale = To use the SEARCH ALL statement to search a table, the table must specify the AS...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishreference = Sort the table data either in Ascending or Descending order and use a SEARCH AL...Updatedreference = https://www.ibm.com/support/knowledgecenter/SS6SGM_4.1.1/com.ibm.cobol.aix.doc/P...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishremediationSample = B-200-LOOP. ... ... processing not related to search ... ... SEA...UpdatedremediationSample = DATA DIVISION. WORKING-STORAGE SECTION. 01 VARIABLE OCCURS 83 ASCENDING KEY I...
5056quality-ruleUsing SEARCH ALL only with sorted dataDocumentation englishsample = B-200-LOOP. ... ... processing not related to search ... ... SET...Updatedsample = Case 1: Use incorrect key DATA DIVISION. WORKING-STORAGE SECTION. 01 VARIABLE ...
7522quality-ruleAvoid using literals in assignments (hardcoded values)Activationactive = true, detached = falseUpdateddetached = true
7522quality-ruleAvoid using literals in assignments (hardcoded values)Quality Contribution to 'Architecture - OS and Platform Independence' (61004)critical = false, weight = 7RemovedMissing contribution
7524quality-ruleAvoid using BREAK or BREAK-POINT statementDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 3, propertyID = 140969
7524quality-ruleAvoid using BREAK or BREAK-POINT statementOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPPPUB002UpdatedlocalSiteDiagnose = null
7524quality-ruleAvoid using BREAK or BREAK-POINT statementOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIFAC_TOTALUpdatedlocalSiteCountTotal = null
7528quality-ruleNever use the ON CHANGE OF statementDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 3, propertyID = 140970
7528quality-ruleNever use the ON CHANGE OF statementOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPPPUB001UpdatedlocalSiteDiagnose = null
7528quality-ruleNever use the ON CHANGE OF statementOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIFAC_TOTALUpdatedlocalSiteCountTotal = null
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140973
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPSQLCPLEX006UpdatedlocalSiteDiagnose = null
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIF_T_TOTALUpdatedlocalSiteCountTotal = null
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140974
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPEECL001UpdatedlocalSiteDiagnose = null
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsOperationlocalSiteCountTotal = DIAG_ABAP_SQLARTIFACTS_TOTALUpdatedlocalSiteCountTotal = null
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 8, propertyID = 140975
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPPPUB003UpdatedlocalSiteDiagnose = null
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsOperationlocalSiteCountTotal = DIAG_ABAP_ATLOOP_TOTALUpdatedlocalSiteCountTotal = null
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140978
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESDP002UpdatedlocalSiteDiagnose = null
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFOperationlocalSiteCountTotal = DIAG_ABAP_OSQLARTIFACTS_TOTALUpdatedlocalSiteCountTotal = null
7544quality-ruleAvoid using SELECT ... ENDSELECT statementDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140979
7544quality-ruleAvoid using SELECT ... ENDSELECT statementOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESDP004UpdatedlocalSiteDiagnose = null
7544quality-ruleAvoid using SELECT ... ENDSELECT statementOperationlocalSiteCountTotal = DIAG_ABAP_OSQLARTIFACTS_TOTALUpdatedlocalSiteCountTotal = null
7592quality-ruleAvoid using "ORDER BY" in SELECTSDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140980
7592quality-ruleAvoid using "ORDER BY" in SELECTSOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESQL007UpdatedlocalSiteDiagnose = null
7592quality-ruleAvoid using "ORDER BY" in SELECTSOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIF_T_TOTALUpdatedlocalSiteCountTotal = null
7594quality-ruleAvoid using "SELECT DISTINCT", use DELETE-ADJACENTDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 2, propertyID = 140981
7594quality-ruleAvoid using "SELECT DISTINCT", use DELETE-ADJACENTOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPESQL008UpdatedlocalSiteDiagnose = null
7594quality-ruleAvoid using "SELECT DISTINCT", use DELETE-ADJACENTOperationlocalSiteCountTotal = DIAG_ABAP_ANA_ARTIF_T_TOTALUpdatedlocalSiteCountTotal = null
7672quality-ruleAvoid using EXIT statement in IncludeDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 9, propertyID = 140983
7672quality-ruleAvoid using EXIT statement in IncludeOperationlocalSiteDiagnose = DIAG_SCOPE_ABAPCACC001UpdatedlocalSiteDiagnose = null
7672quality-ruleAvoid using EXIT statement in IncludeOperationlocalSiteCountTotal = DIAG_ABAP_ANA_INCLUDE_TOTALUpdatedlocalSiteCountTotal = null
7740quality-ruleAvoid HTTP response splittingDocumentation englishdescription = Using CAST data-flow engine, this metric detects paths from user input methods t...Updateddescription = The application uses HTTP headers, but it does not correctly neutralizes CR and ...
7740quality-ruleAvoid HTTP response splittingDocumentation englishname = Avoid cross-site scripting vulnerabilitiesUpdatedname = Avoid HTTP response splitting
7740quality-ruleAvoid HTTP response splittingDocumentation englishrationale = The most dangerous web application vulnerability is known as cross-site scriptin...Updatedrationale = CR and LF characters in an HTTP header may give attackers control of the remaini...
7740quality-ruleAvoid HTTP response splittingDocumentation englishreference = CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...Updatedreference = CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Respon...
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediation = ...thorized sanitization methods.Updatedremediation = ...thorized sanitization methods. To avoid the creation of XSS flaws, the Open Web...
7740quality-ruleAvoid HTTP response splittingDocumentation englishremediationSample = Sample 1 <% String eid = request.getParameter("eid"); %> ... //include validatio...UpdatedremediationSample = Sample 1 // include validation code for rawInputData --> cleanData response.add...
7740quality-ruleAvoid HTTP response splittingDocumentation englishsample = Sample 1 <% String eid = request.getParameter("eid"); %> ... Employee ID: <%= ei...Updatedsample = Sample 1 response.addHeader(HEADER_NAME, rawInputData); Sample 2 String header ...
7740quality-ruleAvoid HTTP response splittingDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-89.Updatedreference = ...php/Top_10-2017_A1-Injection CISQ rule: ASCSM-CWE-89.
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007Updatedreference = ...php/Top_10-2017_A1-Injection
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishreference = ...2007 CISQ: ASCSM-CWE-078Updatedreference = ...2007 CISQ rule: ASCSM-CWE-078.
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007Updatedreference = ...php/Top_10-2017_A1-Injection
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = XPath xPath = XPathFactory.newInstance().newXPath(); InputSource inputXml = new ...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishMissingAddedsample = XPath xPath = XPathFactory.newInstance().newXPath(); InputSource inputXml = new ...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishreference = CWE-73: External Control of File Name or Path https://cwe.mitre.org/data/definit...Updatedreference = CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Trave...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
7832quality-ruleAvoid unreferenced ClassesTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedRemoved: [C#, VB.NET, .NET (Legacy Analyzer)]
7882quality-ruleAvoid using Native SQLDiagnosisscopeID = 3, propertyID = 137357UpdatedpropertyID = 140984
7908quality-ruleAvoid unreferenced MethodsTechnologies[ABAP, Visual Basic, C++, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedRemoved: [C#, VB.NET, .NET (Legacy Analyzer)]
7912quality-ruleAvoid unreferenced Data MembersTechnologies[ABAP, C++, C, C#, VB.NET, JEE, .NET (Legacy Analyzer)]UpdatedRemoved: [C#, VB.NET, .NET (Legacy Analyzer)]
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishreference = ....org/data/definitions/117.htmlUpdatedreference = ....org/data/definitions/117.html Open Web Application Security Project (OWASP) ht...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8098quality-ruleAvoid uncontrolled format stringDocumentation englishreference = ...134.html ASCSM 1.0, Automated Source Code Security Measure, Object Management G...Updatedreference = ...134.html Open Web Application Security Project (OWASP) https://www.owasp.org/in...
8098quality-ruleAvoid uncontrolled format stringDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8222quality-ruleAvoid hard-coded credentialsDocumentation englishreference = ....org/data/definitions/259.htmlUpdatedreference = ....org/data/definitions/259.html Open Web Application Security Project (OWASP) ht...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishtotal = Number of methods containing credential parameter(s)Updatedtotal = Number of potentially vulnerable methods
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishreference = ....org/data/definitions/501.htmlUpdatedreference = ....org/data/definitions/501.html Open Web Application Security Project (OWASP) ht...
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishreference = ...614.html https://www.owasp.org/index.php/Top_10_2013-A6-Sensitive_Data_Exposure...Updatedreference = ...614.html Open Web Application Security Project (OWASP) https://www.owasp.org/in...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = ...ber of methods adding a cookie without setting the 'secured' attributeUpdatedtotal = ...ber of methods adding a cookie
8242quality-ruleUse of insufficiently random valuesDocumentation englishreference = ....org/data/definitions/330.htmlUpdatedreference = ....org/data/definitions/330.html Open Web Application Security Project (OWASP) ht...
8242quality-ruleUse of insufficiently random valuesDocumentation englishtotal = Number of methods calling methods producing insufficiently random numbersUpdatedtotal = Number of potentially vulnerable methods
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-79. 2011 Top 25 - Insecure Interaction Bet...Updatedreference = ...php/Top_10-2017_A7-Cross-Site_Scripting_(XSS) CISQ rule: ASCSM-CWE-79.
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-79. 2011 Top 25 - Insecure Interaction Bet...Updatedreference = ...php/Top_10-2017_A7-Cross-Site_Scripting_(XSS) CISQ rule: ASCSM-CWE-79.
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishtotal = Number of methods calling a "read database" methodUpdatedtotal = Number of potentially vulnerable methods
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)Missing contributionAddedcritical = true, weight = 7
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockQuality Contribution to 'Programming Practices - Modularity and OO Encapsulation Conformity' (61020)critical = true, weight = 7RemovedMissing contribution
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishname = Avoid use of a broken or risky cryptographic algorithmUpdatedname = Avoid weak cryptographic algorithm
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishreference = ...327.html A3-OWASPUpdatedreference = ...327.html Open Web Application Security Project (OWASP) https://www.owasp.org/i...
8414quality-ruleAvoid weak cryptographic algorithmDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishreference = ...328.html A3-OWASPUpdatedreference = ...328.html Open Web Application Security Project (OWASP) https://www.owasp.org/i...
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8418quality-ruleAvoid NoSQL injectionTechnologies[C#, VB.NET]UpdatedAdded: [JEE]
8418quality-ruleAvoid NoSQL injectionDocumentation englishname = Avoid NoSQL injection on MongoDB (C#)Updatedname = Avoid NoSQL injection
8418quality-ruleAvoid NoSQL injectionDocumentation englishreference = ...e.org/data/definitions/89.htmlUpdatedreference = ...e.org/data/definitions/89.html Open Web Application Security Project (OWASP) h...
8418quality-ruleAvoid NoSQL injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8420quality-ruleAvoid second order SQL injectionDocumentation englishreference = ...php/Top_10_2007 CISQ rule: ASCSM-CWE-89.Updatedreference = ...php/Top_10-2017_A1-Injection CISQ rule: ASCSM-CWE-89.
8420quality-ruleAvoid second order SQL injectionDocumentation englishtotal = Number of methods calling a "read database" methodUpdatedtotal = Number of potentially vulnerable methods
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishreference = .../321.html A3-OWASP 2017 https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive...Updatedreference = .../321.html Open Web Application Security Project (OWASP) https://www.owasp.org/...
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishtotal = Number of methods containing HMAC key(s)Updatedtotal = Number of potentially vulnerable methods
8434quality-ruleAvoid process controlDocumentation englishreference = ...php/Top_10_2007 CISQ: ASCSM-CWE-078Updatedreference = ...php/Top_10-2017_A1-Injection CISQ: ASCSM-CWE-078
8434quality-ruleAvoid process controlDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishreference = ...php/Top_10_2007 CISQ: ASCSM-CWE-078Updatedreference = ...php/Top_10-2017_A1-Injection CISQ: ASCSM-CWE-078
8436quality-ruleAvoid thread injection vulnerabilitiesDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8438quality-ruleAvoid code injectionDocumentation englishreference = ...php/Top_10_2007 CISQ: ASCSM-CWE-078Updatedreference = ...php/Top_10-2017_A1-Injection CISQ: ASCSM-CWE-078
8438quality-ruleAvoid code injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8440quality-ruleAvoid reflection injectionDocumentation englishreference = ...index.php/Top_10_2007 CISQ: ASCSM-CWE-470Updatedreference = ...index.php/Unsafe_use_of_Reflection https://www.owasp.org/index.php/Top_10-2017_A...
8440quality-ruleAvoid reflection injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8442quality-ruleAvoid resource injectionDocumentation englishreference = .../Top_10_2007 CISQ rule: ASCSM-CWE-99.Updatedreference = .../Top_10_2013-A4-Insecure_Direct_Object_References CISQ rule: ASCSM-CWE-99.
8442quality-ruleAvoid resource injectionDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods
8444quality-ruleAvoid resource URL manipulationDocumentation englishreference = .../Top_10_2007 CISQ rule: ASCSM-CWE-99.Updatedreference = .../Top_10_2013-A4-Insecure_Direct_Object_References CISQ rule: ASCSM-CWE-99.
8444quality-ruleAvoid resource URL manipulationDocumentation englishtotal = Number of methods calling user input methodsUpdatedtotal = Number of potentially vulnerable methods

AIP 8.3.14 - 8.3.15

This section lists the results of a comparison between a CAST AIP 8.3.14 Assessment Model and the CAST AIP 8.3.15 Assessment Model. You can download the original compare_8314_8315.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.14 Assessment ModelChangeCAST 8.3.15 Assessment Model
1058quality-ruleAvoid large Files - too many Lines of CodeParameter #1name = Maximum line count, type = integer, description = Maximum line countUpdatedname = Maximum Line Count
1060quality-ruleAvoid large Macros - too many Lines of CodeParameter #1name = Maximum line count, type = integer, description = Maximum line countUpdatedname = Maximum Line Count
2254quality-ruleAvoid large Page files (JEE)Parameter #1name = Maximum Line Count, type = integer, description = Maximum Line CountUpdatedname = Maximum line count
2258quality-ruleAll image files should be in a specific directoryParameter #2name = image_extensions, type = text-list, description = the list of authorized extension for imagesUpdatedname = Extensions for image files
2266quality-ruleAvoid non standard file extensions (JEE)Parameter #1name = Extensions, type = text-list, description = Standard file extensionsUpdatedname = Standard file extensions
3062quality-ruleUse of error handling pageParameter #1name = Error handling page, type = text-list, description = Error handling page namesUpdatedname = Error handling page names
3070quality-ruleAvoid non standard file extensions (ASP)Parameter #1name = Extensions for files, type = text-list, description = Extensions for filesUpdatedname = Standard file extensions
4602quality-ruleAvoid using Fields (non static final) from other ClassesDocumentation englishMissingAddedtotal = Number of non abstract Java artifacts
4610quality-ruleAvoid using anonymous ClassesParameter #1name = exclude_interfaces, type = text-list, description = Lits of Interfaces to excludeUpdatedname = Interfaces to exclude, description = List of Interfaces to exclude
4612quality-ruleAvoid using native Methods (JNI)Parameter #1name = Ignore Libraries, type = text-list, description = Native methods contained in the libraries will be ignoredUpdatedname = Libraries to exclude
6106quality-ruleUser event naming convention - declare onlyParameter #1name = Prefix, type = text, description = User event ue naming conventionUpdateddescription = User event naming convention
6128quality-ruleAvoid window with too high level of inheritanceParameter #1name = MaxLevel, type = integer, description = LevelUpdatedname = Maximum number of levels
6130quality-ruleAvoid userobject with too high level of inheritanceParameter #1name = MaxLevel, type = integer, description = Max inherit level for userobjectUpdatedname = Maximum number of levels
6134quality-ruleAvoid menu with too high level of inheritanceParameter #1name = MAXLEVEL, type = integer, description = MAX INHERIT LEVEL FOR MENUUpdatedname = Maximum number of levels
6142quality-ruleAvoid Windows with too many MethodsParameter #1name = MaxMethod, type = integer, description = Max number of methodsUpdatedname = Maximum number of methods
6144quality-ruleAvoid Userobject with too many MethodsParameter #1name = MaxMethod, type = integer, description = Max number of methodsUpdatedname = Maximum number of methods
7050quality-ruleFunction naming conventionParameter #1name = prefix_1, type = text-list, description = Function naming conventionUpdatedname = Prefix #1
7050quality-ruleFunction naming conventionParameter #2name = prefix_2, type = text-list, description = Function naming conventionUpdatedname = Prefix #2
7050quality-ruleFunction naming conventionParameter #3name = prefix_3, type = text-list, description = Function naming conventionUpdatedname = Prefix #3
7050quality-ruleFunction naming conventionParameter #4name = prefix_4, type = text-list, description = Function naming conventionUpdatedname = Prefix #4
7050quality-ruleFunction naming conventionParameter #5name = prefix_5, type = text-list, description = Function naming conventionUpdatedname = Prefix #5
7050quality-ruleFunction naming conventionParameter #6name = prefix_6, type = text-list, description = Function naming conventionUpdatedname = Prefix #6
7072quality-ruleProgram naming conventionParameter #1name = prefix, type = text-list, description = naming conventionUpdatedname = Prefixes
7074quality-ruleInclude naming conventionParameter #1name = prefix, type = text-list, description = naming conventionUpdatedname = Prefixes
7132quality-ruleAction Mappings should have few forwardsParameter #1name = Max number of forward, type = integer, description = Number of forwardUpdatedname = Maximum number of forwards
7156quality-ruleAvoid Too Many Copy Pasted ArtifactsParameter #1name = SIMILARITY, type = integer, description = This is a percentage.Updatedname = Minimum % of Similarity
7200quality-ruleAvoid String concatenation in loops (JEE)DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022002, propertyID = 140948
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishdescription = ...eported. Note that the JVM is optimizing code such as System.out.println("x:"+x...Updateddescription = ...eported. Note that the JVM is optimizing code such as System.out.println("x...
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishoutput = ...in loops. It provides the following information: Method full nameUpdatedoutput = ...in loops. It provides the following information: Method full name
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishremediationSample = ..."hello"); for (int i = 0; i < 1500; i++) { result.append("hello"); // FIXED ...UpdatedremediationSample = ..."hello"); for (int i = 0; i < 1500; i++) { result.append("hello"); // FI...
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishsample = ... "hello"; for (int i = 0; i < 1500; i++) { result += "hello"; // VIOLATION }Updatedsample = ... "hello"; for (int i = 0; i < 1500; i++) { result += "hello"; // VIOLATI...
