SonarLint for Eclipse 3.6 ·¢²¼£¬¿É¼¤»î»òÍ£ÓÃÈÎÒâ¹æÔò

SonarLint for Eclipse 3.6 ÒÑ·¢²¼£¬¸Ã°æ±¾ÔÚ¹æÔòµÄ¹ÜÀíÉϸü½øÒ»²½£¬ÏÖÔÚ¿ÉÒÔÔÚ Eclipse Ê×Ñ¡ÏîÖÐÕÒµ½ÒÑ´ò¿ª»ò¹Ø±ÕµÄ¹æÔò£¬ÔĶÁÆäÃèÊö²¢Ñ¡Ôñ¼¤»î»òÍ£Óá£

¸Ã°æ±¾»¹°üº¬×îа汾µÄ SonarJava analyzer £¬Ö§³ÖʹÓà Java 10 ¹¹½¨µÄÏîÄ¿¡£

´ËÍ⣬»¹°üº¬ 29 ÌõйæÔò£º

• S2761?- Unary prefix operators should not be repeated (Bug)
• S4351?- "compareTo" should not be overloaded (Bug, pitfall)
• S3366?- "this" should not be exposed from constructors (Code Smell, multi-threading, cwe, suspicious)
• S4449?- Nullness of parameters should be guaranteed (Code Smell)
• S4454?- "equals" method parameters should not be marked "@Nonnull" (Code Smell)
• S126?- "if ... else if" constructs should end with "else" clauses (Code Smell, misra, cert)
• S1821?- "switch" statements should not be nested (Code Smell, pitfall)
• S4423?- Weak SSLContexts should not be used (Vulnerability,?owasp-a6,?cwe, sans-top25-porous)
• S3510?- HostnameVerifier.verify" should not always return true?(Vulnerability,?owasp-a6,?cwe)
• S4201?- Null check should not be used with?instanceof?(Code Smell)
• S4248?- Regex patterns should not be created needlessly?(Code Smell, performance)
• S4274?- Asserts should not be used to check the parameters of a public method?(Code Smell, pitfall)
• S4276?- Functional Interfaces should be as?specialised?as possible?(Code Smell, performance)
• S2234?- Parameters should be passed in the correct order?(Code Smell)
• S4524?- "default" clauses should be last?(Code Smell,?misra)
• S3626?- Jump statements should not be redundant?(Code Smell, clumsy)
• S4425?- "Integer.toHexString" should not be used to build hexadecimal strings?(Code Smell, cwe)
• S3973?- Conditionally executed code should be denoted by either indentation or curly braces?(Code Smell, suspicious)
• S4424?- TrustManagers should not blindly accept any certificates (Vulnerability,?owasp-a6,?cwe, cert)
• S2255?- Cookies should not be used to store sensitive information (Vulnerability,?owasp-a3,?cwe, cert)
• S2755?- Untrusted XML should be parsed with a local, static DTD (Vulnerability,?owasp-a1,?owasp-a4, cwe)
• S3329?- Cypher Block Chaining IV's should be random and unique (Vulnerability,?owasp-a6,?cwe)
• S3330?- "HttpOnly" should be set on cookies (Vulnerability,?owasp-a7,?cwe, sans-top25-insecure)
• S4426?- Cryptographic keys should not be too short (Vulnerability,?owasp-a3,?cwe)
• S4432?- AES encryption algorithm should be used with secured mode (Vulnerability,?owasp-a6,?cwe, cert, sans-top25-porous)
• S4433?- LDAP connections should be authenticated (Vulnerability,?owasp-a2,?cwe)
• S4434?- LDAP deserialization should be disabled (Vulnerability,?owasp-a8,?cwe, cert)
• S4435?- XML transformers should be secured (Vulnerability,?owasp-a4,?cwe)
• S4499?- SMTP SSL connection should check server identity (Vulnerability,?owasp-a3,?cwe)

Á˽â¸ü¶àÏêÇé¿É²éÔÄ·¢ÐÐ˵Ã÷»ò·ÃÎÊ?SonarLint for Eclipse ¹ÙÍø¡£