-
Notifications
You must be signed in to change notification settings - Fork 2k
Expand file tree
/
Copy pathjava-security-and-quality.qls
More file actions
160 lines (158 loc) · 4.24 KB
/
java-security-and-quality.qls
File metadata and controls
160 lines (158 loc) · 4.24 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
- description: Security-and-quality queries for Java
- queries: .
- include:
kind:
- problem
- path-problem
precision:
- high
- very-high
- include:
kind:
- problem
- path-problem
precision: medium
problem.severity:
- error
- warning
- include:
kind:
- diagnostic
- include:
kind:
- metric
tags contain:
- summary
- exclude:
deprecated: //
- exclude:
query path:
- /^experimental\/.*/
- Metrics/Summaries/FrameworkCoverage.ql
- /Diagnostics/Internal/.*/
- exclude:
tags contain:
- modeleditor
- modelgenerator
java/abs-of-random
java/abstract-to-concrete-cast
java/call-to-object-tostring
java/call-to-thread-run
java/chained-type-tests
java/class-name-matches-super-class
java/comparison-of-identical-expressions
java/comparison-with-nan
java/confusing-method-name
java/confusing-method-signature
java/constant-comparison
java/constant-loop-condition
java/constants-only-interface
java/continue-in-false-loop
java/contradictory-type-checks
java/database-resource-leak
java/deprecated-call
java/dereferenced-expr-may-be-null
java/dereferenced-value-is-always-null
java/dereferenced-value-may-be-null
java/empty-container
java/empty-zip-file-entry
java/equals-on-arrays
java/equals-on-unrelated-types
java/equals-typo
java/evaluation-to-constant
java/field-masks-super-field
java/hashcode-typo
java/hashing-without-hashcode
java/ignored-error-status-of-call
java/implicit-cast-in-compound-assignment
java/inconsistent-compareto-and-equals
java/inconsistent-equals-and-hashcode
java/inconsistent-javadoc-throws
java/inconsistent-sync-writeobject
java/incorrect-serial-version-uid
java/index-out-of-bounds
java/ineffective-annotation-present-check
java/inefficient-boxed-constructor
java/inefficient-empty-string-test
java/inefficient-key-set-iterator
java/inefficient-output-stream
java/inefficient-string-constructor
java/input-resource-leak
java/integer-multiplication-cast-to-long
java/internal-representation-exposure
java/iterable-wraps-iterator
java/iterator-hasnext-calls-next
java/iterator-implements-iterable
java/iterator-remove-failure
java/jdk-internal-api-access
java/local-shadows-field
java/local-variable-is-never-read
java/lshift-larger-than-type-width
java/misleading-indentation
java/missing-call-to-super-clone
java/missing-case-in-switch
java/missing-clone-method
java/missing-format-argument
java/missing-no-arg-constructor-on-externalizable
java/missing-no-arg-constructor-on-serializable
java/missing-override-annotation
java/missing-space-in-concatenation
java/missing-super-finalize
java/multiplication-of-remainder
java/non-final-call-in-constructor
java/non-null-boxed-variable
java/non-overriding-package-private
java/non-serializable-inner-class
java/non-short-circuit-evaluation
java/non-static-nested-class
java/non-sync-override
java/notify-instead-of-notify-all
java/output-resource-leak
java/print-array
java/random-used-once
java/redundant-assignment
java/reference-equality-of-boxed-types
java/reference-equality-on-strings
java/run-finalizers-on-exit
java/sleep-with-lock-held
java/spin-on-field
java/string-buffer-char-init
java/subtle-inherited-call
java/suspicious-date-format
java/sync-on-boxed-types
java/test-for-negative-container-size
java/thread-start-in-constructor
java/thread-unsafe-dateformat
java/tostring-typo
java/type-bound-extends-final
java/type-mismatch-access
java/type-mismatch-modification
java/type-variable-hides-type
java/uncaught-number-format-exception
java/unchecked-cast-in-equals
java/underscore-identifier
java/unimplementable-interface
java/unknown-javadoc-parameter
java/unreachable-catch-clause
java/unreleased-lock
java/unsafe-double-checked-locking
java/unsafe-double-checked-locking-init-order
java/unsafe-get-resource
java/unsafe-sync-on-field
java/unsynchronized-getter
java/unused-container
java/unused-format-argument
java/unused-label
java/unused-parameter
java/unused-reference-type
java/useless-null-check
java/useless-tostring-call
java/useless-type-test
java/wait-on-condition-interface
java/whitespace-contradicts-precedence
java/wrong-compareto-signature
java/wrong-equals-signature
java/wrong-junit-suite-signature
java/wrong-object-serialization-signature
java/wrong-readresolve-signature
java/wrong-swing-event-adapter-signature