7200quality-ruleAvoid String concatenation in loops (JEE)DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7200quality-ruleAvoid String concatenation in loops (JEE)OperationlocalSiteDiagnose = DIAG_SCOPE_JAVAEMEM002UpdatedlocalSiteDiagnose = null
7200quality-ruleAvoid String concatenation in loops (JEE)OperationlocalSiteCountTotal = DIAG_JAVA_NA_ARTIFACT_TOTALUpdatedlocalSiteCountTotal = null
7240quality-ruleAction Classes should only call Business ClassesParameter #1name = name_package, type = text, description = Business package listUpdatedname = Business package names
7244quality-ruleAvoid direct usage of EJB Entity from the clientParameter #1name = name_package, type = text, description = list of packageUpdatedname = Package names
7246quality-ruleAvoid Packages with High Efferent Coupling (CE)Parameter #1name = CE, type = integer, description = Value maxUpdatedname = Efferent Coupling maximum value
7248quality-ruleAvoid Packages with High Afferent Coupling (CA)Parameter #1name = CA, type = integer, description = Value maxUpdatedname = Afferent Coupling maximum value
7260quality-ruleUser Interface elements must not use directly the databaseParameter #1name = namespace, type = text-list, description = List of namespaceUpdatedname = Namespaces
7262quality-ruleAvoid Namespaces with High Efferent Coupling (CE)Parameter #1name = CE, type = integer, description = CE value maxUpdatedname = Efferent Coupling maximum value
7264quality-ruleAvoid namespaces with High Afferent Coupling (CA)Parameter #1name = CA, type = integer, description = CA max valueUpdatedname = Afferent Coupling maximum value
7300quality-ruleAvoid large Paragraphs - too many Lines of CodeParameter #1name = nb_loc, type = integer, description = Threshold number of LoCUpdatedname = Maximum line count
7384quality-ruleDELETED: Large Programs should be called dynamicallyParameter #1name = LOB, type = integer, description = Nb of code lines of the subprogramUpdatedname = Maximum number of Lines of Code of a subprogram
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableParameter #1name = Maximum_Artifacts_Insert, type = integer, description = Retreives all tables having more than _Maximum_ number of Artifacts insertingUpdateddescription = Retrieves all tables having more than _Maximum_ number of Artifacts inserting
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableParameter #1name = Maximum_Artifacts_Delete, type = integer, description = Retreives all tables having more than _Maximum_ number of Artifacts deletingUpdateddescription = Retrieves all tables having more than _Maximum_ number of Artifacts deleting
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableParameter #1name = Maximum_Artifacts_Update, type = integer, description = Retreives all tables having more than _Maximum_ number of Artifacts updatingUpdateddescription = Retrieves all tables having more than _Maximum_ number of Artifacts updating
7396quality-ruleDELETED: Subprograms called multiple times should be called staticallyParameter #1name = NbDynSubPgmCall, type = integer, description = Number of dynamic calls to the same subprogramUpdatedname = Maximum number of dynamic calls to the same subprogram
7486quality-ruleSplit universes of more than X MBParameter #1name = maxi_size, type = integer, description = Maximum size of universe in MBUpdatedname = Maximum size of universe in MB
7514quality-ruleAvoid empty IncludesParameter #1name = exception, type = text-list, description = Exception of includeUpdatedname = Includes to ignore
7530quality-ruleAvoid "SELECT *" or "SELECT SINGLE *" queriesParameter #1name = table_excep, type = text-list, description = List of tables to excludeUpdatedname = Tables to exclude
7642quality-ruleAvoid SQL queries on XXL tables not using the first column of a composite index in the WHERE clauseParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022003, propertyID = 140954
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7652quality-ruleAvoid throwing an exception in a catch block without chaining itOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPPEE002UpdatedlocalSiteDiagnose = null
7652quality-ruleAvoid throwing an exception in a catch block without chaining itOperationlocalSiteCountTotal = DIAG_JAVA_CTORCATCH_TOTALUpdatedlocalSiteCountTotal = null
7658quality-ruleAvoid SQL queries on XXL Tables using Functions on indexed Columns in the WHERE clauseParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7660quality-ruleNever use SQL queries with a cartesian product on XXL TablesParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7662quality-ruleAvoid SQL queries on XXL Tables with implicit conversions in the WHERE clauseParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7664quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness check on XXL TablesParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7666quality-ruleAvoid using SELECT ... ENDSELECT statement on XXL TablesParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7676quality-ruleAvoid too many packages referencing MainframeParameter #1name = maxpck, type = integer, description = Maximum number of packages referencing MainframeUpdatedname = Maximum number of packages referencing Mainframe
7678quality-ruleAvoid using specific logging implementationParameter #1name = logpck, type = text-list, description = logging implemention packageUpdatedname = Logging implemention packages
7682quality-ruleAvoid domain model depending on other Java APIParameter #1name = exclude_packages, type = text-list, description = all packages to avoidUpdatedname = Packages to exclude
7702quality-ruleUse a third party connection poolParameter #1name = pool_properties, type = text-list, description = list of other specific third party connection pool properties to check if definedUpdatedname = Specific third party connection pool properties to check
7706quality-ruleAvoid table and column names that are too long (portability)DiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 1022001, propertyID = 140927
7706quality-ruleAvoid table and column names that are too long (portability)Parameter #1name = table_name_max_length, type = integer, description = maximum length authorized for the table nameUpdatedname = Maximum length for the table names
7706quality-ruleAvoid table and column names that are too long (portability)Parameter #2name = column_name_max_length, type = integer, description = maximum length authorized for column nameUpdatedname = Maximum length for the column names
7706quality-ruleAvoid table and column names that are too long (portability)DiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7706quality-ruleAvoid table and column names that are too long (portability)OperationlocalSiteDiagnose = DIAG_SCOPE_JEEAOPI002UpdatedlocalSiteDiagnose = null
7706quality-ruleAvoid table and column names that are too long (portability)OperationlocalSiteCountTotal = DIAG_JEE_ENTPRPS_TOTALUpdatedlocalSiteCountTotal = null
7720quality-ruleAvoid too many EJB beanParameter #1name = max_nb_ejb, type = integer, description = Maximum number of EJB authorizedUpdatedname = Maximum number of EJB
7730quality-ruleUse declarative transactionDocumentation englishremediationSample = ... try { \t userDAO.update(user); } catch (Exception up) { contex...UpdatedremediationSample = ... try { userDAO.update(user); } catch (Exception up) { con...
7730quality-ruleUse declarative transactionDocumentation englishsample = ...violation \t ....... transaction.commit(); // committing: violation ...Updatedsample = ...violation ....... transaction.commit(); // committing: violation ...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishreference = ...ing') http://cwe.mitre.org/data/definitions/79.html Open Web Application Securi...Updatedreference = ...ing') https://cwe.mitre.org/data/definitions/79.html Open Web Application Secur...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishreference = CWE-89 : Failure to Preserve SQL Query Structure (aka 'SQL injection') http://cw...Updatedreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishreference = CWE-90 : Improper Neutralization of Special Elements used in an LDAP Query ('LDA...Updatedreference = CWE-90: Improper Neutralization of Special Elements used in an LDAP Query ('LDAP...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishreference = ...ion') http://cwe.mitre.org/data/definitions/78.html Open Web Application Securi...Updatedreference = ...ion') https://cwe.mitre.org/data/definitions/78.html Open Web Application Secur...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishremediation = To avoid the creation of injection flaws, the Open Web Application Security Proj...Updatedremediation = Assume all input is malicious. Avoid using inputs. If it is not possible, use a...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishreference = ...Injection)http://cwe.mitre.org/data/definitions/91.html Open Web Application Se...Updatedreference = ...Injection) https://cwe.mitre.org/data/definitions/91.html Open Web Application ...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishreference = CWE-73 : External Control of File Name or Path http://cwe.mitre.org/data/definit...Updatedreference = CWE-73: External Control of File Name or Path https://cwe.mitre.org/data/definit...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishremediation = Validate all the user inputs. To avoid the creation of injection flaws, the Ope...Updatedremediation = Assume all input is malicious. Avoid using inputs. If it is not possible, use a...
7768quality-ruleAvoid Artifacts with High Depth of CodeParameter #1name = Max Depth of Code, type = integer, description = Max Depth of Code per artifactUpdatedname = Maximum Depth of Code
7770quality-ruleAvoid Artifacts with too many parametersParameter #1name = Maximum parameters, type = integer, description = Max parameters numberUpdatedname = Maximum number of parameters
7774quality-ruleAvoid Artifacts with High Integration ComplexityParameter #1name = Maximum integration complexity, type = float, description = Max integration complexity per methodUpdatedname = Maximum Integration Complexity
7778quality-ruleAvoid Artifacts with High Fan-OutParameter #1name = Maximum High Fan-Out, type = integer, description = Max High Fan-Out per methodUpdatedname = Maximum Fan-Out
7786quality-ruleAvoid long Table or View namesParameter #1name = Max length, type = integer, description = Maximum length for Table or View nameUpdatedname = Maximum length
7848quality-ruleInterface naming convention - prefixParameter #2name = Case sensitive, type = text, description = Name is Case sensitiveUpdatedname = Name is case sensitive
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemParameter #1name = Max nbr of columns, type = integer, description = Maximum number of columns in a tableUpdatedname = Maximum number of columns in a table
7904quality-ruleAvoid SQL queries on XXL tables that no index can supportParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
7908quality-ruleAvoid unreferenced MethodsParameter #1name = include_getter_setter, type = integer, description = Take in to account the getter and setterUpdatedname = Take into account the getter and setter, description = Take into account the getter and setter
7912quality-ruleAvoid unreferenced Data MembersParameter #1name = include_getter_setter, type = integer, description = Take in to account the getter and setterUpdatedname = Take into account the getter and setter, description = Take into account the getter and setter
7944quality-ruleAvoid High Response for ClassesParameter #1name = Maximum Response, type = float, description = Max Response per classUpdatedname = Maximum Response for a Class
7956quality-ruleAvoid indirect exception handling inside loopsParameter #1name = depth_level, type = integer, description = Depth level of a call pathUpdatedname = Depth level of a call path
8022quality-ruleAvoid hiding attributesParameter #1name = attribut name to exclude, type = text-list, description = attributs to ignoreUpdatedname = Attribute names to exclude
8022quality-ruleAvoid hiding attributesParameter #2name = type to exclude, type = text-list, description = type or sub-class to excludeUpdatedname = Types or sub-classes to exclude
8036quality-ruleAvoid improperly written triangular joins with XXL tables in PL/SQL codeParameter #1name = threshold, type = integer, description = tables are considered as XXL if the number of rows is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishreference = http://cwe.mitre.org/data/definitions/117.htmlUpdatedreference = CWE-117: Improper Output Neutralization for Logs https://cwe.mitre.org/data/defi...
8098quality-ruleAvoid uncontrolled format stringDocumentation englishreference = ASCSM 1.0, Automated Source Code Security Measure, Object Management Group. CWE...Updatedreference = CWE-134: Use of Externally-Controlled Format String https://cwe.mitre.org/data/d...
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Parameter #1name = threshold, type = integer, description = A method is considered to call too many SQL functions if the number of calls is greater than this valueUpdatedname = Minimum number of rows to consider a table as XXL
8214quality-ruleExpired or Released Resource should not be usedDocumentation englishdescription = ...sion(...) \t. close: org.springframework.orm.hibernate4.SessionFactoryUtils.close...Updateddescription = ...sion(...) . close: org.springframework.orm.hibernate4.SessionFactoryUtils.cl...
8214quality-ruleExpired or Released Resource should not be usedDocumentation englishname = CWE-672: Expired or Released Resource should not be usedUpdatedname = Expired or Released Resource should not be used
8214quality-ruleExpired or Released Resource should not be usedDocumentation englishsample = ...(); System.out.println("Connection closed........."); if(!connection...Updatedsample = ...(); connection.prepareStatement("select * from ...."); }
8222quality-ruleAvoid hard-coded credentialsDocumentation englishreference = ...tials http://cwe.mitre.org/data/definitions/798.htmlUpdatedreference = ...tials https://cwe.mitre.org/data/definitions/798.html CWE-259: Use of Hard-code...
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishreference = http://cwe.mitre.org/data/definitions/501.htmlUpdatedreference = CWE-501: Trust Boundary Violation https://cwe.mitre.org/data/definitions/501.htm...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishreference = https://cwe.mitre.org/data/definitions/614.html https://www.owasp.org/index.php...Updatedreference = CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute https://cw...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishremediation = ...kie should sent via HTTPS onlyUpdatedremediation = ...kie should sent via HTTPS only.
8242quality-ruleUse of insufficiently random valuesDocumentation englishreference = ...0: Use of insufficiently random values http://cwe.mitre.org/data/definitions/330...Updatedreference = ...0: Use of Insufficiently Random Values https://cwe.mitre.org/data/definitions/33...
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishreference = http://cwe.mitre.org/data/definitions/79.html CWE-79: Improper Neutralization o...Updatedreference = CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishreference = http://cwe.mitre.org/data/definitions/79.html CWE-79: Improper Neutralization o...Updatedreference = CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site...
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishremediation = ...diation is : Performing secure input handling in both client-side and server-sid...Updatedremediation = ...diation is: performing secure input handling in both client-side and server-side...
8414quality-ruleAvoid use of a broken or risky cryptographic algorithmDocumentation englishreference = http://cwe.mitre.org/data/definitions/327.html A3-OWASPUpdatedreference = CWE-327: Use of a Broken or Risky Cryptographic Algorithm https://cwe.mitre.org/...
8416quality-ruleAvoid use of a reversible one-way hashDocumentation englishreference = CWE-328 http://cwe.mitre.org/data/definitions/328.htmlUpdatedreference = CWE-328: Reversible One-Way Hash https://cwe.mitre.org/data/definitions/328.html...
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Documentation englishreference = http://cwe.mitre.org/data/definitions/89.htmlUpdatedreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
8420quality-ruleAvoid second order SQL injectionDocumentation englishreference = CWE-89 : Failure to Preserve SQL Query Structure (aka 'SQL injection') http://cw...Updatedreference = CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL...
8424quality-ruleAvoid using hard-coded HMAC keysDocumentation englishreference = A3-OWASP 2017 https://www.owasp.org/index.php/Top_10-2017_A3-Sensitive_Data_Expo...Updatedreference = CWE-321: Use of Hard-coded Cryptographic Key https://cwe.mitre.org/data/definiti...
8434quality-ruleAvoid process controlDefinitionMissingAddedactive = true, detached = false
8434quality-ruleAvoid process controlQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8436quality-ruleAvoid thread injection vulnerabilitiesDefinitionMissingAddedactive = true, detached = false
8436quality-ruleAvoid thread injection vulnerabilitiesQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8438quality-ruleAvoid code injectionDefinitionMissingAddedactive = true, detached = false
8438quality-ruleAvoid code injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8440quality-ruleAvoid reflection injectionDefinitionMissingAddedactive = true, detached = false
8440quality-ruleAvoid reflection injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8442quality-ruleAvoid resource injectionDefinitionMissingAddedactive = true, detached = false
8442quality-ruleAvoid resource injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8444quality-ruleAvoid resource URL manipulationDefinitionMissingAddedactive = true, detached = false
8444quality-ruleAvoid resource URL manipulationQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
66067quality-measureCopy Pasted Code (% of LOC)Parameter #1name = SIMILARITY, type = float, description = This is a percentage.Updatedname = Minimum % of Similarity

AIP 8.3.13 - 8.3.14

This section lists the results of a comparison between a CAST AIP 8.3.13 Assessment Model and the CAST AIP 8.3.14 Assessment Model. You can download the original compare_8313_8314.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.13 Assessment ModelChangeCAST 8.3.14 Assessment Model
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockQuality Contribution to 'Programming Practices - Error and Exception Handling' (61014)critical = false, weight = 6RemovedMissing contribution
7244quality-ruleAvoid direct usage of EJB Entity from the clientQuality Contribution to 'Architecture - Multi-Layers and Data Access' (61001)critical = false, weight = 3RemovedMissing contribution
7364quality-ruleDELETED: Avoid multiple validation form with the same nameActivationactive = true, detached = falseUpdatedactive = false, detached = true
7364quality-ruleDELETED: Avoid multiple validation form with the same nameDocumentation englishname = Avoid multiple validation form with the same nameUpdatedname = DELETED: Avoid multiple validation form with the same name
7364quality-ruleAvoid multiple validation form with the same nameQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 9RemovedMissing contribution
7436quality-rulePrefer UNION ALL to UNIONDocumentation englishoutput = ...ALL) occurencesUpdatedoutput = ...ALL) occurrences
7460quality-ruleDELETED:Avoid using untyped DataSetActivationactive = true, detached = falseUpdatedactive = false, detached = true
7460quality-ruleDELETED:Avoid using untyped DataSetDocumentation englishname = Avoid using untyped DataSetUpdatedname = DELETED:Avoid using untyped DataSet
7460quality-ruleAvoid using untyped DataSetQuality Contribution to 'Programming Practices - Structuredness' (61024)critical = true, weight = 6RemovedMissing contribution
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software constructs all or part of an SQL command via user-controllable inpu...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishrationale = ...ses other unintended behavior. In web based applications, the validation of all...Updatedrationale = ...ses other unintended behavior.
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishrationale = This could allow attackers to execute unexpected, dangerous commands directly on...Updatedrationale = The software constructs all or part of an OS command using externally-influenced...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software does not properly neutralize special elements that are used in XML,...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishrationale = This could allow an attacker to access or modify system files or other files tha...Updatedrationale = The software does not properly neutralize special elements that are part of path...
7952quality-ruleAvoid synonym with both private & PUBLIC Definition in PL/SQL contextDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8128quality-ruleDELETED: Avoid using UPDATE and DELETE without WHERE conditionDocumentation englishname = Avoid using UPDATE and DELETE without WHERE conditionUpdatedname = DELETED: Avoid using UPDATE and DELETE without WHERE condition
8238quality-ruleAvoid mixing trusted and untrusted data in HTTP requestsDocumentation englishname = Trust boundary violationUpdatedname = Avoid mixing trusted and untrusted data in HTTP requests
8400quality-ruleAvoid having lock on this objectActivationactive = true, detached = trueUpdateddetached = false
8400quality-ruleAvoid having lock on this objectQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = false, weight = 5
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishtotal = ...s calling user input methodsUpdatedtotal = ...s calling a "read database" method
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Documentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software constructs all or part of No-SQL command via user-controllable inpu...
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Quality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 9Updatedcritical = true
8420quality-ruleAvoid second order SQL injectionDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = The software constructs all or part of an SQL command via user-controllable inpu...
8420quality-ruleAvoid second order SQL injectionDocumentation englishtotal = ...s calling user input methodsUpdatedtotal = ...s calling a "read database" method
8420quality-ruleAvoid second order SQL injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)critical = false, weight = 9Updatedcritical = true

AIP 8.3.12 - 8.3.13

This section lists the results of a comparison between a CAST AIP 8.3.12 Assessment Model and the CAST AIP 8.3.13 Assessment Model. You can download the original compare_8312_8313.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.12 Assessment ModelChangeCAST 8.3.13 Assessment Model
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)DefinitionMissingAddedactive = true, detached = false
8420quality-ruleAvoid second order SQL injectionDefinitionMissingAddedactive = true, detached = false
8422quality-ruleAvoid Using COMMIT WORK or ROLLBACK WORK during update work processDefinitionMissingAddedactive = true, detached = false
8424quality-ruleAvoid using hard-coded HMAC keysDefinitionMissingAddedactive = true, detached = false
8426quality-ruleAvoid calling database commands directly using system functions as "C_DB_EXECUTE" and "C_DB_FUNCTION"DefinitionMissingAddedactive = true, detached = false
8428quality-ruleAuthorization check should be done before calling a transactionDefinitionMissingAddedactive = true, detached = false
8430quality-ruleAvoid using hardcoded seed or no seed at all for random values generationDefinitionMissingAddedactive = true, detached = false
8432quality-ruleAvoid Cross-Client Database Access using Open SQL statements with CLIENT SPECIFIED/USING CLIENT additionDefinitionMissingAddedactive = true, detached = false
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects paths from user input methods to HTML...Updateddescription = ... CAST data-flow engine, this metric detects paths from user input methods to HTM...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine to detect a call path where input data from the user is se...Updateddescription = ... CAST data-flow engine to detect a call path where input data from the user is s...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishrationale = ... from the Injection flaws. To avoid the creation of Injection flaws, the Open W...Updatedrationale = ... from the injection flaws. To avoid the creation of injection flaws, the Open W...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishreference = ...(aka 'SQL Injection') http://cwe.mitre.org/data/definitions/89.html Open Web Ap...Updatedreference = ...(aka 'SQL injection') http://cwe.mitre.org/data/definitions/89.html Open Web Ap...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishsample = ...ted user. ... string userName = ctx.getAuthenticatedUserName(); string query = "...Updatedsample = ...ted user. ... string userName = ctx.getAuthenticatedUserName(); string query = ...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects paths from user input methods down to...Updateddescription = ... CAST data-flow engine, this metric detects paths from user input methods down t...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishrationale = ... from the Injection flaws. To avoid the creation of Injection flaws, the Open W...Updatedrationale = ... from the injection flaws. To avoid the creation of injection flaws, the Open W...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishreference = ...ry ('LDAP Injection') http://cwe.mitre.org/data/definitions/90.html Open Web Ap...Updatedreference = ...ry ('LDAP injection') http://cwe.mitre.org/data/definitions/90.html Open Web Ap...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishremediation = Input Validation Assume all input is malicious. Use an "accept known good" inpu...Updatedremediation = Input validation. Assume all input is malicious. Use an "accept known good" inp...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects paths from user input methods down to...Updateddescription = ... CAST data-flow engine, this metric detects paths from user input methods down t...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishrationale = ... from the Injection flaws. The Common Weakness Enumeration defines Improper Inp...Updatedrationale = ... from the injection flaws. The Common Weakness Enumeration defines Improper Inp...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishremediation = ...eation of Injection flaws, the Open Web Application Security Project (OWASP) rec...Updatedremediation = ...eation of injection flaws, the Open Web Application Security Project (OWASP) rec...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects execution paths from user input metho...Updateddescription = ... CAST data-flow engine, this metric detects execution paths from user input meth...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishrationale = ...user input : "Use a standard input validation mechanism to validate all input da...Updatedrationale = ...user input: "Use a standard input validation mechanism to validate all input dat...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine, this metric detects execution paths from user input metho...Updateddescription = ... CAST data-flow engine, this metric detects execution paths from user input meth...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishrationale = ...as follows : "When software does not validate input properly, an attacker is ab...Updatedrationale = ...as follows: "When software does not validate input properly, an attacker is abl...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishremediation = ...eation of Injection flaws, the Open Web Application Security Project (OWASP) rec...Updatedremediation = ...eation of injection flaws, the Open Web Application Security Project (OWASP) rec...
8028quality-ruleAvoid missing default in switch statementsDocumentation englishassociatedValueName = Function nameUpdatedassociatedValueName = Number of violation occurrences
8028quality-ruleAvoid missing default in switch statementsDocumentation englishoutput = ...d to each Function with violations, the Quality Rule provides: - Function nameUpdatedoutput = ...d to each violation, the following information is provided: - The number of viol...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishdescription = ... CAST dataflow engine to detect a call path where input data from the user is wr...Updateddescription = ... CAST data-flow engine to detect a call path where input data from the user is w...
8044quality-ruleAvoid log forging vulnerabilitiesDocumentation englishname = Avoid Log forging vulnerabilitiesUpdatedname = Avoid log forging vulnerabilities
8098quality-ruleAvoid uncontrolled format stringDocumentation englishdescription = ... CAST dataflow engine, this metric detects execution paths from user input metho...Updateddescription = ... CAST data flow engine, this metric detects execution paths from user input meth...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishassociatedValueName = ... from hardcoded string down to the target methodUpdatedassociatedValueName = ... from hard-coded string down to the target method
8222quality-ruleAvoid hard-coded credentialsDocumentation englishdescription = ...ere a hardcoded credential is sent to a method used for its own inbound authenti...Updateddescription = ...ere a hard-coded credential is sent to a method used for its own inbound authent...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishname = Avoid hardcoded credentialsUpdatedname = Avoid hard-coded credentials
8222quality-ruleAvoid hard-coded credentialsDocumentation englishoutput = ...t one hardcoded credential parameter. It provides the following information : ...Updatedoutput = ...t one hard-coded credential parameter. It provides the following information :...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishrationale = ... have hardcoded credentials (username, password) in the application code or file...Updatedrationale = ... have hard-coded credentials (such as a passwords) in the application code or fi...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishremediation = ...mediations : - Outbound authentication : consider storing passwords and keys ou...Updatedremediation = ...mediations: - Outbound authentication: consider storing passwords and keys outs...
8222quality-ruleAvoid hard-coded credentialsDocumentation englishMissingAddedremediationSample = // Store passwords outside of the code in a storage protected from outsiders
8222quality-ruleAvoid hard-coded credentialsDocumentation englishMissingAddedsample = Java: UsernamePasswordCredentials creds = new UsernamePasswordCredentials("myUse...
8238quality-ruleTrust boundary violationDocumentation englishdescription = ...ructure or structured message. The list of user input methods can be customize...Updateddescription = ...ructure or structured message.
8238quality-ruleTrust boundary violationDocumentation englishMissingAddedremediationSample = // Never mix trusted and untrusted data
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeTechnologies[JEE]UpdatedAdded: [C#, VB.NET]
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishassociatedValueName = Call to javax.servlet.http.HttpServletResponse.addCookie passing a cookie withou...UpdatedassociatedValueName = Call stack from the "setSecure" call to the "addCookie" target
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishdescription = The Secure attribute for sensitive cookies in HTTPS sessions is not set, which c...Updateddescription = The 'Secure' attribute for sensitive cookies in HTTPS sessions is not set, which...
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = ...f methods calling javax.servlet.http.HttpServletResponse.addCookieUpdatedtotal = ...f methods adding a cookie without setting the 'secured' attribute
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishdescription = ...lected XSS : The server reads data directly from the HTTP request and reflects i...Updateddescription = ...lected XSS: The server reads data directly from the HTTP request and reflects it...
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishname = Avoid Reflected Cross-site Scripting (Non Persistent)Updatedname = Avoid reflected cross-site scripting (non persistent)
8408quality-ruleAvoid reflected cross-site scripting (non persistent)Documentation englishremediation = ...ce exposure to some variants." This metric ensures that the appropriate output ...Updatedremediation = ...ce exposure to some variants."
8410quality-ruleAvoid cross-site scripting (persistent)Documentation englishname = Avoid Cross-Site Scripting (Persistent)Updatedname = Avoid cross-site scripting (persistent)
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDocumentation englishMissingAddedassociatedValueName = Number of violation occurrences
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDocumentation englishMissingAddedoutput = Associated to each violation, the following information is provided: - The numbe...
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDocumentation englishMissingAddedtotal = Number of ABAP Artifacts
8418quality-ruleAvoid NoSQL injection on MongoDB (C#)Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = false, weight = 9
8420quality-ruleAvoid second order SQL injectionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = false, weight = 9
8426quality-ruleAvoid calling database commands directly using system functions as "C_DB_EXECUTE" and "C_DB_FUNCTION"Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8428quality-ruleAuthorization check should be done before calling a transactionQuality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8424quality-ruleAvoid using hard-coded HMAC keysQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8430quality-ruleAvoid using hardcoded seed or no seed at all for random values generationQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8432quality-ruleAvoid Cross-Client Database Access using Open SQL statements with CLIENT SPECIFIED/USING CLIENT additionQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8422quality-ruleAvoid Using COMMIT WORK or ROLLBACK WORK during update work processQuality Contribution to 'Programming Practices - Unexpected Behavior' (66069)Missing contributionAddedcritical = true, weight = 5

AIP 8.3.11 - 8.3.12

This section lists the results of a comparison between a CAST AIP 8.3.11 Assessment Model and the CAST AIP 8.3.12 Assessment Model. You can download the original compare_8311_8312.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.11 Assessment ModelChangeCAST 8.3.12 Assessment Model
578quality-ruleAvoid Classes with multiple inheritanceDocumentation englishoutput = ...violation patterns found in source code: - Parent class derivationUpdatedoutput = ...violation occurrences found in source code: - Parent class derivation
584quality-ruleAvoid Classes with at least one virtual Function and without a virtual DestructorDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
584quality-ruleAvoid Classes with at least one virtual Function and without a virtual DestructorDocumentation englishoutput = ...violation patterns found in source code: - Virtual methodUpdatedoutput = ...violation occurrences found in source code: - Virtual method
586quality-ruleDELETED: Avoid inline Constructors and DestructorsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
586quality-ruleDELETED: Avoid inline Constructors and DestructorsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
588quality-ruleAvoid using Global Variables (C++)Documentation englishdescription = ...+ code using global variables.Updateddescription = ...+ code using global variables. Constant are not taken into account in this rule.
590quality-ruleAvoid using global objects in Constructors and DestructorsDocumentation englishoutput = ...violation patterns found in source code: - global object usedUpdatedoutput = ...violation occurrences found in source code: - global object used
592quality-ruleEnsure you provide a user-defined copy constructor or disable copy when a class allocates memory in its constructorDocumentation englishoutput = ...violation patterns found in the source code: - object instanciationUpdatedoutput = ...violation occurrences found in the source code: - object instanciation
620quality-ruleAvoid base Classes without virtual DestructorsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
620quality-ruleAvoid base Classes without virtual DestructorsDocumentation englishoutput = ...violation patterns found in source code: - Class definition - Non-virtual de...Updatedoutput = ...violation occurrences found in source code: - Class definition - Non-virtual...
628quality-ruleAvoid invocation of virtual Methods of the declared Class in a Constructor or DestructorDocumentation englishoutput = ...violation patterns found in the source code: - Virtual member function callUpdatedoutput = ...violation occurrences found in the source code: - Virtual member function call
630quality-ruleAvoid data members that are not privateDocumentation englishoutput = ...violation patterns found in the source code: - class member declarationUpdatedoutput = ...violation occurrences found in the source code: - class member declaration
678quality-ruleNever throw an exception from a DestructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
678quality-ruleNever throw an exception from a DestructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
1050quality-ruleStatic Functions naming conventions - case controlDocumentation englishtotal = Number C static functionsUpdatedtotal = Number of C static functions
1054quality-ruleTypes naming conventions - suffix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1072quality-ruleAvoid using memory management Functions (free/malloc/realloc)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1072quality-ruleAvoid using memory management Functions (free/malloc/realloc)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
1074quality-ruleAvoid using signals management FunctionsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
1074quality-ruleAvoid using signals management FunctionsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
1558quality-rulePackage naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1558quality-rulePackage naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of PLSQL Packages
1560quality-rulePackage Function naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1560quality-rulePackage Function naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of PLSQL Package Functions
1562quality-rulePackage Stored Procedure naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1562quality-rulePackage Stored Procedure naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of PLSQL Package Procedures
1564quality-ruleCursor naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1564quality-ruleCursor naming convention - prefix controlDocumentation englishtotal = total is number of cursor defined into the schemaUpdatedtotal = Number of cursors defined into the schema
1574quality-ruleUse at most one statement per lineDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines with more than 1 statement
1574quality-ruleUse at most one statement per lineDocumentation englishoutput = ...rmation: - Function / Procedure full name, - number of lines with more than 1...Updatedoutput = ...rmation: - Function / Procedure full name, - Number of lines with more than 1 s...
1574quality-ruleUse at most one statement per lineDocumentation englishtotal = total is number of SQL procedures and functions that are stored in the schemaUpdatedtotal = Number of SQL procedures and functions that are stored in the schema
1576quality-ruleUse varchar2 instead of char and varcharDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1576quality-ruleUse varchar2 instead of char and varcharDocumentation englishMissingAddedtotal = Number of PL/SQL objects with parameters or columns
1578quality-ruleAvoid using LONG & LONG RAW datatype for Table ColumnsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1578quality-ruleAvoid using LONG & LONG RAW datatype for Table ColumnsDocumentation englishMissingAddedtotal = Number of PLSQL tables and views
1580quality-ruleAvoid using execute immediateDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1580quality-ruleAvoid using execute immediateDocumentation englishtotal = The total procedure counts all the PLSQL objects using execute immediateUpdatedtotal = Number of PLSQL objects using execute immediate
1582quality-ruleAvoid large Tables - too many columnsDocumentation englishtotal = total is the number of tables in the shemaUpdatedtotal = Number of tables in the shema
1596quality-ruleAvoid using "nullable" Columns except in the last position in a TableDocumentation englishMissingAddedtotal = Number of PLSQL tables
1598quality-ruleAvoid Rule HINT /*+ rule */ or --+ rule in PL/SQL codeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1606quality-ruleTriggers should not directly modify tables, a procedure or function should be used insteadDocumentation englishtotal = total is the number of schema triggersUpdatedtotal = Number of schema triggers
1634quality-ruleAvoid unreferenced TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1634quality-ruleAvoid unreferenced TablesDocumentation englishtotal = total is number of schema tablesUpdatedtotal = Number of schema tables
2230quality-ruleUse of style sheets (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
2230quality-ruleUse of style sheets (JEE)Documentation englishtotal = Total number of pagesUpdatedtotal = Number of pages
2232quality-rulePages should use error handling pageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2232quality-rulePages should use error handling pageDocumentation englishtotal = The list of JSP files except the error pages + the web.xmlUpdatedtotal = Number of JSP files except the error pages + the web.xml
2236quality-ruleAvoid use of standard SQL APIDocumentation englishtotal = the number of JSP pagesUpdatedtotal = Number of JSP pages
2238quality-ruleAvoid unreferenced JSPs and web client filesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2238quality-ruleAvoid unreferenced JSPs and web client filesDocumentation englishMissingAddedtotal = Number of JSP, HTM, HTML pages
2242quality-ruleAvoid direct definition of JavaScript Functions in a Web page (JEE)Documentation englishtotal = The number of JavaScript FunctionsUpdatedtotal = Number of JavaScript functions
2244quality-ruleAvoid undocumented Web Server PagesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2244quality-ruleAvoid undocumented Web Server PagesDocumentation englishMissingAddedtotal = Number of JSP pages
2248quality-ruleAvoid Web Server pages having a very low Comment/Code ratioDocumentation englishMissingAddedtotal = Number of JSP pages
2254quality-ruleAvoid large Page files (JEE)Documentation englishMissingAddedtotal = Number of JSP pages
2258quality-ruleAll image files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of JPG files
2260quality-ruleAll script files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of JS Scripts
2262quality-ruleAll stylesheet files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of CSS pages
2264quality-ruleAll page files should be in a specific directoryDocumentation englishMissingAddedtotal = Number of JSP pages
2266quality-ruleAvoid non standard file extensions (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
2266quality-ruleAvoid non standard file extensions (JEE)Documentation englishMissingAddedtotal = Number of eFiles
2278quality-ruleCheck the use of "foreach" custom tag libraryDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2278quality-ruleCheck the use of "foreach" custom tag libraryDocumentation englishMissingAddedtotal = Number of JavaScript eFunctions and JSP eFile
2280quality-ruleAvoid using Document.all collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2280quality-ruleAvoid using Document.all collectionDocumentation englishMissingAddedtotal = Number of objects belonging to files with extension given by parameter
2282quality-ruleAvoid large Include FilesDocumentation englishMissingAddedtotal = Number of JSP pages
2284quality-ruleAvoid large JSP Pages - too many ScriptletsDocumentation englishMissingAddedtotal = Number of JSP pages
2552quality-ruleEvent naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2552quality-ruleEvent naming convention - case controlDocumentation englishMissingAddedtotal = Number of VB events
2558quality-ruleMethod/Sub naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2558quality-ruleMethod/Sub naming convention - case controlDocumentation englishMissingAddedtotal = Number of VB functions and methods
2560quality-ruleProperty naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2560quality-ruleProperty naming convention - case controlDocumentation englishMissingAddedtotal = Number of VB properties
2562quality-ruleAvoid long FunctionsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines of code
2562quality-ruleAvoid long FunctionsDocumentation englishMissingAddedtotal = Number of VB functions
2564quality-ruleUse a single Error Handling MethodDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2572quality-ruleAvoid declaring VB Variables without typing them (Visual Basic)Documentation englishassociatedValueName = Associated ValueRemovedMissing
2572quality-ruleAvoid declaring VB Variables without typing them (Visual Basic)Documentation englishMissingAddedtotal = Number of VB objects
2574quality-ruleAvoid using Global Variables (Visual Basic)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Global variable
2574quality-ruleAvoid using Global Variables (Visual Basic)Documentation englishMissingAddedtotal = Number of Objects likely to use global variables
2576quality-ruleAvoid Variables declared as VariantsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2576quality-ruleAvoid Variables declared as VariantsDocumentation englishMissingAddedtotal = Number of VB objects
2580quality-ruleAvoid use of Scripting.FileSystemObjectDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Occurrence of Scripting.FileSystemObject
2580quality-ruleAvoid use of Scripting.FileSystemObjectDocumentation englishMissingAddedtotal = Number of VB objects
2582quality-ruleUse Option ExplicitDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2582quality-ruleUse Option ExplicitDocumentation englishMissingAddedtotal = Number of VB modules and forms
2584quality-ruleAvoid using late bindingDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2584quality-ruleAvoid using late bindingDocumentation englishMissingAddedtotal = Number of VB functions, methods and events
2586quality-ruleUtilization of "DoEvents" inside a loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2586quality-ruleUtilization of "DoEvents" inside a loopDocumentation englishMissingAddedtotal = Number of VB functions, methods and events
2586quality-ruleUtilization of "DoEvents" inside a loopDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
2588quality-ruleAvoid declaring Class Variables without declaring access PropertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2588quality-ruleAvoid declaring Class Variables without declaring access PropertiesDocumentation englishMissingAddedtotal = Number of VB Class Variables
2590quality-ruleAvoid using "On error Resume Next" in the Class event terminateDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2590quality-ruleAvoid using "On error Resume Next" in the Class event terminateDocumentation englishMissingAddedtotal = Number of sub 'Class_Terminate'
2590quality-ruleAvoid using "On error Resume Next" in the Class event terminateDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
2592quality-ruleEncapsulation complianceDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Module variable
2592quality-ruleEncapsulation complianceDocumentation englishMissingAddedtotal = Number of VB artifacts
2620quality-ruleAvoid undocumented ModulesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2620quality-ruleAvoid undocumented ModulesDocumentation englishMissingAddedtotal = Number of VB modules
2622quality-ruleAvoid Modules with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
2622quality-ruleAvoid Modules with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of VB modules
2626quality-ruleAvoid unreferenced ModulesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2626quality-ruleAvoid unreferenced ModulesDocumentation englishMissingAddedtotal = Number of VB modules
3058quality-ruleUse of style sheets (ASP)Documentation englishassociatedValueName = Associated ValueRemovedMissing
3060quality-rulePages with less than 3 levels of inclusionDocumentation englishMissingAddedtotal = Number of pages
3062quality-ruleUse of error handling pageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3062quality-ruleUse of error handling pageDocumentation englishMissingAddedtotal = Number of ASP pages
3064quality-ruleAvoid use of Session variables from Session_OnEndDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3064quality-ruleAvoid use of Session variables from Session_OnEndDocumentation englishMissingAddedtotal = Number of pages
3066quality-ruleUse of Web ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3066quality-ruleUse of Web ClassesDocumentation englishMissingAddedtotal = Number of pages
3070quality-ruleAvoid non standard file extensions (ASP)Documentation englishassociatedValueName = Associated ValueRemovedMissing
3070quality-ruleAvoid non standard file extensions (ASP)Documentation englishMissingAddedtotal = Number of pages
3072quality-ruleConsistent File full name and directory structureDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3072quality-ruleConsistent File full name and directory structureDocumentation englishMissingAddedtotal = Number of pages
3074quality-ruleIndex pages and global.asa must be located in the root directoryDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3074quality-ruleIndex pages and global.asa must be located in the root directoryDocumentation englishMissingAddedtotal = Number of pages
3076quality-ruleAvoid using more than one scripting language in one pageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3076quality-ruleAvoid using more than one scripting language in one pageDocumentation englishMissingAddedtotal = Number of ASP pages
3078quality-ruleAvoid unreferenced codeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3078quality-ruleAvoid unreferenced codeDocumentation englishMissingAddedtotal = Number of pages
3080quality-ruleAvoid undocumented PagesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3080quality-ruleAvoid undocumented PagesDocumentation englishMissingAddedtotal = Number of pages
3082quality-ruleAvoid ASP pages having a very low Comment/Code ratioDocumentation englishMissingAddedtotal = Number of ASP pages
3088quality-ruleAvoid large Page files (ASP)Documentation englishMissingAddedtotal = Number of ASP pages
3102quality-ruleAvoid using Transactions in an ASP PageDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3102quality-ruleAvoid using Transactions in an ASP PageDocumentation englishMissingAddedtotal = Number of ASP pages
3550quality-ruleNamespace naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3550quality-ruleNamespace naming convention - case controlDocumentation englishMissingAddedtotal = Number of namespaces
3554quality-ruleInterface naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3558quality-ruleEnumerations naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3558quality-ruleEnumerations naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of enumerations
3560quality-ruleEnumeration Items naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3560quality-ruleEnumeration Items naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of enumeration items
3562quality-rulePrivate Fields naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3562quality-rulePrivate Fields naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of private fields
3564quality-rulePublic Fields naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3564quality-rulePublic Fields naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of public fields
3566quality-ruleMethods naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3566quality-ruleMethods naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of methods
3568quality-ruleEvents naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3568quality-ruleEvents naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of events
3572quality-ruleControls naming convention - prefix, case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3574quality-ruleProperties naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3574quality-ruleProperties naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of properties
3576quality-ruleAvoid declaring public FieldsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3576quality-ruleAvoid declaring public FieldsDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
3578quality-ruleAvoid large Classes - too many Constructors (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Constructors
3578quality-ruleAvoid large Classes - too many Constructors (.NET)Documentation englishtotal = Total number of classesUpdatedtotal = Number of classes
3580quality-ruleAvoid large Classes - too many Methods (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Methods
3586quality-ruleAvoid large Methods - too many Lines of CodeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines of code
3590quality-ruleAvoid Interface implementation on StructuresDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Interface
3610quality-ruleAvoid declaring VB Variables without typing them (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
3610quality-ruleAvoid declaring VB Variables without typing them (.NET)Documentation englishtotal = Total number of variable declaration.Updatedtotal = Number of variable declarations
3612quality-ruleClose SQL connection ASAPDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
3614quality-ruleAvoid using String.Empty for empty string testsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
3616quality-ruleData Access must be based on Stored Procedure CallsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Accessed SQL object
3626quality-ruleAvoid Interfaces with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
3626quality-ruleAvoid Interfaces with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of interfaces
3630quality-ruleAvoid having Classes implementing too many InterfacesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of implementations
3630quality-ruleAvoid having Classes implementing too many InterfacesDocumentation englishMissingAddedtotal = Number of classes
4056quality-ruleAvoid recursive TriggersDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4056quality-ruleAvoid recursive TriggersDocumentation englishMissingAddedtotal = Number of triggers
4056quality-ruleAvoid recursive TriggersDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
4058quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joinsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4058quality-ruleAvoid queries using old style join convention instead of ANSI-Standard joinsDocumentation englishtotal = LINBERGH_PLUSUpdatedtotal = Number of objects that can contain SELECT
4062quality-ruleAvoid Functions and Procedures doing an Insert, Update or Delete without managing a transactionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4062quality-ruleAvoid Functions and Procedures doing an Insert, Update or Delete without managing a transactionDocumentation englishMissingAddedtotal = Number of functions and procedures
4064quality-ruleAvoid Procedures using an Insert, Update, Delete, Create Table or Select without including error managementDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4066quality-ruleAvoid Stored Procedures not returning a status valueDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4066quality-ruleAvoid Stored Procedures not returning a status valueDocumentation englishMissingAddedtotal = Number of stored procedures
4070quality-ruleAvoid use of "truncate table"Documentation englishassociatedValueName = Associated ValueRemovedMissing
4076quality-ruleAvoid using temporary ObjectsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4076quality-ruleAvoid using temporary ObjectsDocumentation englishMissingAddedtotal = Number of objects that can contain SELECT
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4084quality-ruleAvoid nested Stored Procedures using temporary TablesDocumentation englishMissingAddedtotal = Number of stored procedures
4554quality-ruleAvoid large Classes - too many Methods (JEE)Documentation englishtotal = Total number of MethodsUpdatedtotal = Number of methods
4556quality-ruleAvoid large Classes - too many Constructors (JEE)Documentation englishMissingAddedtotal = Number of Java classes
4558quality-ruleAvoid large Classes - too many FieldsDocumentation englishMissingAddedtotal = Number of Java classes
4560quality-ruleAvoid large Interfaces - too many Methods (JEE)Documentation englishtotal = Total number of interfacesUpdatedtotal = Number of interfaces
4566quality-ruleAvoid declaring Instance Variables without defined access typeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4566quality-ruleAvoid declaring Instance Variables without defined access typeDocumentation englishMissingAddedtotal = Number of Java attributes
4568quality-ruleAvoid declaring Public Instance VariablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4568quality-ruleAvoid declaring Public Instance VariablesDocumentation englishMissingAddedtotal = Number of Java attributes
4570quality-ruleAvoid declaring Non Final Class Variables with Public or Package access typeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4570quality-ruleAvoid declaring Non Final Class Variables with Public or Package access typeDocumentation englishMissingAddedtotal = Number of Java attributes
4572quality-ruleAvoid declaring Final Instance Variables that are not dynamically initializedDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4572quality-ruleAvoid declaring Final Instance Variables that are not dynamically initializedDocumentation englishMissingAddedtotal = Number of Java attributes
4574quality-ruleAvoid using deprecated objectsDocumentation englishMissingAddedtotal = Number of Java objects
4576quality-ruleProvide accessors to Private FieldsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4578quality-ruleGood use of Interfaces with collections as Method return typesDocumentation englishtotal = The total number of methods which return type implements or extend java.lang.Col...Updatedtotal = Number of methods which return type implements or extend java.lang.Collection, j...
4580quality-ruleGood use of Interfaces when instantiating a collectionDocumentation englishtotal = The total number of fields whose type implements or extends java.lang.Collection...Updatedtotal = Number of fields whose type implements or extends java.lang.Collection, java.lan...
4592quality-ruleAvoid hiding static MethodsDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 557, propertyID = 140910
4592quality-ruleAvoid hiding static MethodsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
4592quality-ruleAvoid hiding static MethodsDocumentation englishdescription = ... allowed. This Quality Rule retrieves all static methods that are redefined in s...Updateddescription = ... allowed. This Quality Rule retrieves all static methods that are redefined in ...
4592quality-ruleAvoid hiding static MethodsDocumentation englishoutput = This report lists all hidden Static Methods. It provides the following informati...Updatedoutput = Associated to each violation, the following information is provided: - The numbe...
4592quality-ruleAvoid hiding static MethodsDocumentation englishrationale = ... stability of the application.Updatedrationale = ... stability of the application. Except for class derives from “javax.swing.plaf....
4592quality-ruleAvoid hiding static MethodsDocumentation englishreference = http://faq.javaranch.com/view?OverridingVsHidingUpdatedreference = https://coderanch.com/wiki/659959/Overriding-Hiding https://coderanch.com/t/3800...
4592quality-ruleAvoid hiding static MethodsDocumentation englishremediation = ...eview the design of the MethodUpdatedremediation = ...eview the design of the Method. Simply not override the static (class) methods.
4592quality-ruleAvoid hiding static MethodsDocumentation englishtotal = The total procedure counts the number of static methods.Updatedtotal = Number of methods.
4592quality-ruleAvoid hiding static MethodsDocumentation englishMissingAddedremediationSample = class Foo { public static void classMethod() { System.out.println("c...
4592quality-ruleAvoid hiding static MethodsDocumentation englishMissingAddedsample = class Foo { public static void classMethod() { System.out.println("c...
4592quality-ruleAvoid hiding static MethodsDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4592quality-ruleAvoid hiding static MethodsOperationlocalSiteDiagnose = DIAG_SCOPE_JAVABEST022UpdatedlocalSiteDiagnose = null
4592quality-ruleAvoid hiding static MethodsOperationlocalSiteCountTotal = DIAG_JAVA_ANA_CLASS_MET_TOTALUpdatedlocalSiteCountTotal = null
4596quality-ruleAvoid using 'java.lang.System.getenv()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4596quality-ruleAvoid using 'java.lang.System.getenv()'Documentation englishMissingAddedtotal = Number of Java artifacts
4598quality-ruleAvoid using 'java.lang.Runtime.exec()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4598quality-ruleAvoid using 'java.lang.Runtime.exec()'Documentation englishMissingAddedtotal = Number of Java artifacts
4600quality-ruleAvoid using 'java.System.exit()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4600quality-ruleAvoid using 'java.System.exit()'Documentation englishMissingAddedtotal = Number of Java artifacts
4604quality-ruleAvoid using 'java.lang.Error'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4604quality-ruleAvoid using 'java.lang.Error'Documentation englishMissingAddedtotal = Number of Java objects
4606quality-ruleAvoid using 'sun.*' ClassesDocumentation englishMissingAddedtotal = Number of Java objects
4610quality-ruleAvoid using anonymous ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4610quality-ruleAvoid using anonymous ClassesDocumentation englishtotal = All classesUpdatedtotal = Number of classes
4612quality-ruleAvoid using native Methods (JNI)Documentation englishtotal = number of artifactsUpdatedtotal = Number of artifacts
4614quality-ruleProper overriding of 'clone()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4614quality-ruleProper overriding of 'clone()'Documentation englishMissingAddedtotal = Number of Java methods
4616quality-ruleProper overriding of 'finalize()'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4616quality-ruleProper overriding of 'finalize()'Documentation englishMissingAddedtotal = Number of Java methods
4618quality-ruleAvoid instantiating BooleanDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4618quality-ruleAvoid instantiating BooleanDocumentation englishMissingAddedtotal = Number of Java artifacts
4652quality-ruleAvoid direct Class inheritance from java.lang.ThrowableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4652quality-ruleAvoid direct Class inheritance from java.lang.ThrowableDocumentation englishMissingAddedtotal = Number of Java classes
4656quality-ruleAvoid declaring throwing an exception and not throwing itDocumentation englishtotal = number of methods declaring throwing an exception in the signature except method...Updatedtotal = Number of methods declaring throwing an exception in the signature except method...
4666quality-ruleClasses and Interfaces must have JavaDoc CommentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4666quality-ruleClasses and Interfaces must have JavaDoc CommentsDocumentation englishtotal = classes and interfaces (generic or not)Updatedtotal = Number of classes and interfaces (generic or not)
4668quality-ruleClasses and Interfaces must have JavaDoc @author tagDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4668quality-ruleClasses and Interfaces must have JavaDoc @author tagDocumentation englishtotal = classes and interfaces (generic or not)Updatedtotal = Number of classes and interfaces (generic or not)
4670quality-ruleMethods must have JavaDoc commentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4670quality-ruleMethods must have JavaDoc commentsDocumentation englishtotal = methodsUpdatedtotal = Number of methods
4672quality-ruleMethods must have appropriate JavaDoc @param tagsDocumentation englishtotal = method's parametersUpdatedtotal = Number of method's parameters
4674quality-ruleMethods must have appropriate JavaDoc @return tagsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4674quality-ruleMethods must have appropriate JavaDoc @return tagsDocumentation englishtotal = methods that return a valueUpdatedtotal = Number of methods that return a value
4676quality-ruleMethods must have appropriate JavaDoc @throws tagsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4676quality-ruleMethods must have appropriate JavaDoc @throws tagsDocumentation englishtotal = methods that throw exceptionsUpdatedtotal = Number of methods that throw exceptions
4678quality-ruleMethods must have appropriate JavaDoc @exception tagsDocumentation englishtotal = methods that throw exceptionsUpdatedtotal = Number of methods that throw exceptions
4680quality-ruleFields must have JavaDoc CommentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4680quality-ruleFields must have JavaDoc CommentsDocumentation englishtotal = java fieldsUpdatedtotal = Number of Java fields
4694quality-ruleAvoid using 'System.gc'Documentation englishassociatedValueName = Associated ValueRemovedMissing
4696quality-ruleAvoid using 'System.err' and 'System.out' within a try catch blockDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4698quality-ruleAvoid using 'System.err' and 'System.out' outside a try catch blockDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4704quality-ruleAvoid using VectorDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4704quality-ruleAvoid using VectorDocumentation englishMissingAddedtotal = Number of Java objects
4706quality-ruleAvoid using HashtableDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
4706quality-ruleAvoid using HashtableDocumentation englishMissingAddedtotal = Number of Java artifacts
4708quality-ruleAvoid using Dynamic instantiationDocumentation englishtotal = All Java artifactsUpdatedtotal = Number of Java artifacts
4712quality-ruleAvoid inheritance down the Package pathDocumentation englishtotal = The number of classesUpdatedtotal = Number of classes
4716quality-ruleAvoid Classes implementing too many Interfaces (JEE)Documentation englishMissingAddedtotal = Number of Java classes
4718quality-rulePackage size controlDocumentation englishMissingAddedtotal = Number of Java packages
4722quality-ruleTrack Classes referencing Database objectsDocumentation englishtotal = Java classesUpdatedtotal = Number of Java classes
4730quality-rulePackage naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4730quality-rulePackage naming convention - case controlDocumentation englishMissingAddedtotal = Number of Java packages
4732quality-ruleInterface naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4732quality-ruleInterface naming convention - case controlDocumentation englishMissingAddedtotal = Number of Java interfaces
4734quality-ruleClass naming convention - case control (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
4734quality-ruleClass naming convention - case control (JEE)Documentation englishMissingAddedtotal = Number of Java classes
4736quality-ruleMethod naming convention - case control (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
4736quality-ruleMethod naming convention - case control (JEE)Documentation englishMissingAddedtotal = Number of Java methods
4738quality-ruleConstant naming convention - case control (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
4738quality-ruleConstant naming convention - case control (JEE)Documentation englishtotal = static final fieldsUpdatedtotal = Number of static final fields
4740quality-ruleField naming convention - case controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
4740quality-ruleField naming convention - case controlDocumentation englishtotal = Java fields except static final fieldsUpdatedtotal = Number of Java fields except static final fields
4744quality-ruleEJB Entity access through their local InterfaceDocumentation englishMissingAddedtotal = Number of Methods accessing Java EJB Entity
4746quality-ruleEJB Session access through their local InterfaceDocumentation englishMissingAddedtotal = Number of Methods accessing Java EJB Session
5050quality-ruleAvoid using HANDLE CONDITIONDocumentation englishoutput = ...violation patterns found in the source code: - EXEC CICS HANDLE CONDITION comm...Updatedoutput = ...violation occurrences found in the source code: - EXEC CICS HANDLE CONDITION c...
5052quality-ruleAvoid using IGNORE CONDITIONDocumentation englishoutput = ...violation patterns found in the source code: - EXEC CICS IGNORE CONDITION comm...Updatedoutput = ...violation occurrences found in the source code: - EXEC CICS IGNORE CONDITION c...
5054quality-ruleAvoid using HANDLE ABENDDocumentation englishoutput = ...violation patterns found in the source code: - EXEC CICS HANDLE ABEND statemen...Updatedoutput = ...violation occurrences found in the source code: - EXEC CICS HANDLE ABEND state...
5056quality-ruleAvoid using SEARCH without the ALL additionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
5056quality-ruleAvoid using SEARCH without the ALL additionDocumentation englishoutput = ...violation patterns found in source code: - SEARCH statement - Internal table def...Updatedoutput = ...violation occurrences found in source code: - SEARCH statement - Internal table ...
5058quality-ruleAvoid using SORTDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5058quality-ruleAvoid using SORTDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5060quality-ruleAvoid using MERGEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5060quality-ruleAvoid using MERGEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5062quality-ruleAvoid using ALTERDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5062quality-ruleAvoid using ALTERDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
5064quality-ruleProgram naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5066quality-ruleAvoid using PERFORM ... THROUGH | THRUDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5066quality-ruleAvoid using PERFORM ... THROUGH | THRUDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5068quality-ruleAvoid STOP RUN (use GOBACK instead)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5068quality-ruleAvoid STOP RUN (use GOBACK instead)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5070quality-ruleSection naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5072quality-ruleAvoid DISPLAY ... UPON CONSOLEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5072quality-ruleAvoid DISPLAY ... UPON CONSOLEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
5074quality-ruleParagraph naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5080quality-ruleAvoid Procedure Paragraphs that contains no statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5080quality-ruleAvoid Procedure Paragraphs that contains no statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5082quality-ruleAvoid Procedure Sections that contain no ParagraphDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5082quality-ruleAvoid Procedure Sections that contain no ParagraphDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5086quality-ruleAvoid using Sections in the PROCEDURE DIVISION (use Paragraphs only)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5086quality-ruleAvoid using Sections in the PROCEDURE DIVISION (use Paragraphs only)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5090quality-ruleAvoid using NEXT SENTENCEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5090quality-ruleAvoid using NEXT SENTENCEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5092quality-ruleInclude a WHEN OTHER clause when using EVALUATEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5092quality-ruleInclude a WHEN OTHER clause when using EVALUATEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5094quality-ruleAvoid using MOVE CORRESPONDING ... TO ...Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5094quality-ruleAvoid using MOVE CORRESPONDING ... TO ...Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5112quality-ruleAvoid undocumented Sections (COBOL)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5112quality-ruleAvoid undocumented Sections (COBOL)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5114quality-ruleAvoid undocumented Programs (COBOL)Documentation englishassociatedValueName = Associated ValueRemovedMissing
5116quality-ruleAvoid undocumented ParagraphsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
5116quality-ruleAvoid undocumented ParagraphsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
5144quality-ruleAvoid using GOTO statement (COBOL)Documentation englishoutput = ...violation patterns found in the source code: - GO TO statementUpdatedoutput = ...violation occurrences found in the source code: - GO TO statement
5550quality-ruleAvoid having joins with more than 4 TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5550quality-ruleAvoid having joins with more than 4 TablesDocumentation englishMissingAddedtotal = Number of objects using tables
5550quality-ruleAvoid having joins with more than 4 TablesDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
5554quality-ruleAvoid having SQL code in Triggers named "pre-record"Documentation englishMissingAddedtotal = Number of triggers named 'pre-record'
5558quality-ruleBased Data Blocks naming convention - represented tableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5558quality-ruleBased Data Blocks naming convention - represented tableDocumentation englishMissingAddedtotal = Number of based forms datablocks
5560quality-ruleBased Data Block Items naming convention - represented columnDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5560quality-ruleBased Data Block Items naming convention - represented columnDocumentation englishMissingAddedtotal = Number of based forms datablock items
5562quality-ruleNot Based Data Blocks naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5564quality-ruleNot Based Data Block Items naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5566quality-ruleUse of call_form built-in Function from a centralized locationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5572quality-ruleAvoid objects without COMMENT propertyDocumentation englishassociatedValueName = Associated ValueRemovedMissing
5572quality-ruleAvoid objects without COMMENT propertyDocumentation englishtotal = All Forms artefact with propertiesUpdatedtotal = Number of form artifacts with properties
6050quality-ruleDatawindow naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6050quality-ruleDatawindow naming conventionDocumentation englishMissingAddedtotal = Number of Datawindows
6052quality-ruleGlobal function naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6052quality-ruleGlobal function naming conventionDocumentation englishMissingAddedtotal = Number of Functions
6054quality-ruleMenu naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6054quality-ruleMenu naming conventionDocumentation englishMissingAddedtotal = Number of Menus
6056quality-ruleStructure naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6056quality-ruleStructure naming conventionDocumentation englishMissingAddedtotal = Number of Structures
6062quality-ruleWindow naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6062quality-ruleWindow naming conventionDocumentation englishMissingAddedtotal = Number of Windows
6066quality-ruleGlobal variable naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6066quality-ruleGlobal variable naming conventionDocumentation englishMissingAddedtotal = Number of Global Variables
6068quality-ruleInstance variable naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6068quality-ruleInstance variable naming conventionDocumentation englishMissingAddedtotal = Number of Instance Variables
6070quality-ruleUser event naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6070quality-ruleUser event naming conventionDocumentation englishMissingAddedtotal = Number of User Events
6072quality-ruleMethod naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6072quality-ruleMethod naming conventionDocumentation englishMissingAddedtotal = Number of Methods
6076quality-ruleAvoid Datawindows that does not access a database dataDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6076quality-ruleAvoid Datawindows that does not access a database dataDocumentation englishMissingAddedtotal = Number of Datawindows
6078quality-ruleAvoid Datawindows accessing Database Procedures or FunctionsDocumentation englishMissingAddedtotal = Number of Datawindows
6082quality-ruleAvoid PB Function/Event/Method accessing Database Procedures or FunctionsDocumentation englishMissingAddedtotal = Number of functions, events, methods
6084quality-ruleAvoid having unreferenced codeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6084quality-ruleAvoid having unreferenced codeDocumentation englishMissingAddedtotal = Number of Objects referencing code
6102quality-ruleAvoid undocumented EventsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6102quality-ruleAvoid undocumented EventsDocumentation englishMissingAddedtotal = Number of Events
6104quality-ruleAvoid events with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of Events
6106quality-ruleUser event naming convention - declare onlyDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6106quality-ruleUser event naming convention - declare onlyDocumentation englishMissingAddedtotal = Number of User Events Declaration
6110quality-ruleControls must inherit from a userobjectDocumentation englishMissingAddedtotal = Number of Controls
6112quality-ruleAvoid using global variablesDocumentation englishMissingAddedtotal = Number of objects likely to use global variables
6114quality-ruleAvoid using global functionsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6114quality-ruleAvoid using global functionsDocumentation englishMissingAddedtotal = Number of objects likely to use global functions
6124quality-ruleDatawindows accessing database must be based on procedureDocumentation englishMissingAddedtotal = Number of Datawindows accessing database
6126quality-ruleAvoid using dynamic SQL in scriptsDocumentation englishMissingAddedtotal = Number of function, event, method
6128quality-ruleAvoid window with too high level of inheritanceDocumentation englishMissingAddedtotal = Number of Windows
6130quality-ruleAvoid userobject with too high level of inheritanceDocumentation englishMissingAddedtotal = Number of User Objects
6132quality-ruleAvoid overriding eventDocumentation englishassociatedValueName = Associated ValueRemovedMissing
6132quality-ruleAvoid overriding eventDocumentation englishMissingAddedtotal = Number of User Events Extend or Override
6134quality-ruleAvoid menu with too high level of inheritanceDocumentation englishMissingAddedtotal = Number of Menus
6142quality-ruleAvoid Windows with too many MethodsDocumentation englishMissingAddedtotal = Number of Windows
6144quality-ruleAvoid Userobject with too many MethodsDocumentation englishMissingAddedtotal = Number of User Objects
6150quality-ruleAvoid Menus, UserObjects and Windows that have no inheritance relations with other objectsDocumentation englishMissingAddedtotal = Number of menu, user objects and windows
6162quality-ruleAvoid Artifacts with High integration complexityDocumentation englishMissingAddedtotal = Number of PB artifacts
6184quality-ruleAvoid Artifacts with Subqueries (Power Builder)Documentation englishMissingAddedtotal = Number of PB artifacts accessing SQL objects
6194quality-ruleAvoid Artifacts with lines of more than 80 charactersDocumentation englishMissingAddedtotal = Number of PB artifacts
7050quality-ruleFunction naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7060quality-ruleAvoid undocumented Programs (ABAP)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7062quality-ruleAvoid undocumented IncludesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7072quality-ruleProgram naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7074quality-ruleInclude naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7076quality-ruleAvoid Programs/Includes with too many FormsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Forms
7088quality-ruleProcessing Screen Naming ConventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7088quality-ruleProcessing Screen Naming ConventionDocumentation englishMissingAddedtotal = Number of ABAP processing screens
7124quality-ruleDELETED: Functional EvolvabilityDocumentation englishtotal = The number of modules of the application.Updatedtotal = Number of modules of the application
7126quality-ruleAvoid Artifacts with high Commented-out Code Lines/Code Lines ratioDocumentation englishtotal = The total procedure counts the number of Artifacts.Updatedtotal = Number of artifacts
7130quality-ruleAvoid Artifacts with High Depth of Nested SubqueriesDocumentation englishreference = http://it-cisq.org/ CISQ: ASCPEM-PRF-04Updatedreference = https://it-cisq.org/ CISQ: ASCPEM-PRF-04
7130quality-ruleAvoid Artifacts with High Depth of Nested SubqueriesDocumentation englishtotal = The total procedure counts the number of SQL Artifacts.Updatedtotal = Number of SQL artifacts
7132quality-ruleAction Mappings should have few forwardsDocumentation englishtotal = total of action mappingUpdatedtotal = Number of action mapping
7134quality-ruleAvoid having local forward with same name as global forwardDocumentation englishMissingAddedtotal = Number of Local Forwards
7136quality-ruleEach method in an Action Class should have a small complexityDocumentation englishtotal = The number of methods of classes and parent classes that are referenced as an ac...Updatedtotal = Number of methods of classes and parent classes that are referenced as an action...
7138quality-ruleAction Classes should only be called by Action Mappings tag (for Struts 1.x) or Action tag (for Struts 2.x)Documentation englishtotal = number of methods or objects that call struts actions classesUpdatedtotal = Number of methods or objects that call struts actions classes
7140quality-ruleAction Artifacts should not directly call a JSP pageDocumentation englishtotal = The total number of artifacts of classes and parent classes that are referenced ...Updatedtotal = Number of artifacts of classes and parent classes that are referenced as an acti...
7142quality-ruleAction Classes should have only one public methodDocumentation englishtotal = All action classes, except those inheriting from dispatchactionUpdatedtotal = Number of action classes, except those inheriting from dispatchaction
7148quality-ruleJSP pages should always be accessed through their tiles definitionDocumentation englishtotal = The total is the total of JSP pages. When the tiles technology is not used (no o...Updatedtotal = Number of JSP pages, when the tiles technology is used (object of type "Tiles C...
7152quality-ruleAvoid Fields in Servlet Classes that are not final staticDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7154quality-ruleAvoid Fields in Action Classes that are not final staticDocumentation englishMissingAddedtotal = Number of Action Classes
7156quality-ruleAvoid Too Many Copy Pasted ArtifactsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7156quality-ruleAvoid Too Many Copy Pasted ArtifactsDocumentation englishtotal = Artifacts larger than 10 lines of code ( default value of the CODELINE parameter...Updatedtotal = Number of artifacts larger than 10 lines of code ( default value of the CODELINE...
7188quality-rulePrivate fields must have JavaDoc CommentsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7188quality-rulePrivate fields must have JavaDoc CommentsDocumentation englishtotal = private java fieldsUpdatedtotal = Number of private Java fields
7190quality-ruleValidator form validate() Method must call super.validate()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7190quality-ruleValidator form validate() Method must call super.validate()Documentation englishtotal = Non abstract methods that override the validate method (at any depth in the inhe...Updatedtotal = Number of non abstract methods that override the validate method (at any depth i...
7192quality-ruleForm Bean must extend Validator ClassDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7192quality-ruleForm Bean must extend Validator ClassDocumentation englishMissingAddedtotal = Number of Java classes in the Struts application
7194quality-ruleAvoid large number of String concatenation (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of times the '+=' operator or Concat is called
7194quality-ruleAvoid large number of String concatenation (.NET)Documentation englishtotal = Total number of artifacts with codeUpdatedtotal = Number of artifacts
7196quality-ruleAvoid large number of String concatenation (JEE)Documentation englishMissingAddedtotal = Number of non abstract Java artifacts
7198quality-ruleAvoid String concatenation in loops (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7198quality-ruleAvoid String concatenation in loops (.NET)Documentation englishtotal = Total number of artifacts with codeUpdatedtotal = Number of artifacts
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7200quality-ruleAvoid String concatenation in loops (JEE)Documentation englishMissingAddedtotal = Number of non abstract Java artifacts
7202quality-ruleCheck usage of '==' and '!=' on objectsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7202quality-ruleCheck usage of '==' and '!=' on objectsDocumentation englishMissingAddedtotal = Number of non abstract Java Methods and Constructors
7204quality-ruleAvoid method invocation in a loop termination expressionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7204quality-ruleAvoid method invocation in a loop termination expressionDocumentation englishtotal = All methods having at least one loopUpdatedtotal = Number of methods having at least one loop
7206quality-ruleAvoid the use of InstanceOf inside loopsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7206quality-ruleAvoid the use of InstanceOf inside loopsDocumentation englishtotal = The total is the total number of methodsUpdatedtotal = Number of methods
7208quality-ruleAvoid the use of is inside loopsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7212quality-ruleAvoid instantiations inside loops (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7216quality-ruleDELETED: Avoid using exception handling inside loops (.NET)Documentation englishname = Avoid using exception handling inside loops (.NET)Updatedname = DELETED: Avoid using exception handling inside loops (.NET)
7216quality-ruleDELETED: Avoid using exception handling inside loops (.NET)Documentation englishtotal = Total number of methods and constructorsUpdatedtotal = Number of methods and constructors
7218quality-ruleAvoid OPEN/CLOSE inside loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7218quality-ruleAvoid OPEN/CLOSE inside loopsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7220quality-ruleAvoid Unused ImportsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7220quality-ruleAvoid Unused ImportsDocumentation englishMissingAddedtotal = Number of Java files and Web files
7234quality-ruleEVALUATE statements must be closed by END-EVALUATEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7234quality-ruleEVALUATE statements must be closed by END-EVALUATEDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7236quality-ruleAvoid recursive calls with PERFORM statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7236quality-ruleAvoid recursive calls with PERFORM statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7238quality-ruleAvoid calls between JSP PagesDocumentation englishMissingAddedtotal = Number of JSP pages
7240quality-ruleAction Classes should only call Business ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7240quality-ruleAction Classes should only call Business ClassesDocumentation englishMissingAddedtotal = Number of Action Classes
7242quality-ruleAvoid implementing Action Classes inheriting directly from Struts ActionDocumentation englishtotal = The number of action classes (inherit from org.apache.struts.action.Action)Updatedtotal = Number of action classes (inherit from org.apache.struts.action.Action)
7244quality-ruleAvoid direct usage of EJB Entity from the clientDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7244quality-ruleAvoid direct usage of EJB Entity from the clientDocumentation englishtotal = The ratio is the sum of client methods that call directly an Entity Bean divided...Updatedtotal = Number of direct and indirect call from the client to Entity Beans
7246quality-ruleAvoid Packages with High Efferent Coupling (CE)Documentation englishMissingAddedtotal = Number of Java classes and interfaces
7248quality-ruleAvoid Packages with High Afferent Coupling (CA)Documentation englishMissingAddedtotal = Number of Java classes and interfaces
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7250quality-ruleAvoid String initialization with String object (created using the 'new' keyword)Documentation englishMissingAddedtotal = Number of Java artifacts
7252quality-ruleCall 'super.finalize ()' in the "finally" block of 'finalize ()' methodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7252quality-ruleCall 'super.finalize ()' in the "finally" block of 'finalize ()' methodsDocumentation englishMissingAddedtotal = Number of finalize methods
7254quality-ruleDeclare as Static all methods not using instance members (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7254quality-ruleDeclare as Static all methods not using instance members (JEE)Documentation englishtotal = The number of non static methods.Updatedtotal = Number of non static methods
7256quality-ruleProvide a private default Constructor for utility Classes (JEE)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7258quality-ruleDataReader must be called using CommandBehavior.CloseConnection enumerationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7258quality-ruleDataReader must be called using CommandBehavior.CloseConnection enumerationDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7260quality-ruleUser Interface elements must not use directly the databaseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Database object
7260quality-ruleUser Interface elements must not use directly the databaseDocumentation englishtotal = All artifactsUpdatedtotal = Number of artifacts
7262quality-ruleAvoid Namespaces with High Efferent Coupling (CE)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Efferent Coupling
7262quality-ruleAvoid Namespaces with High Efferent Coupling (CE)Documentation englishMissingAddedtotal = Number of namespaces
7264quality-ruleAvoid namespaces with High Afferent Coupling (CA)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Afferent Coupling
7264quality-ruleAvoid namespaces with High Afferent Coupling (CA)Documentation englishMissingAddedtotal = Number of namespaces
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7266quality-ruleCall 'base.Dispose()' or 'MyBase.Finalize()' in the "finally" block of 'Dispose(bool)' methodsDocumentation englishtotal = The Total procedure must count only Dispose(bool) methods defined in classes whi...Updatedtotal = Number of Dispose(bool) methods defined in classes which implement the IDisposab...
7268quality-ruleDispose() methods should call GC.SuppressFinalizeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7268quality-ruleDispose() methods should call GC.SuppressFinalizeDocumentation englishtotal = The Total procedure counts only the Dispose() methods without parameters and def...Updatedtotal = Number of Dispose() methods without parameters and defined in classes which impl...
7270quality-ruleDeclare as Static all methods not using instance members (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7270quality-ruleDeclare as Static all methods not using instance members (.NET)Documentation englishtotal = Total number of methodsUpdatedtotal = Number of methods
7272quality-ruleProvide a private default Constructor for utility Classes (.NET)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7274quality-ruleAvoid GOTO jumps out of PERFORM rangeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7274quality-ruleAvoid GOTO jumps out of PERFORM rangeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7288quality-ruleAvoid cyclic calls with PERFORM statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7288quality-ruleAvoid cyclic calls with PERFORM statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7290quality-ruleAvoid unreferenced Sections and ParagraphsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7290quality-ruleAvoid unreferenced Sections and ParagraphsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7294quality-ruleAvoid cyclical calls and inheritances between namespaces contentDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Cyclically called / inherited namespace full name
7296quality-ruleNever define static variables in header filesDocumentation englishoutput = ...violation patterns found in the source code: - static variableUpdatedoutput = ...violation occurrences found in the source code: - static variable
7298quality-ruleA Class that has pointer data members must provide a copy ConstructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7298quality-ruleA Class that has pointer data members must provide a copy ConstructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7302quality-ruleAvoid using PointersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7302quality-ruleAvoid using PointersDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7304quality-ruleIF statements must be closed by END-IFDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7304quality-ruleIF statements must be closed by END-IFDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7306quality-ruleAvoid declaring Inner ClassesDocumentation englishMissingAddedtotal = Number of Java classes
7308quality-ruleAvoid using Inner ClassesDocumentation englishMissingAddedtotal = Number of Java artifacts
7340quality-ruleAvoid Classes with Destructor not explicitly virtual whenever one of its base Class has a virtual DestructorDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7340quality-ruleAvoid Classes with Destructor not explicitly virtual whenever one of its base Class has a virtual DestructorDocumentation englishoutput = ...violation patterns found in source code: - Derived-class non-virtual destructo...Updatedoutput = ...violation occurrences found in source code: - Derived-class non-virtual destru...
7342quality-ruleAvoid functions overriding virtual functions without having the 'virtual' keywordDocumentation englishoutput = ...violation patterns found in the source code: - Non-virtual method - Virtual ...Updatedoutput = ...violation occurrences found in the source code: - Non-virtual method - Virtu...
7344quality-ruleAvoid "SELECT *" queriesDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using Tables or...Updatedtotal = Number of Client-Server artifacts using tables or views
7346quality-ruleAvoid redundant indexesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Redundant index
7346quality-ruleAvoid redundant indexesDocumentation englishtotal = Total number of tablesUpdatedtotal = Number of tables
7348quality-ruleAvoid too many Indexes on one TableDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of indexes of the table
7348quality-ruleAvoid too many Indexes on one TableDocumentation englishtotal = Total number of tablesUpdatedtotal = Number of tables
7350quality-ruleAvoid Tables having Indexes with a too large Index definitionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Size of index
7350quality-ruleAvoid Tables having Indexes with a too large Index definitionDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7352quality-ruleAvoid calling properties that clone values in loopsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7352quality-ruleAvoid calling properties that clone values in loopsDocumentation englishtotal = This counts all artifacts that can contain code (e.g. methods in classes but not...Updatedtotal = Number of methods in classes but not in interfaces
7358quality-ruleAvoid call to AcceptChanges in a loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7358quality-ruleAvoid call to AcceptChanges in a loopDocumentation englishtotal = All .Net Artifacts doing a call to AcceptChangesUpdatedtotal = Number of .Net artifacts doing a call to AcceptChanges
7360quality-ruleDELETED:7360 Avoid hiding Static MethodsDocumentation englishtotal = The total procedure counts the number of static methods.Updatedtotal = Number of static methods
7362quality-ruleAvoid action mappings validator turned offDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7362quality-ruleAvoid action mappings validator turned offDocumentation englishtotal = The number of action mapping or 0 if no object of type "Struts Configuration Fil...Updatedtotal = Number of action mapping or 0 if no object of type "Struts Configuration File" i...
7364quality-ruleAvoid multiple validation form with the same nameDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7364quality-ruleAvoid multiple validation form with the same nameDocumentation englishtotal = The total number of distinct validation forms names or 0 if no object of type "V...Updatedtotal = Number of distinct validation forms names or 0 if no object of type "Validation ...
7366quality-ruleFile descriptor block must be defined with 0 recordDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7366quality-ruleFile descriptor block must be defined with 0 recordDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7368quality-ruleWhen using binary data items (COMP), then use the SYNCHRONIZED clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7368quality-ruleWhen using binary data items (COMP), then use the SYNCHRONIZED clauseDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7370quality-ruleAvoid using inline PERFORM with too many lines of codeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7370quality-ruleAvoid using inline PERFORM with too many lines of codeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7372quality-ruleEnable Struts Validator pluginDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7372quality-ruleEnable Struts Validator pluginDocumentation englishtotal = the total is equal to the number of struts configuration file if object of type ...Updatedtotal = Number of struts configuration file when object of type "Struts Configuration Fi...
7378quality-ruleAvoid include JavaScript FilesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7378quality-ruleAvoid include JavaScript FilesDocumentation englishtotal = number of JSP files that refer to JavaScript FilesUpdatedtotal = Number of JSP files that refer to JavaScript files
7380quality-ruleAvoid unused validation formDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7380quality-ruleAvoid unused validation formDocumentation englishtotal = total of validation form or 0 if no object of type "Validation Configuration Fil...Updatedtotal = Number of validation forms when object of type "Validation Configuration File" i...
7382quality-ruleAvoid Validator field without Form FieldDocumentation englishtotal = total of form validated or 0 if no object of type "Validation Configuration Fil...Updatedtotal = Number of forms validated when object of type "Validation Configuration File" is...
7384quality-ruleDELETED: Large Programs should be called dynamicallyDocumentation englishoutput = ...violation patterns found in source code: - CALL statementUpdatedoutput = ...violation occurrences found in source code: - CALL statement
7386quality-ruleAvoid Tables without a clustered IndexDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7388quality-ruleAvoid artifacts having recursive callsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7388quality-ruleAvoid artifacts having recursive callsDocumentation englishtotal = The total procedure counts the number of executable artifacts (all Artifacts exc...Updatedtotal = Number of executable artifacts (all artifacts excepts tables, views, jsp, asp, ...
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishname = ... multiple Artifacts inserting data on the same SQL TableUpdatedname = ... multiple artifacts inserting data on the same SQL Table
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishMissingAddedremediationSample = import java.sql.*; // less than X classes update the same table public class T...
7390quality-ruleAvoid having multiple artifacts inserting data on the same SQL TableDocumentation englishMissingAddedsample = import java.sql.*; public class TestUpdate1 { public static void main(java.l...
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishMissingAddedremediationSample = import java.sql.*; // less than X classes update the same table public class T...
7392quality-ruleAvoid having multiple artifacts deleting data on the same SQL tableDocumentation englishMissingAddedsample = import java.sql.*; public class TestUpdate1 { public static void main(java.l...
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishname = ... multiple Artifacts updating data on the same SQL TableUpdatedname = ... multiple artifacts updating data on the same SQL Table
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishtotal = The total procedure counts the number of tables.Updatedtotal = Number of tables
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishMissingAddedremediationSample = import java.sql.*; // less than X classes update the same table public class T...
7394quality-ruleAvoid having multiple artifacts updating data on the same SQL TableDocumentation englishMissingAddedsample = import java.sql.*; public class TestUpdate1 { public static void main(java.l...
7396quality-ruleDELETED: Subprograms called multiple times should be called staticallyDocumentation englishoutput = ...violation patterns found in source code: - "CALL <variable_name>" statements r...Updatedoutput = ...violation occurrences found in source code: - "CALL <variable_name>" statement...
7404quality-ruleAvoid unreferenced viewsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7404quality-ruleAvoid unreferenced viewsDocumentation englishtotal = total is number of views stored in the schemaUpdatedtotal = Number of views stored in the schema
7416quality-ruleAvoid Form Field without ValidatorDocumentation englishtotal = The number of all form fields or Java setter methods, when defined with struts o...Updatedtotal = Number of form fields or Java setter methods, when defined with struts or 0 if n...
7418quality-ruleAvoid SQL queries using functions on indexed columns in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using Tables.Updatedtotal = Number of Client-Server artifacts using tables
7420quality-ruleAvoid SQL queries with implicit conversions in the WHERE clauseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Name of the column (first column involved in a type conversion)
7420quality-ruleAvoid SQL queries with implicit conversions in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of SQL Artifacts using Tables.Updatedtotal = Number of SQL artifacts using tables
7424quality-ruleAvoid using SQL queries inside a loopDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7424quality-ruleAvoid using SQL queries inside a loopDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7428quality-ruleAvoid SQL queries not using the first column of a composite index in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of client-server artifacts using tables th...Updatedtotal = Number of client-server artifacts using tables that contain a query using column...
7434quality-ruleAvoid classes overriding only equals() or only hashCode()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7434quality-ruleAvoid classes overriding only equals() or only hashCode()Documentation englishtotal = all classes that override equals() or (not exclusive) hashCode()Updatedtotal = Number of classes that override equals() or (not exclusive) hashCode()
7436quality-rulePrefer UNION ALL to UNIONDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = The number of UNION (without ALL) occurrences
7436quality-rulePrefer UNION ALL to UNIONDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts with a SQL quer...Updatedtotal = Number of Client-Server artifacts with a SQL query that contains a UNION or UNIO...
7438quality-ruleAvoid non thread safe singletonDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7438quality-ruleAvoid non thread safe singletonDocumentation englishtotal = the total procedure counts all singleton classes (as defined in the definition)Updatedtotal = Number of singleton classes (as defined in the definition)
7440quality-ruleSuspicious similar method names or signatures in an inheritance treeDocumentation englishtotal = All methods that fails and all methods that override a method from a superclassUpdatedtotal = Number of methods that fails and methods that override a method from a superclas...
7444quality-ruleSerialize session objectsDocumentation englishtotal = The number of objects in the session scopeUpdatedtotal = Number of objects in the session scope
7446quality-ruleAvoid double checked lockingDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7458quality-ruleAvoid large Interfaces - too many Methods (.NET)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of methods
7458quality-ruleAvoid large Interfaces - too many Methods (.NET)Documentation englishtotal = Total number of interfacesUpdatedtotal = Number of interfaces
7460quality-ruleAvoid using untyped DataSetDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7466quality-ruleAvoid changing DataSource member before ValueMember/DisplayMemberDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7468quality-ruleDisable constraints before merging DataSetDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7470quality-ruleAvoid doing select on Datatable in loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7474quality-ruleUse BeginUpdate/EndUpdate when using Items.Add method in loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7476quality-ruleTurn off "Multiple SQL statements for each measure"Documentation englishassociatedValueName = Associated ValueRemovedMissing
7476quality-ruleTurn off "Multiple SQL statements for each measure"Documentation englishtotal = Count of universesUpdatedtotal = Number of universes
7480quality-ruleUse aggregate awareness for indicatorsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7480quality-ruleUse aggregate awareness for indicatorsDocumentation englishtotal = Count of indicatorsUpdatedtotal = Number of indicators
7482quality-ruleDo not use Cartesian products in Universe propertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7482quality-ruleDo not use Cartesian products in Universe propertiesDocumentation englishtotal = Count of universesUpdatedtotal = Number of universes
7484quality-ruleObjects in Universe using inexistent Table/ColumnDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7486quality-ruleSplit universes of more than X MBDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7486quality-ruleSplit universes of more than X MBDocumentation englishtotal = All universesUpdatedtotal = Number of universes
7488quality-ruleUse lazy fetching for collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7488quality-ruleUse lazy fetching for collectionDocumentation englishtotal = number of Hibernate Entity Property or JPA Entity Property of type collectionUpdatedtotal = Number of Hibernate entity properties or JPA entity properties of type collectio...
7490quality-ruleAvoid UPDATE trigger firing when not necessaryDocumentation englishtotal = The number of Hibernate XML Class associated to a table managed by a triggerUpdatedtotal = Number of Hibernate XML classes associated to a table managed by a trigger
7494quality-rulePersistent class method's equals() and hashCode() must access its fields through getter methodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7496quality-ruleUse table-per-subclass strategy when subclasses have many propertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7496quality-ruleUse table-per-subclass strategy when subclasses have many propertiesDocumentation englishtotal = The number of hibernate and/or JPA entities that are subclassed (subclass or joi...Updatedtotal = Number of hibernate and/or JPA entities that are subclassed (subclass or joined-...
7498quality-ruleCollection must be the same between getter and setterDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7498quality-ruleCollection must be the same between getter and setterDocumentation englishtotal = The total is the total number of hibernate or JPA persistent fields setters and ...Updatedtotal = Number of hibernate or JPA persistent fields setters and getters that have a Col...
7500quality-ruleUse table-per-class-hierarchy when subclasses have few propertiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7500quality-ruleUse table-per-class-hierarchy when subclasses have few propertiesDocumentation englishtotal = The number of hibernate and/or JPA entities that are subclassed (subclass or joi...Updatedtotal = Number of hibernate and/or JPA entities that are subclassed (subclass or joined-...
7502quality-ruleNever use array to map a collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7502quality-ruleNever use array to map a collectionDocumentation englishtotal = The total will be the number of Hibernate Entities that map a collection that co...Updatedtotal = Number of Hibernate entities that map a collection that could be: array, map, li...
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7504quality-rulePersistent classes should Implement hashCode() and equals()Documentation englishtotal = The number of persistent classes (through Hibernate or JPA)Updatedtotal = Number of persistent classes (through Hibernate or JPA)
7506quality-ruleDefine equals() and hashCode() for componentDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7506quality-ruleDefine equals() and hashCode() for componentDocumentation englishtotal = Total classes associated to a component (component and composite-element or @Emb...Updatedtotal = Number of classes associated to a component (component and composite-element or ...
7508quality-ruleCollection-typed attributes getter must be defined with the correct interfaceDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7508quality-ruleCollection-typed attributes getter must be defined with the correct interfaceDocumentation englishtotal = Total getters associated to persistent collection-typed attributesUpdatedtotal = Number of getters associated to persistent collection-typed attributes
7510quality-ruleUse only Hibernate API to access to the databaseDocumentation englishtotal = The total number of artifacts that violate this rule plus the artifacts that ref...Updatedtotal = Number of artifacts that violate this rule plus the artifacts that reference net...
7512quality-ruleAvoid empty Functions, Forms and ModulesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7514quality-ruleAvoid empty IncludesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7516quality-ruleAvoid empty ProgramsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7518quality-ruleAvoid missing WHEN OTHERS in CASE statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7518quality-ruleAvoid missing WHEN OTHERS in CASE statementsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7520quality-ruleAvoid unchecked return code (SY-SUBRC) after OPEN SQL or READ statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7520quality-ruleAvoid unchecked return code (SY-SUBRC) after OPEN SQL or READ statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7522quality-ruleAvoid using literals in assignments (hardcoded values)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7522quality-ruleAvoid using literals in assignments (hardcoded values)Documentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7526quality-ruleAvoid using hardcoded pathsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7526quality-ruleAvoid using hardcoded pathsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7528quality-ruleNever use the ON CHANGE OF statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7528quality-ruleNever use the ON CHANGE OF statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7532quality-ruleAvoid nested SELECT ... ENDSELECT statementsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7534quality-ruleAvoid READ TABLE without BINARY SEARCHDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7534quality-ruleAvoid READ TABLE without BINARY SEARCHDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7536quality-ruleAvoid using AT Events in combination of LOOP AT .... WHERE constructsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7538quality-ruleAvoid using SELECT ... INTO CORRESPONDING FIELDS OFDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7542quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness checkDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7542quality-ruleAvoid using FOR ALL ENTRIES IN without emptiness checkDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7544quality-ruleAvoid using SELECT ... ENDSELECT statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7544quality-ruleAvoid using SELECT ... ENDSELECT statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7548quality-ruleNever use incompatible statements with the CICS environmentDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7548quality-ruleNever use incompatible statements with the CICS environmentDocumentation englishoutput = ...violation patterns found in source code: - Incompatible Cobol statementUpdatedoutput = ...violation occurrences found in source code: - Incompatible Cobol statement
7550quality-ruleAvoid using nested programsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7550quality-ruleAvoid using nested programsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7552quality-ruleAvoid incoherent file accesses in Cobol programs and DISP clauses in JCLDocumentation englishoutput = ...violation patterns found in source code: - The OPEN statement (in the Cobol ...Updatedoutput = ...violation occurrences found in source code: - The OPEN statement (in the Cob...
7556quality-ruleAvoid instanceof in Methods that override or implement Object.equals(), Comparable.compareTo()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7558quality-ruleAvoid accessing data by using the position and lengthDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7558quality-ruleAvoid accessing data by using the position and lengthDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7562quality-ruleAvoid static Field of type collectionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7568quality-ruleAvoid undocumented User-exitsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7598quality-ruleClass naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7602quality-ruleTransaction naming conventionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7634quality-ruleAvoid select-before-update when the Table is not associated to an UPDATE TriggerDocumentation englishtotal = The number of Hibernate XML Entities that have the select-before-update propertyUpdatedtotal = Number of Hibernate XML Entities that have the select-before-update property
7636quality-ruleUse version instead of timestampDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7636quality-ruleUse version instead of timestampDocumentation englishtotal = The total is the number of hibernate entity that use version or timestamp proper...Updatedtotal = Number of Hibernate entities that use version or timestamp property
7638quality-ruleAvoid using DriverManagerDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7638quality-ruleAvoid using DriverManagerDocumentation englishtotal = The number of methods that reference java.sql.Connection classUpdatedtotal = Number of methods that reference java.sql.Connection class
7640quality-ruleAvoid catch blocks with assertionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7640quality-ruleAvoid catch blocks with assertionDocumentation englishtotal = Methods and constructors that have code (not abstracts or from interfaces) conta...Updatedtotal = Number of methods and constructors that have code (not abstracts or from interfa...
7642quality-ruleAvoid SQL queries on XXL tables not using the first column of a composite index in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of client-server artifacts using tables or...Updatedtotal = Number of client-server artifacts using tables or views that contain a query usi...
7644quality-ruleAvoid executing multiple OPEN statementsDocumentation englishoutput = ...violation patterns found in source code: - OPEN statementUpdatedoutput = ...violation occurrences found in source code: - OPEN statement
7648quality-ruleAvoid calling finalize()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7648quality-ruleAvoid calling finalize()Documentation englishtotal = number of call to finalize methodsUpdatedtotal = Number of calls to finalize methods
7650quality-ruleAll types of a serializable Class must be serializableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7650quality-ruleAll types of a serializable Class must be serializableDocumentation englishtotal = number of non-static, non-transient and not primitive fields of classes that imp...Updatedtotal = Number of non-static, non-transient and not primitive fields of classes that imp...
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7652quality-ruleAvoid throwing an exception in a catch block without chaining itDocumentation englishtotal = The number of methods that throw an exception (a class that inherits from Throwa...Updatedtotal = Number of methods that throw an exception (a class that inherits from Throwable)...
7654quality-ruleAvoid database tables associated to more than one EntityDocumentation englishtotal = The total is the number of EntityUpdatedtotal = Number of entities
7658quality-ruleAvoid SQL queries on XXL Tables using Functions on indexed Columns in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using XXL Table...Updatedtotal = Number of Client-Server artifacts using XXL Tables or views based on XXL tables
7660quality-ruleNever use SQL queries with a cartesian product on XXL TablesDocumentation englishtotal = The total procedure counts the number of Client-Server Artifacts using XXL Table...Updatedtotal = Number of Client-Server artifacts using XXL Tables or views based on XXL tables
7662quality-ruleAvoid SQL queries on XXL Tables with implicit conversions in the WHERE clauseDocumentation englishtotal = The total procedure counts the number of SQL Artifacts using XXL Tables or views...Updatedtotal = Number of SQL artifacts using XXL Tables or views based on XXL tables
7668quality-ruleAvoid using incorrect XML parsing modelDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7668quality-ruleAvoid using incorrect XML parsing modelDocumentation englishtotal = The number of methods that reference javax.xml.parsers.SAXParser and javax.xml.p...Updatedtotal = Number of methods that reference javax.xml.parsers.SAXParser and javax.xml.parse...
7670quality-ruleAvoid accessing SAP standard Tables in modification from custom codeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7670quality-ruleAvoid accessing SAP standard Tables in modification from custom codeDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7672quality-ruleAvoid using EXIT statement in IncludeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7672quality-ruleAvoid using EXIT statement in IncludeDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7676quality-ruleAvoid too many packages referencing MainframeDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7676quality-ruleAvoid too many packages referencing MainframeDocumentation englishtotal = The number of packageUpdatedtotal = Number of packages
7678quality-ruleAvoid using specific logging implementationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7678quality-ruleAvoid using specific logging implementationDocumentation englishtotal = total of artifacts and fields that use org.apache.log4j, org.apache.commons.logg...Updatedtotal = Number of artifacts and fields that use org.apache.log4j, org.apache.commons.log...
7680quality-ruleDeclare as Final all classes that will not be sub-classedDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7682quality-ruleAvoid domain model depending on other Java APIDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7682quality-ruleAvoid domain model depending on other Java APIDocumentation englishtotal = The number of persistent classes's artifactsUpdatedtotal = Number of persistent classes's artifacts
7688quality-ruleNever truncate data in MOVE statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7688quality-ruleNever truncate data in MOVE statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7690quality-ruleAvoid unchecked return code (SQLCODE) after EXEC SQL queryDocumentation englishoutput = ...violation patterns found in source code: - EXEC SQL query that is not followe...Updatedoutput = ...violation occurrences found in source code: - EXEC SQL query that is not foll...
7692quality-ruleEach opened file must be closedDocumentation englishoutput = ...violation patterns found in source code: - FD clause associated to the file ...Updatedoutput = ...violation occurrences found in source code: - FD clause associated to the fi...
7694quality-ruleAvoid calling the same paragraph with PERFORM and GO TO statementsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7694quality-ruleAvoid calling the same paragraph with PERFORM and GO TO statementsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7696quality-ruleA Copybook should not include other CopybooksDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7696quality-ruleA Copybook should not include other CopybooksDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7698quality-ruleFiles should be declared with a FILE-STATUSDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7698quality-ruleFiles should be declared with a FILE-STATUSDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7700quality-ruleUse only Struts HTTP ServletDocumentation englishtotal = The total is the total number of Servlet that inherit from javax.servlet.http.Ht...Updatedtotal = Number of Servlets that inherit from javax.servlet.http.HttpServlet when org.apa...
7702quality-ruleUse a third party connection poolDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7702quality-ruleUse a third party connection poolDocumentation englishtotal = Total of Hibernate Configuration File (including hibernate.properties). If it do...Updatedtotal = Number of Hibernate configuration fields (including hibernate.properties)
7704quality-ruleAvoid static Fields that are not finalDocumentation englishtotal = number of enterprise bean (session, message and entity)Updatedtotal = Number of enterprise beans (session, message and entity)
7706quality-ruleAvoid table and column names that are too long (portability)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7706quality-ruleAvoid table and column names that are too long (portability)Documentation englishtotal = The total number of Persistent Entities and PropertiesUpdatedtotal = Number of persistent entities and properties
7708quality-ruleAvoid using session.setFlushMode(FlushMode.COMMIT, FlushMode.NEVER or FlushMode.MANUAL)Documentation englishassociatedValueName = Associated ValueRemovedMissing
7708quality-ruleAvoid using session.setFlushMode(FlushMode.COMMIT, FlushMode.NEVER or FlushMode.MANUAL)Documentation englishtotal = The number of methods that reference org.hibernate.Session.setFlushMode or net.s...Updatedtotal = Number of methods that reference org.hibernate.Session.setFlushMode or net.sf.hi...
7710quality-ruleAvoid non serializable EntitiesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7710quality-ruleAvoid non serializable EntitiesDocumentation englishtotal = the number of entitiesUpdatedtotal = Number of entities
7712quality-ruleAvoid public/protected setter for the generated identifier fieldDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7714quality-ruleDo not use auto-wiringDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 529, propertyID = 140919
7714quality-ruleDo not use auto-wiringDocumentation englishreference = http://www.onjava.com/pub/a/onjava/2006/01/25/spring-xml-configuration-best-prac...Updatedreference = https://blog.marcnuri.com/field-injection-is-not-recommended/ https://howtodoinj...
7714quality-ruleDo not use auto-wiringDocumentation englishremediationSample = ...yBean"/> // FIXED ... </beans>UpdatedremediationSample = ...yBean"/> // FIXED ... </beans> @Service public class ModuleManagementService { ...
7714quality-ruleDo not use auto-wiringDocumentation englishsample = ...n"/> // VIOLATION ... </beans>Updatedsample = ...n"/> // VIOLATION ... </beans> import org.springframework.stereotype.Componen...
7714quality-ruleDo not use auto-wiringDocumentation englishtotal = The total number of Spring bean, 0 if Spring is not usedUpdatedtotal = Number of Spring bean
7714quality-ruleDo not use auto-wiringDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7714quality-ruleDo not use auto-wiringOperationlocalSiteDiagnose = DIAG_SCOPE_JEEARUSE004UpdatedlocalSiteDiagnose = null
7714quality-ruleDo not use auto-wiringOperationlocalSiteCountTotal = DIAG_JEE_SPRINGBEAN_TOTALUpdatedlocalSiteCountTotal = null
7716quality-ruleAvoid defining singleton or factory when using SpringDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7716quality-ruleAvoid defining singleton or factory when using SpringDocumentation englishtotal = The total will be the total of JAVA singleton, factory and Spring beans, 0 if Sp...Updatedtotal = Number of Java singleton, factory and Spring beans when Spring is used
7718quality-ruleSections and paragraphs should be located after the first statement calling themDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7718quality-ruleSections and paragraphs should be located after the first statement calling themDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7722quality-ruleAvoid using references to the id in the persistent class's method equals()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7724quality-ruleOverriden equals() Methods in persistent Subclasses should only reference properties from the persistent base ClassDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7724quality-ruleOverriden equals() Methods in persistent Subclasses should only reference properties from the persistent base ClassDocumentation englishtotal = The total is the number of persistent subclasses (subclass or joined-subclass) t...Updatedtotal = Number of persistent subclasses (subclass or joined-subclass) that override the ...
7726quality-ruleAvoid Action artifacts that call packages that reference databaseDocumentation englishtotal = The total number of artifacts of classes and parent classes that are referenced ...Updatedtotal = Number of artifacts of classes and parent classes that are referenced as an acti...
7728quality-ruleAvoid thread creation for application running on application serverDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7728quality-ruleAvoid thread creation for application running on application serverDocumentation englishtotal = The number of Java methods and Constructors when ejb-jar.xml or web.xml are pres...Updatedtotal = Number of Java methods and constructors when ejb-jar.xml or web.xml are present ...
7730quality-ruleUse declarative transactionDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 531, propertyID = 140920
7730quality-ruleUse declarative transactionDocumentation englishdescription = When EJB Session and/or Message Driven Beans exist, this Quality Rule reports al...Updateddescription = The Bean Provider can choose between using programmatic transaction demarcation ...
7730quality-ruleUse declarative transactionDocumentation englishtotal = The number of Java Methods and Constructors when EJB Session and/or EJB Message ...Updatedtotal = Number of Java Methods and Constructors (including generic methods and generic c...
7730quality-ruleUse declarative transactionDocumentation englishMissingAddedremediationSample = use container-managed transaction demarcation (@Transactional Annotation or Conf...
7730quality-ruleUse declarative transactionDocumentation englishMissingAddedsample = programmatic transaction demarcation: sample 1: @Stateless @TransactionManagemen...
7730quality-ruleUse declarative transactionDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
7730quality-ruleUse declarative transactionOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPPUB004UpdatedlocalSiteDiagnose = null
7730quality-ruleUse declarative transactionOperationlocalSiteCountTotal = DIAG_JEE_METBEAN_TOTALUpdatedlocalSiteCountTotal = null
7732quality-ruleAvoid non validated inputsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7732quality-ruleAvoid non validated inputsDocumentation englishtotal = The total number of input field, 0 if JSF is not usedUpdatedtotal = Number of input field, 0 if JSF is not used
7734quality-ruleAvoid to use Log.debug() without calling Log.isDebugEnabled()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7734quality-ruleAvoid to use Log.debug() without calling Log.isDebugEnabled()Documentation englishtotal = the number of methods that call debug() methods (i.e: org.apache.log4j.Category....Updatedtotal = Number of methods that call debug() methods (i.e: org.apache.log4j.Category.debu...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishdescription = ...ripting injection flaws (XSS). The list of user input methods can be customized...Updateddescription = ...ripting injection flaws (XSS).
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishname = ...scripting DOM vulnerabilitiesUpdatedname = ...scripting vulnerabilities
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishoutput = ...nerability : It provides the following information: - The full name of the meth...Updatedoutput = ...nerability: It provides the following information: - The full name of the metho...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishrationale = ...vulnerabilty is known as cross-site scripting (XSS). It is caused by malicious s...Updatedrationale = ...vulnerability is known as cross-site scripting (XSS). It is caused by malicious ...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishremediation = Code the appropriate sanitization methods as close as possible to the user input...Updatedremediation = Use authorized sanitization methods.
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishMissingAddedremediationSample = Sample 1 <% String eid = request.getParameter("eid"); %> ... //include validatio...
7740quality-ruleAvoid cross-site scripting vulnerabilitiesDocumentation englishMissingAddedsample = Sample 1 <% String eid = request.getParameter("eid"); %> ... Employee ID: <%= ei...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishdescription = ...r validation and sanitization. The list of user input methods, SQL execution me...Updateddescription = ...r validation and sanitization.
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishrationale = ...lidation ( CWE-20 ) as follows : "When software does not validate input properl...Updatedrationale = ...lidation (CWE-20) as follows: "When software does not validate input properly, ...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishremediation = Code the appropriate input validation as close as possible to the user input cal...Updatedremediation = Use authorized sanitization methods.
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = ... string userName = ctx.getAuthenticatedUserName(); // validate the user input...
7742quality-ruleAvoid SQL injection vulnerabilitiesDocumentation englishMissingAddedsample = The following code dynamically constructs and executes a SQL query that searches...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishdescription = ...on flaws ( LDAP : Lightweight Directory Access Protocol ). The list of user inp...Updateddescription = ...on flaws (LDAP: Lightweight Directory Access Protocol).
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = An attacker could include input that changes the LDAP query which allows uninten...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishMissingAddedremediation = Input Validation Assume all input is malicious. Use an "accept known good" inpu...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = context = new InitialDirContext(env); //The code below constructs an LDAP query ...
7746quality-ruleAvoid LDAP injection vulnerabilitiesDocumentation englishMissingAddedsample = context = new InitialDirContext(env); String searchFilter = "StreetAddress=" + a...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishdescription = Using CAST dataflow engine, this metric detects paths from user input methods do...Updateddescription = The software constructs all or part of an OS command using externally-influenced...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = This could allow attackers to execute unexpected, dangerous commands directly on...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishMissingAddedremediation = To avoid the creation of Injection flaws, the Open Web Application Security Proj...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishMissingAddedremediationSample = Sample 1: public String coordinateTransformLatLonToUTM(String coordinates) { Str...
7748quality-ruleAvoid OS command injection vulnerabilitiesDocumentation englishMissingAddedsample = Sample 1: public String coordinateTransformLatLonToUTM(String coordinates) { Str...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishdescription = Using CAST dataflow engine, this metric detects execution paths from user input ...Updateddescription = The software does not properly neutralize special elements that are used in XML,...
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishrationale = ... or arbitrary code execution." This rule ensures that the appropriate input val...Updatedrationale = ... or arbitrary code execution."
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7750quality-ruleAvoid XPath injection vulnerabilitiesDocumentation englishMissingAddedremediation = Use authorized sanitization methods.
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishdescription = ...rating System injection flaws. The list of user input methods can be customiz...Updateddescription = ...rating System injection flaws.
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishrationale = In web based applications, the validation of all user input is critical to avoid...Updatedrationale = This could allow an attacker to access or modify system files or other files tha...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishremediation = Validate all the user inputs.Updatedremediation = Validate all the user inputs. To avoid the creation of Injection flaws, the Ope...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishMissingAddedremediationSample = fis = new FileInputStream(cfg.getProperty("sub")+".txt"); //code a validate func...
7752quality-ruleAvoid file path manipulation vulnerabilitiesDocumentation englishMissingAddedsample = The following code uses input from a configuration file to determine which file ...
7754quality-ruleAvoid using COMPUTE statement for elementary arithmetic operationDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7754quality-ruleAvoid using COMPUTE statement for elementary arithmetic operationDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7756quality-ruleAvoid using READ statement without AT END clause or INVALID KEY clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7756quality-ruleAvoid using READ statement without AT END clause or INVALID KEY clauseDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7760quality-ruleAvoid triggers, functions and procedures with a very low comment/code ratioDocumentation englishMissingAddedtotal = Number of SQL procedures, triggers
7762quality-ruleAvoid undocumented Triggers, Functions and ProceduresDocumentation englishMissingAddedtotal = Number of SQL procedures, triggers
7766quality-ruleAvoid Artifacts with High Cyclomatic ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Cyclomatic Complexity
7768quality-ruleAvoid Artifacts with High Depth of CodeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Depth of Code
7770quality-ruleAvoid Artifacts with too many parametersDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of parameters
7770quality-ruleAvoid Artifacts with too many parametersDocumentation englishtotal = number of artifacts that have at least 1 parameterUpdatedtotal = Number of artifacts that have at least 1 parameter
7772quality-ruleAvoid Artifacts with High Essential ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Essential Complexity
7774quality-ruleAvoid Artifacts with High Integration ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Integration Complexity
7774quality-ruleAvoid Artifacts with High Integration ComplexityDocumentation englishMissingAddedtotal = Number of non abstract artifacts
7776quality-ruleAvoid Artifacts with High Fan-InDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Fan-In
7778quality-ruleAvoid Artifacts with High Fan-OutDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Fan-Out
7780quality-ruleAvoid Classes with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
7780quality-ruleAvoid Classes with a very low comment/code ratioDocumentation englishtotal = Total number of classesUpdatedtotal = Number of classes
7782quality-ruleAvoid empty finally blocksDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7782quality-ruleAvoid empty finally blocksDocumentation englishtotal = This counts all Artifacts.Updatedtotal = Number of artifacts
7784quality-ruleAvoid Artifacts with lines longer than X charactersDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of characters of the longest line
7784quality-ruleAvoid Artifacts with lines longer than X charactersDocumentation englishtotal = Total number of artifactsUpdatedtotal = Number of artifacts
7788quality-ruleAvoid empty catch blocksDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of empty catch blocks
7788quality-ruleAvoid empty catch blocksDocumentation englishtotal = This counts all artifacts.Updatedtotal = Number of artifacts
7790quality-ruleAvoid Cursors inside a loopDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7790quality-ruleAvoid Cursors inside a loopDocumentation englishtotal = The total procedure counts Artifacts that can contain cursors (all SQL Artifacts...Updatedtotal = Number of artifacts that can contain cursors (all SQL Artifacts except tables an...
7792quality-ruleAvoid Classes with a High Number Of ChildrenDocumentation englishMissingAddedtotal = Number of classes
7794quality-ruleAvoid Classes with a High Public Data RatioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Public Data Ratio
7794quality-ruleAvoid Classes with a High Public Data RatioDocumentation englishMissingAddedtotal = Number of classes
7796quality-ruleAvoid Classes with a High Lack of Cohesion - variantDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Lack of Cohesion in Methods
7798quality-ruleAvoid Classes with a High Lack of CohesionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Lack of Cohesion in Methods
7800quality-ruleAvoid Classes with High Coupling Between ObjectsDocumentation englishMissingAddedtotal = Number of classes
7802quality-ruleAvoid Classes with a High Depth of Inheritance TreeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Depth of Inheritance Tree
7802quality-ruleAvoid Classes with a High Depth of Inheritance TreeDocumentation englishreference = http://it-cisq.org/ CISQ : ASCMM-MNT-17 A Metrics Suite for Object Oriented Des...Updatedreference = https://it-cisq.org/ CISQ : ASCMM-MNT-17 A Metrics Suite for Object Oriented De...
7802quality-ruleAvoid Classes with a High Depth of Inheritance TreeDocumentation englishtotal = number of classes and interfacesUpdatedtotal = Number of classes and interfaces
7804quality-ruleAvoid Classes with High Weighted Methods per ClassDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Weighted Methods per Class
7804quality-ruleAvoid Classes with High Weighted Methods per ClassDocumentation englishMissingAddedtotal = Number of classes
7806quality-ruleAvoid Artifacts with Group ByDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Group by
7808quality-ruleAvoid Artifacts with SQL statement including subqueriesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of Subqueries
7808quality-ruleAvoid Artifacts with SQL statement including subqueriesDocumentation englishMissingAddedtotal = Number of artifacts accessing SQL objects
7810quality-ruleAvoid Artifacts with a Complex SELECT ClauseDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7810quality-ruleAvoid Artifacts with a Complex SELECT ClauseDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7812quality-ruleClass naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7812quality-ruleClass naming convention - case and character set controlDocumentation englishMissingAddedtotal = Number of classes
7814quality-ruleAvoid Tables not using referential integrityDocumentation englishtotal = total is number of tablesUpdatedtotal = Number of tables
7816quality-ruleAvoid using GOTO statementDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of GOTO statements
7816quality-ruleAvoid using GOTO statementDocumentation englishMissingAddedtotal = Number of objects with code or contains DDL or client artifacts
7818quality-ruleAvoid Functions having a very low Comment/Code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
7818quality-ruleAvoid Functions having a very low Comment/Code ratioDocumentation englishMissingAddedtotal = Number of Inventory Functions
7820quality-ruleNever use SQL queries with a cartesian productDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7820quality-ruleNever use SQL queries with a cartesian productDocumentation englishtotal = The total procedure counts the number of Artifacts using Tables.Updatedtotal = Number of artifacts using Tables
7822quality-ruleAvoid Artifacts with queries on more than 4 TablesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7824quality-ruleThe exception Exception should never been thrown. Always Subclass Exception and throw the subclassed Classes.Documentation englishassociatedValueName = Associated ValueRemovedMissing
7824quality-ruleThe exception Exception should never been thrown. Always Subclass Exception and throw the subclassed Classes.Documentation englishtotal = This counts all Artifacts.Updatedtotal = Number of artifacts
7826quality-ruleForms naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7826quality-ruleForms naming convention - prefix controlDocumentation englishtotal = Total number of Forms.Updatedtotal = Number of forms
7828quality-ruleAvoid Artifacts with High RAW SQL ComplexityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Raw complexity
7830quality-ruleAvoid unreferenced InterfacesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7830quality-ruleAvoid unreferenced InterfacesDocumentation englishtotal = Total number of interfacesUpdatedtotal = Number of interfaces
7832quality-ruleAvoid unreferenced ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7834quality-ruleAvoid undocumented InterfacesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7836quality-ruleAvoid undocumented FunctionsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7838quality-ruleAvoid undocumented MethodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7840quality-ruleTrigger naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7840quality-ruleTrigger naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of Triggers
7842quality-ruleAvoid large Artifacts - too many Lines of CodeDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of lines of code
7844quality-ruleAvoid undocumented ClassesDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7846quality-ruleAvoid Methods with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment/code ratio
7848quality-ruleInterface naming convention - prefixDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7850quality-ruleAvoid raising an exception in a Web Dynpro Supply Function or in a Method called by a Supply FunctionDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7852quality-ruleDatabase view naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7854quality-ruleDatabase table naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of columns
7856quality-ruleAvoid Tables with more than 20 columns on an OLTP systemDocumentation englishMissingAddedtotal = Number of DB tables
7858quality-ruleAvoid passing parameter by valueDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7858quality-ruleAvoid passing parameter by valueDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7860quality-ruleAvoid unreferenced FunctionsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7862quality-ruleAvoid catching an exception of type Exception, RuntimeException, or ThrowableDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7862quality-ruleAvoid catching an exception of type Exception, RuntimeException, or ThrowableDocumentation englishtotal = This rule counts all Methods.Updatedtotal = Number of methods
7866quality-ruleAvoid SELECT ... BYPASSING BUFFERDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7866quality-ruleAvoid SELECT ... BYPASSING BUFFERDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7868quality-ruleAvoid Open SQL queries in loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7868quality-ruleAvoid Open SQL queries in loopsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7870quality-ruleAvoid using the NOT LIKE operator in WHERE clausesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7870quality-ruleAvoid using the NOT LIKE operator in WHERE clausesDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7872quality-ruleAvoid using IS [NOT] NULL in WHERE conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7872quality-ruleAvoid using IS [NOT] NULL in WHERE conditionDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7874quality-ruleAvoid using dynamic queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7874quality-ruleAvoid using dynamic queriesDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7876quality-ruleAvoid using SELECT ... FOR UPDATEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7876quality-ruleAvoid using SELECT ... FOR UPDATEDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7878quality-ruleAvoid Open SQL SELECT queries without WHERE conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7878quality-ruleAvoid Open SQL SELECT queries without WHERE conditionDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7880quality-ruleAvoid nested loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7880quality-ruleAvoid nested loopsDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7882quality-ruleAvoid using Native SQLDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7882quality-ruleAvoid using Native SQLDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7884quality-ruleAvoid disabling source code inspectionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7884quality-ruleAvoid disabling source code inspectionDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7886quality-ruleAvoid using SYSTEM-CALLDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7886quality-ruleAvoid using SYSTEM-CALLDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7888quality-ruleWeb Dynpro - Never use direct calls to routine via "me->", use "wd_This->" insteadDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7888quality-ruleWeb Dynpro - Never use direct calls to routine via "me->", use "wd_This->" insteadDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7890quality-ruleWeb Dynpro - Never use INCLUDE statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7890quality-ruleWeb Dynpro - Never use INCLUDE statementDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7892quality-ruleWeb Dynpro - Avoid changing the program flowDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7892quality-ruleWeb Dynpro - Avoid changing the program flowDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7894quality-ruleAvoid using LOOP INTO, use LOOP ASSIGNING insteadDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7894quality-ruleAvoid using LOOP INTO, use LOOP ASSIGNING insteadDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7898quality-ruleSQL Function naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7900quality-ruleStored Procedure naming convention - prefix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7900quality-ruleStored Procedure naming convention - prefix controlDocumentation englishMissingAddedtotal = Number of database Procedures
7902quality-ruleAvoid SQL queries that no index can supportDocumentation englishreference = http://it-cisq.org/ CISQ: ASCPEM-PRF-05 Enhancing the Quality of ABAP Developme...Updatedreference = https://it-cisq.org/ CISQ: ASCPEM-PRF-05 Enhancing the Quality of ABAP Developm...
7904quality-ruleAvoid SQL queries on XXL tables that no index can supportDocumentation englishtotal = The total procedure counts the number of SQL Artifacts using XXL Tables or views...Updatedtotal = Number of SQL artifacts using XXL Tables or views based on XXL tables
7906quality-ruleAvoid testing specific values for SY-UNAMEDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7906quality-ruleAvoid testing specific values for SY-UNAMEDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7908quality-ruleAvoid unreferenced MethodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7910quality-ruleNever exit a finally block with a return, break, continue, or throwDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7910quality-ruleNever exit a finally block with a return, break, continue, or throwDocumentation englishtotal = All methods that have a finally blockUpdatedtotal = Number of methods that have a finally block
7912quality-ruleAvoid unreferenced Data MembersDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7914quality-ruleAvoid direct access to Database TablesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Accessed Table
7914quality-ruleAvoid direct access to Database TablesDocumentation englishreference = http://it-cisq.org/ CISQ rule: ASCPEM-PRF-9.Updatedreference = https://it-cisq.org/ CISQ rule: ASCPEM-PRF-9.
7916quality-ruleAvoid direct use of Database objects (JSP/ASP)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Database object
7916quality-ruleAvoid direct use of Database objects (JSP/ASP)Documentation englishMissingAddedtotal = Number of ASP pages
7918quality-ruleExceptions naming convention -suffix controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7920quality-ruleExceptions naming convention - case and character set controlDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7922quality-ruleAvoid usage of 'std::find_first_of'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7922quality-ruleAvoid usage of 'std::find_first_of'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
7924quality-ruleAvoid defining Functions with 'struct' or 'class' parameters passed by valueDocumentation englishoutput = ...violation patterns found in the source code: - function or methodUpdatedoutput = ...violation occurrences found in the source code: - function or method
7926quality-ruleAbstract Classes should be non copy-assignableDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7926quality-ruleAbstract Classes should be non copy-assignableDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7928quality-ruleAvoid using static_cast on class/struct pointersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7928quality-ruleAvoid using static_cast on class/struct pointersDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
7930quality-ruleAvoid redeclaring and overriding Methods with different default parameter valuesDocumentation englishoutput = ...violation patterns found in the source code: - Overridden methodUpdatedoutput = ...violation occurrences found in the source code: - Overridden method
7932quality-ruleAvoid Constructors not supplying an initial value for all non-static data membersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7932quality-ruleAvoid Constructors not supplying an initial value for all non-static data membersDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7934quality-ruleAvoid Superclass (or Interface) knowing Subclass (or Interface)Documentation englishreference = http://it-cisq.org/ CISQ rule: ASCRM-RLB-14.Updatedreference = https://it-cisq.org/ CISQ rule: ASCRM-RLB-14.
7934quality-ruleAvoid Superclass (or Interface) knowing Subclass (or Interface)Documentation englishtotal = The number of classes and interfacesUpdatedtotal = Number of classes and interfaces
7936quality-ruleAvoid using finalize()Documentation englishassociatedValueName = Associated ValueRemovedMissing
7936quality-ruleAvoid using finalize()Documentation englishtotal = number of classesUpdatedtotal = Number of classes
7938quality-ruleOverride all overloads of a base Class virtual MethodDocumentation englishoutput = ...violation patterns found in the source code: - Parent class method which must ...Updatedoutput = ...violation occurrences found in the source code: - Parent class method which mu...
7940quality-ruleAvoid Stateful Beans not removedDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7940quality-ruleAvoid Stateful Beans not removedDocumentation englishtotal = classes that define a variable whose type is a remote or local business interfac...Updatedtotal = Number of classes that define a variable whose type is a remote or local busines...
7942quality-ruleAvoid EJBs using 'synchronized' qualifier, 'wait', 'notify' and 'notifyAll' MethodsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7942quality-ruleAvoid EJBs using 'synchronized' qualifier, 'wait', 'notify' and 'notifyAll' MethodsDocumentation englishtotal = the number of EJB artifactsUpdatedtotal = Number of EJB artifacts
7944quality-ruleAvoid High Response for ClassesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Response For Class
7944quality-ruleAvoid High Response for ClassesDocumentation englishMissingAddedtotal = Number of classes
7948quality-ruleDo not mix Ansi joins syntax with Oracle proprietary joins syntax in the same queryDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
7950quality-ruleAvoid definition of synonym as PUBLIC in PL/SQL contextDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7950quality-ruleAvoid definition of synonym as PUBLIC in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that is part of the analyzed s...Updatedtotal = Number of synonyms that is part of the analyzed source code
7950quality-ruleAvoid definition of synonym as PUBLIC in PL/SQL contextDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7952quality-ruleAvoid synonym with both private & PUBLIC Definition in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that are part of the analyzed ...Updatedtotal = Number of synonyms that are part of the analyzed source code
7952quality-ruleAvoid synonym with both private & PUBLIC Definition in PL/SQL contextDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7954quality-ruleAvoid indirect String concatenation inside loopsDocumentation englishtotal = All methods calling at least one method inside a loopUpdatedtotal = Number of methods calling at least one method inside a loop
7956quality-ruleAvoid indirect exception handling inside loopsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7958quality-ruleAvoid orphaned synonyms in PL/SQL contextDocumentation englishassociatedValueName = Associated ValueRemovedMissing
7958quality-ruleAvoid orphaned synonyms in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that is part of the analyzed s...Updatedtotal = Number of synonyms that is part of the analyzed source code
7958quality-ruleAvoid orphaned synonyms in PL/SQL contextDiagnosisdiagnosisValueType = integerUpdateddiagnosisValueType = no-value
7960quality-ruleAvoid looping chain of synonyms in PL/SQL contextDocumentation englishtotal = The total procedure counts the number of synonyms that is part of the analyzed s...Updatedtotal = Number of synonyms that is part of the analyzed source code
7962quality-ruleAvoid direct or indirect remote calls inside a loopDocumentation englishtotal = All methods calling at least one method inside a loopUpdatedtotal = Number of methods calling at least one method inside a loop
7964quality-ruleAvoid directly instantiating a Class used as a managed beanDocumentation englishtotal = The number of methods or jsp files that reference a managed bean java interfaceUpdatedtotal = Number of methods or jsp files that reference a managed bean java interface
7966quality-ruleAvoid includes in Header FilesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = File included by header file
7966quality-ruleAvoid includes in Header FilesDocumentation englishMissingAddedtotal = Number of C/C++ included files
7968quality-ruleNever use strcat() function (C/C++)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7968quality-ruleNever use strcat() function (C/C++)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7970quality-ruleNever use strcpy() function (C/C++)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7970quality-ruleNever use strcpy() function (C/C++)Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7974quality-ruleNever use scanf() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7974quality-ruleNever use scanf() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7976quality-ruleNever use gets() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7976quality-ruleNever use gets() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7978quality-ruleAvoid using the scanf() function familyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7978quality-ruleAvoid using the scanf() function familyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7980quality-ruleAvoid using strtrns() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7980quality-ruleAvoid using strtrns() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7982quality-ruleAvoid using strlen() function familyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7982quality-ruleAvoid using strlen() function familyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7984quality-ruleAvoid using strecpy() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7984quality-ruleAvoid using strecpy() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7986quality-ruleAvoid using streadd() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7986quality-ruleAvoid using streadd() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7988quality-ruleAvoid using snprintf() function familyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7988quality-ruleAvoid using snprintf() function familyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7990quality-ruleAvoid using realpath() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7990quality-ruleAvoid using realpath() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7992quality-ruleAvoid using getpass() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7992quality-ruleAvoid using getpass() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7994quality-ruleAvoid using getopt() functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7994quality-ruleAvoid using getopt() functionDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7996quality-ruleProvide a private default Constructor for utility Classes or use free Functions in a NamespaceDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7996quality-ruleProvide a private default Constructor for utility Classes or use free Functions in a NamespaceDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
7998quality-ruleAvoid local variables that are not initialized at declaration timeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
7998quality-ruleAvoid local variables that are not initialized at declaration timeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8000quality-ruleAvoid 'catch-all' statementDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8000quality-ruleAvoid 'catch-all' statementDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8002quality-ruleNever perform C-style cast between incompatible Class pointersDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8002quality-ruleNever perform C-style cast between incompatible Class pointersDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8004quality-ruleAvoid using 'delete this'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8004quality-ruleAvoid using 'delete this'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8006quality-ruleAvoid Classes with a copy Constructor and the default Destructor or assignment operatorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8006quality-ruleAvoid Classes with a copy Constructor and the default Destructor or assignment operatorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8008quality-ruleAvoid data members that are never readDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8008quality-ruleAvoid data members that are never readDocumentation englishtotal = All data members of classes or structsUpdatedtotal = Number of data members of classes or structs
8010quality-ruleDo not overload the ampersand, comma, logical AND or logical OR operatorsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8010quality-ruleDo not overload the ampersand, comma, logical AND or logical OR operatorsDocumentation englishoutput = ...violation patterns found in the source code: - OperatorUpdatedoutput = ...violation occurrences found in the source code: - Operator
8012quality-ruleAvoid unchecked return code (SY-SUBRC) after opening and reading datasetDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8012quality-ruleAvoid unchecked return code (SY-SUBRC) after opening and reading datasetDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
8014quality-ruleAvoid unchecked return code (SY-SUBRC) after AUTHORITY-CHECKDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8014quality-ruleAvoid unchecked return code (SY-SUBRC) after AUTHORITY-CHECKDocumentation englishoutput = ...violation patternsUpdatedoutput = ...violation occurrences
8016quality-ruleAvoid unsecured EJB remote methodDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8016quality-ruleAvoid unsecured EJB remote methodDocumentation englishtotal = The number of EJB remote methods (i.e methods of the remote interface and its pa...Updatedtotal = Number of EJB remote methods (i.e methods of the remote interface and its parent...
8024quality-ruleAvoid Classes with a non-empty Destructor and the default assignment operator or copy ConstructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8024quality-ruleAvoid Classes with a non-empty Destructor and the default assignment operator or copy ConstructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8026quality-ruleAvoid Classes with an assignment operator and the default Destructor or copy constructorDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8026quality-ruleAvoid Classes with an assignment operator and the default Destructor or copy constructorDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8030quality-ruleCheck alphanumeric data before moving it into numeric dataDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8030quality-ruleCheck alphanumeric data before moving it into numeric dataDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8032quality-ruleAvoid using a break statement in 'for' loopsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8034quality-ruleVariables defined in Working-Storage section must be initialized before to be readDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8034quality-ruleVariables defined in Working-Storage section must be initialized before to be readDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8038quality-ruleAvoid Struts 2 Validator field not referencing a java class fieldDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8038quality-ruleAvoid Struts 2 Validator field not referencing a java class fieldDocumentation englishtotal = total of Validator Form FieldUpdatedtotal = Number of Validator Form Fields
8040quality-ruleAvoid Struts 2 Action Fields without ValidationDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8040quality-ruleAvoid Struts 2 Action Fields without ValidationDocumentation englishreference = http://www.owasp.org/index.php/2004_Updates_OWASP_Top_Ten_ProjectUpdatedreference = https://www.owasp.org/index.php/Improper_Data_Validation#Struts:_Erroneous_valid...
8040quality-ruleAvoid Struts 2 Action Fields without ValidationDocumentation englishtotal = The number of all action class (and parent) fieldsUpdatedtotal = Number of actions class (and parent) fields
8042quality-ruleStruts 2 Validation: Avoid unused validation formDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8042quality-ruleStruts 2 Validation: Avoid unused validation formDocumentation englishtotal = total of validation form fileUpdatedtotal = Number of validation form files
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishdescription = ...ior validation & sanitization. The list of user input methods, Log writing and ...Updateddescription = ...ior validation & sanitization.
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishremediation = Code the appropriate input validation as close as possible to the user input cal...Updatedremediation = Use authorized sanitization methods.
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishMissingAddedremediationSample = String val = request.getParameter("value"); try { int value = Integer.parseI...
8044quality-ruleAvoid Log forging vulnerabilitiesDocumentation englishMissingAddedsample = String val = request.getParameter("value"); try { int value = Integer.parseI...
8046quality-ruleDo not return non-const handles to Class data from const member FunctionsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8046quality-ruleDo not return non-const handles to Class data from const member FunctionsDocumentation englishoutput = ...violation patterns found in the source code: - non-const class data returnUpdatedoutput = ...violation occurrences found in the source code: - non-const class data return
8048quality-ruleInvoke 'delete' with the same form as the matching 'new'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8048quality-ruleInvoke 'delete' with the same form as the matching 'new'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8050quality-ruleDo not hide declarations in other scopesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8050quality-ruleDo not hide declarations in other scopesDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8052quality-ruleAvoid setting a pointer to the address of a local variable defined in a lower scopeDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8052quality-ruleAvoid setting a pointer to the address of a local variable defined in a lower scopeDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8054quality-ruleAvoid calling blocking functions with an infinite timeoutDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8054quality-ruleAvoid calling blocking functions with an infinite timeoutDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8056quality-ruleMethod override fails due to mismatch of const/volatile qualifiersDocumentation englishoutput = ...violation patterns found in source code: - overridden method - overriding me...Updatedoutput = ...violation occurrences found in source code: - overridden method - overriding...
8058quality-ruleA pointer to a derived Class shall only be cast implicitly to a pointer to base ClassDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8058quality-ruleA pointer to a derived Class shall only be cast implicitly to a pointer to base ClassDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8060quality-ruleA pointer to a base Class shall only be cast to a pointer to a derived Class by means of 'dynamic_cast'Documentation englishoutput = ...violation patterns found in source code: - pointer cast - source class - t...Updatedoutput = ...violation occurrences found in source code: - pointer cast - source class ...
8062quality-ruleAn unconditional 'throw', 'return' or 'break' shall terminate every non-empty switch-clauseDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8062quality-ruleAn unconditional 'throw', 'return' or 'break' shall terminate every non-empty switch-clauseDocumentation englishoutput = ...violation patterns found in source code: - case clauseUpdatedoutput = ...violation occurrences found in source code: - case clause
8064quality-ruleAssignment operator should assign all non-static members of the target objectDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8064quality-ruleAssignment operator should assign all non-static members of the target objectDocumentation englishoutput = ...violation patterns found in source code: - assignment operator - missing sta...Updatedoutput = ...violation occurrences found in source code: - assignment operator - missing ...
8066quality-ruleAvoid using 'using namespace' or 'using' declarations in header filesDocumentation englishoutput = ...violation patterns found in source code: - "Using namespace" statementUpdatedoutput = ...violation occurrences found in source code: - "Using namespace" statement
8068quality-ruleDo not return a dereferenced pointer allocated inside the functionDocumentation englishoutput = ...violation patterns found in source code: - pointer dynamic allocationUpdatedoutput = ...violation occurrences found in source code: - pointer dynamic allocation
8070quality-ruleDo not alter a control variable in the body of a 'for' statementDocumentation englishoutput = ...violation patterns found in source code: - control variable alterationUpdatedoutput = ...violation occurrences found in source code: - control variable alteration
8072quality-ruleNever define collection of 'std::auto_ptr'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8072quality-ruleNever define collection of 'std::auto_ptr'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8074quality-ruleAvoid using 'class' or 'struct' parameters with variadic FunctionsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8074quality-ruleAvoid using 'class' or 'struct' parameters with variadic FunctionsDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8076quality-ruleAvoid using 'new[]', prefer 'std::vector' or 'std::array'Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8076quality-ruleAvoid using 'new[]', prefer 'std::vector' or 'std::array'Documentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in source code: - ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in source code...
8078quality-ruleCasting from pointer to base Class to pointer to derived Class should be done through 'dynamic_cast' or 'static_cast'Documentation englishoutput = ...violation patterns found in source code: - pointer cast - source class - t...Updatedoutput = ...violation occurrences found in source code: - pointer cast - source class ...
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishassociatedValueName = Associated ValueRemovedMissing
8082quality-ruleAvoid Tables without Primary KeyDocumentation englishtotal = Tables and materialized views of the scoped container (schema or database depend...Updatedtotal = Number of tables and materialized views of the scoped container (schema or datab...
8086quality-ruleAvoid types that own disposable fields and are not disposableDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8088quality-ruleAvoid override artifacts not having link demands identical to baseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8090quality-ruleAvoid using NaN to test the result of an expressionDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8092quality-ruleAvoid Objects having exposed pointers allowed to access unmanaged memoryDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8094quality-ruleAvoid locking of Objects with weak identitiesDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8096quality-ruleAvoid testing floating point numbers for equalityDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8096quality-ruleAvoid testing floating point numbers for equalityDocumentation englishtotal = All artifacts that reference a floatUpdatedtotal = Number of artifacts that reference a float
8098quality-ruleAvoid uncontrolled format stringDocumentation englishdescription = ...controlled format string flaw. The list of user input methods can be customized...Updateddescription = ...controlled format string flaw.
8098quality-ruleAvoid uncontrolled format stringDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
8098quality-ruleAvoid uncontrolled format stringDocumentation englishMissingAddedremediation = Use authorized sanitization methods.
8098quality-ruleAvoid uncontrolled format stringDocumentation englishMissingAddedremediationSample = Review all inputs. Don't use inputs in formatters.
8100quality-ruleBlocking synchronous calls should have associated timeoutsDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8102quality-ruleAvoid hardcoded network resource names (JEE)Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8106quality-ruleAvoid empty IF-ENDIF blocksDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8108quality-ruleClose the outermost stream ASAPDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8108quality-ruleClose the outermost stream ASAPDocumentation englishreference = http://it-cisq.org/ CISQ: ASCSM-CWE-772, ASCRM-CWE-772 CWE: CWE-772Updatedreference = https://it-cisq.org/ CISQ: ASCSM-CWE-772, ASCRM-CWE-772 CWE: CWE-772
8108quality-ruleClose the outermost stream ASAPDocumentation englishtotal = All the methods that open a stream in the bodyUpdatedtotal = Number of methods that open a stream in the body
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Documentation englishoutput = ...violation patterns found in source code: - SQL accessUpdatedoutput = ...violation occurrences found in source code: - SQL access
8110quality-ruleUse dedicated stored procedures when multiple data accesses are needed (ASCPEM-PRF-10)Documentation englishreference = http://it-cisq.org/ ASCPEM 1.0, Automated Source Code Performance Efficiency Mea...Updatedreference = https://it-cisq.org/ ASCPEM 1.0, Automated Source Code Performance Efficiency Me...
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8112quality-ruleAvoid improper processing of the execution status of data handling operationsDocumentation englishoutput = ...violation patterns found in source code: - SQL accessUpdatedoutput = ...violation occurrences found in source code: - SQL access
8114quality-ruleAvoid numerical data corruption during incompatible mutation (ABAP)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8114quality-ruleAvoid numerical data corruption during incompatible mutation (ABAP)Documentation englishoutput = ...violation patterns found in source code: - Type cast operationUpdatedoutput = ...violation occurrences found in source code: - Type cast operation
8116quality-ruleAvoid calling system function (CALL 'cfunc')Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8116quality-ruleAvoid calling system function (CALL 'cfunc')Documentation englishoutput = ...violation patterns found in source code: - CALL 'cfunc'Updatedoutput = ...violation occurrences found in source code: - CALL 'cfunc'
8118quality-ruleAvoid using the RFC_ABAP_INSTALL_AND_RUN functionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8118quality-ruleAvoid using the RFC_ABAP_INSTALL_AND_RUN functionDocumentation englishoutput = ...violation patterns found in source code: - CALL FUNCTION "RFC_ABAP_INSTALL_AN...Updatedoutput = ...violation occurrences found in source code: - CALL FUNCTION "RFC_ABAP_INSTALL...
8120quality-ruleAvoid using CALL FUNCTION without error handlingDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8120quality-ruleAvoid using CALL FUNCTION without error handlingDocumentation englishoutput = ...violation patterns found in source code: - CALL FUNCTION without error handli...Updatedoutput = ...violation occurrences found in source code: - CALL FUNCTION without error han...
8122quality-ruleAvoid using CALL METHOD without error handlingDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8122quality-ruleAvoid using CALL METHOD without error handlingDocumentation englishoutput = ...violation patterns found in source code: - CALL METHOD without error handlingUpdatedoutput = ...violation occurrences found in source code: - CALL METHOD without error handl...
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Documentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8124quality-ruleDo not use function module DB_EXISTS_INDEX (HANA)Documentation englishoutput = ...violation patterns found in source code: - CALL FUNCTION "DB_EXISTS_INDEX"Updatedoutput = ...violation occurrences found in source code: - CALL FUNCTION "DB_EXISTS_INDEX"
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8126quality-ruleAvoid using empty SELECT ... ENDSELECT loopDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8128quality-ruleAvoid using UPDATE and DELETE without WHERE conditionDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8128quality-ruleAvoid using UPDATE and DELETE without WHERE conditionDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8130quality-ruleAvoid using database hintsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8130quality-ruleAvoid using database hintsDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8132quality-ruleAvoid using CHECK, EXIT,or RETURN in SELECT ... ENDSELECT loopsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8132quality-ruleAvoid using CHECK, EXIT,or RETURN in SELECT ... ENDSELECT loopsDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8134quality-ruleAvoid unsorted data after SELECT queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8134quality-ruleAvoid unsorted data after SELECT queriesDocumentation englishoutput = ...violation patterns found in source codeUpdatedoutput = ...violation occurrences found in source code
8136quality-ruleBeans with normal scope must be proxyable to avoid runtime errorsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8140quality-ruleSubscripts and iterators must be defined with BINARY usageDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8140quality-ruleSubscripts and iterators must be defined with BINARY usageDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code: ...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source ...
8142quality-rulePrefer using indexes instead of subscriptsDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8142quality-rulePrefer using indexes instead of subscriptsDocumentation englishoutput = ...violation patterns found in source code: - Access done using a subscript - Int...Updatedoutput = ...violation occurrences found in source code: - Access done using a subscript - ...
8144quality-ruleAvoid using INITIALIZE statement on data structuresDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8144quality-ruleAvoid using INITIALIZE statement on data structuresDocumentation englishoutput = ...violation patterns found in source code: - INITIALIZE statementUpdatedoutput = ...violation occurrences found in source code: - INITIALIZE statement
8146quality-ruleAvoid calling programs staticallyDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8146quality-ruleAvoid calling programs staticallyDocumentation englishoutput = ...violation patterns - Bookmarks for violation patterns found in the source code:...Updatedoutput = ...violation occurrences - Bookmarks for violation occurrences found in the source...
8148quality-ruleAvoid artifacts having Incorrect Type Conversion or CastDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8148quality-ruleAvoid artifacts having Incorrect Type Conversion or CastDocumentation englishtotal = All methodsUpdatedtotal = Number of methods
8150quality-ruleAvoid using Parse for primitive types and used instead TryParseDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8150quality-ruleAvoid using Parse for primitive types and used instead TryParseDocumentation englishtotal = The total procedure counts the number artifacts Parse methods within a try catch...Updatedtotal = Number of artifacts Parse methods within a try catch block
8152quality-ruleAvoid having transaction with the Thread.Sleep method in a loopDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8152quality-ruleAvoid having transaction with the Thread.Sleep method in a loopDocumentation englishtotal = The rule counts the number of artifacts.Updatedtotal = Number of artifacts
8154quality-ruleAvoid using GC.Collect()Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8154quality-ruleAvoid using GC.Collect()Documentation englishtotal = All the artifacts using GC.Collect()Updatedtotal = Number of artifacts using GC.Collect()
8156quality-rulePersistent classes should implement GetHashCode() and Equals()Documentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8156quality-rulePersistent classes should implement GetHashCode() and Equals()Documentation englishtotal = The number of persistent classesUpdatedtotal = Number of persistent classes
8158quality-ruleRuntime Resource Management Control Element in a Component Built to Run on Application ServersDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8158quality-ruleRuntime Resource Management Control Element in a Component Built to Run on Application ServersDocumentation englishtotal = The number of artifactsUpdatedtotal = Number of artifacts
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8160quality-ruleCheck PCB status code after DLI queriesDocumentation englishoutput = ...violation patterns found in source code: - CBLTDLI call - Data structure assoc...Updatedoutput = ...violation occurrences found in source code: - CBLTDLI call - Data structure as...
8162quality-ruleCICS return code should be checkedDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8162quality-ruleCICS return code should be checkedDocumentation englishoutput = ...violation patterns found in source code: - CICS macroUpdatedoutput = ...violation occurrences found in source code: - CICS macro
8216quality-ruleCWE-681: Avoid numerical data corruption during incompatible mutationDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
8218quality-ruleContent type should be checked when receiving a HTTP PostDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8220quality-ruleAvoid using deprecated method, constructor, field, type or packageDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Number of violation occurrences
8222quality-ruleAvoid hardcoded credentialsDocumentation englishdescription = This Quality Rule uses the CAST AIP dataflow engine to detect a call path where ...Updateddescription = This rule will detect a call path where a hardcoded credential is sent to a meth...
8222quality-ruleAvoid hardcoded credentialsDocumentation englishname = Use of hard-coded credentialsUpdatedname = Avoid hardcoded credentials
8222quality-ruleAvoid hardcoded credentialsDocumentation englishtotal = The number of methods containing credential parameter(s).Updatedtotal = Number of methods containing credential parameter(s)
8236quality-ruleAvoid using hard-coded valuesDocumentation englishassociatedValueName = ...violation patternsUpdatedassociatedValueName = ...violation occurrences
8236quality-ruleAvoid using hard-coded valuesDocumentation englishoutput = ...violation patterns found in source code: - Alphanumeric literalUpdatedoutput = ...violation occurrences found in source code: - Alphanumeric literal
8238quality-ruleTrust boundary violationDocumentation englishtotal = The number of methods calling user input methodsUpdatedtotal = Number of methods calling user input methods
8240quality-ruleSensitive cookie in HTTPS session without 'Secure' attributeDocumentation englishtotal = Methods calling javax.servlet.http.HttpServletResponse.addCookie.Updatedtotal = Number of methods calling javax.servlet.http.HttpServletResponse.addCookie
8242quality-ruleUse of insufficiently random valuesDocumentation englishtotal = The number of methods calling methods producing insufficiently random numbersUpdatedtotal = Number of methods calling methods producing insufficiently random numbers
8402quality-ruleAll types of a serializable class must be serializableDocumentation englishassociatedValueName = Single ValueUpdatedassociatedValueName = Number of violation occurrences
8402quality-ruleAll types of a serializable class must be serializableDocumentation englishtotal = number of non-static, non-transient and not primitive fields of classes that imp...Updatedtotal = Number of non-static, non-transient and not primitive fields of classes that imp...
8408quality-ruleAvoid Reflected Cross-site Scripting (Non Persistent)DefinitionMissingAddedactive = true, detached = false
8408quality-ruleAvoid Reflected Cross-site Scripting (Non Persistent)Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8410quality-ruleAvoid Cross-Site Scripting (Persistent)DefinitionMissingAddedactive = true, detached = false
8410quality-ruleAvoid Cross-Site Scripting (Persistent)Quality Contribution to 'Secure Coding - Input Validation' (66062)Missing contributionAddedcritical = true, weight = 9
8414quality-ruleAvoid use of a broken or risky cryptographic algorithmDefinitionMissingAddedactive = true, detached = false
8414quality-ruleAvoid use of a broken or risky cryptographic algorithmQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9
8416quality-ruleAvoid use of a reversible one-way hashDefinitionMissingAddedactive = true, detached = false
8416quality-ruleAvoid use of a reversible one-way hashQuality Contribution to 'Secure Coding - Weak Security Features' (66064)Missing contributionAddedcritical = true, weight = 9

AIP 8.3.10 - 8.3.11

This section lists the results of a comparison between a CAST AIP 8.3.10 Assessment Model and the CAST AIP 8.3.11 Assessment Model. You can download the original compare_8310_8311.xlsx file (which you should open in Microsoft Excel) if you prefer.

Click here to view the results...

MetricTypeNameTopicCAST 8.3.10 Assessment ModelChangeCAST 8.3.11 Assessment Model
8412quality-rule"CX_ROOT" should not be used in TRY .. CATCH.. ENDTRY blockDefinitionMissingAddedactive = true, detached = false
550quality-ruleClass naming convention - case control (C++)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (C++)
552quality-ruleMethod naming convention - case control (C++)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (C++)
554quality-ruleConstant naming convention - case control (C++)Documentation englishname = ...ming convention - case controlUpdatedname = ...ming convention - case control (C++)
566quality-ruleAvoid large Classes - too many Methods (C++)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (C++)
568quality-ruleAvoid large Classes - too many Data Members (C++)Documentation englishname = ...lasses - too many Data MembersUpdatedname = ...lasses - too many Data Members (C++)
570quality-ruleAvoid large Interfaces - too many Methods (C++)Documentation englishname = ... Interfaces - too many MethodsUpdatedname = ... Interfaces - too many Methods (C++)
576quality-ruleAvoid large Classes - too many Constructors (C++)Documentation englishname = ...lasses - too many ConstructorsUpdatedname = ...lasses - too many Constructors (C++)
586quality-ruleDELETED: Avoid inline Constructors and DestructorsDocumentation englishname = Avoid inline Constructors and DestructorsUpdatedname = DELETED: Avoid inline Constructors and Destructors
588quality-ruleAvoid using Global Variables (C++)Documentation englishname = Avoid using Global VariablesUpdatedname = Avoid using Global Variables (C++)
1098quality-ruleDELETED: Avoid recursive Functions (C)Documentation englishname = Avoid recursive FunctionsUpdatedname = DELETED: Avoid recursive Functions (C)
1588quality-ruleUse WHEN OTHERS in exception managementDocumentation englishassociatedValueName = Associated ValueRemovedMissing
1588quality-ruleUse WHEN OTHERS in exception managementDocumentation englishMissingAddedtotal = Number of PLSQL compiled objects
1608quality-ruleAvoid cascading TriggersDocumentation englishMissingAddedtotal = Number of PLSQL triggers
1616quality-ruleDELETED: Avoid undocumented TriggersDocumentation englishname = Avoid undocumented TriggersUpdatedname = DELETED: Avoid undocumented Triggers
1622quality-ruleDELETED: Avoid Triggers with a very low comment/code ratioDocumentation englishname = Avoid Triggers with a very low comment/code ratioUpdatedname = DELETED: Avoid Triggers with a very low comment/code ratio
2230quality-ruleUse of style sheets (JEE)Documentation englishname = Use of style sheetsUpdatedname = Use of style sheets (JEE)
2234quality-ruleDELETED: Avoid call of JAVA objectsDocumentation englishname = Avoid call of JAVA objectsUpdatedname = DELETED: Avoid call of JAVA objects
2242quality-ruleAvoid direct definition of JavaScript Functions in a Web page (JEE)Documentation englishname = ...Script Functions in a Web pageUpdatedname = ...Script Functions in a Web page (JEE)
2254quality-ruleAvoid large Page files (JEE)Documentation englishname = Avoid large Page filesUpdatedname = Avoid large Page files (JEE)
2266quality-ruleAvoid non standard file extensions (JEE)Documentation englishname = ...d non standard file extensionsUpdatedname = ...d non standard file extensions (JEE)
2572quality-ruleAvoid declaring VB Variables without typing them (Visual Basic)Documentation englishname = ... Variables without typing themUpdatedname = ... Variables without typing them (Visual Basic)
2574quality-ruleAvoid using Global Variables (Visual Basic)Documentation englishname = Avoid using Global VariablesUpdatedname = Avoid using Global Variables (Visual Basic)
2578quality-ruleDELETED: Avoid recursive Functions (Visual Basic)Documentation englishname = Avoid recursive FunctionsUpdatedname = DELETED: Avoid recursive Functions (Visual Basic)
2616quality-ruleAvoid undocumented FormsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2616quality-ruleAvoid undocumented FormsDocumentation englishMissingAddedtotal = Number of forms
2618quality-ruleAvoid Forms with a very low comment/code ratioDocumentation englishassociatedValueName = Associated ValueUpdatedassociatedValueName = Comment ratio
2618quality-ruleAvoid Forms with a very low comment/code ratioDocumentation englishtotal = Total number of formsUpdatedtotal = Number of forms
2624quality-ruleAvoid unreferenced FormsDocumentation englishassociatedValueName = Associated ValueRemovedMissing
2624quality-ruleAvoid unreferenced FormsDocumentation englishMissingAddedtotal = Number of forms
3058quality-ruleUse of style sheets (ASP)Documentation englishname = Use of style sheetsUpdatedname = Use of style sheets (ASP)
3070quality-ruleAvoid non standard file extensions (ASP)Documentation englishname = ...d non standard file extensionsUpdatedname = ...d non standard file extensions (ASP)
3088quality-ruleAvoid large Page files (ASP)Documentation englishname = Avoid large Page filesUpdatedname = Avoid large Page files (ASP)
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishassociatedValueName = Number of classesUpdatedassociatedValueName = Number of classes and structs
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishdescription = ...iple class definitions.Updateddescription = ...iple class/struct definitions.
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishoutput = ...vides: - The number of classesUpdatedoutput = ...vides: - The number of classes and structs
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishrationale = ...ral class definitions in a header file makes it more complex to understand/navig...Updatedrationale = ...ral class or structs definitions in a header file makes it more complex to under...
3148quality-ruleAn include file must contain at most one Class definitionDocumentation englishremediation = ...l classes are defined in a header file, split class definitions into multiple he...Updatedremediation = ...l classes ore structs are defined in a header file, split class/struct definitio...
3578quality-ruleAvoid large Classes - too many Constructors (.NET)Documentation englishname = ...lasses - too many ConstructorsUpdatedname = ...lasses - too many Constructors (.NET)
3580quality-ruleAvoid large Classes - too many Methods (.NET)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (.NET)
3610quality-ruleAvoid declaring VB Variables without typing them (.NET)Documentation englishname = ... Variables without typing themUpdatedname = ... Variables without typing them (.NET)
4554quality-ruleAvoid large Classes - too many Methods (JEE)Documentation englishname = ...rge Classes - too many MethodsUpdatedname = ...rge Classes - too many Methods (JEE)
4556quality-ruleAvoid large Classes - too many Constructors (JEE)Documentation englishname = ...lasses - too many ConstructorsUpdatedname = ...lasses - too many Constructors (JEE)
4560quality-ruleAvoid large Interfaces - too many Methods (JEE)Documentation englishname = ... Interfaces - too many MethodsUpdatedname = ... Interfaces - too many Methods (JEE)
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockActivationactive = true, detached = falseUpdatedactive = false
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDiagnosisscopeID = 0, propertyID = 0UpdatedscopeID = 558, propertyID = 140899
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDocumentation englishname = Avoid using 'Throwable.printStackTrace()' within a try catch blockUpdatedname = DELETED: Avoid using 'Throwable.printStackTrace()' within a try catch block
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockDiagnosisdiagnosisValueType = no-valueUpdateddiagnosisValueType = integer
4700quality-ruleDELETED: Avoid using 'Throwable.printStackTrace()' within a try catch blockOperationlocalSiteDiagnose = DIAG_SCOPE_JAVAPERF010UpdatedlocalSiteDiagnose = null