Coding Guidelines

1. ER-054 (1) Avoid calling an "abstract" method from a constructor in an "abstract" class

2. ER-033 (2) Source file is too long

3. ER-104 (2) Use a Collection instead of arrays Object[]

4. ER-031 (3) More than one statement per line

5. ER-032 (3) Array declarators should be placed next to the type, not the variable name

6. ER-034 (3) Variables should be declared in individual statements.

7. ER-036 (3) Line is too long

8. ER-096 (3) Empty statements

9. ER-098 (3) No need to provide (public, abstract, ) modifiers for interface methods

10. ER-107 (3) Instance variables and method names shouldn't have same name

11. ER-200 (3) Instance variables and the declaring type shouldn't have same name

12. ER-201 (3) Discourage usage of instance variables like a, j by enforcing minimal variable name length.

Coding standards

13. ER-211 (2) Dot chain (e.g. a().b.c.d().e().g().toString()) is too long.

14. ER-114 (3) Use object.equals(anotherObject) instead of object.compareTo(anotherObject)==0

15. ER-210 (3) StringTokenizer is deprecated, use String.split() instead.

Database Connection Pool

16. ER-207 (1) SQL Resource Management - Create Statement Without Close Rule: You have to close each created SQL Statement on method level. Use the finally block, but check for null value. If you use a operation in the finally block for closing your SQL resource, please define the operation name in the inspector.xml. Hammurapi will search for this method call and check the parameter list. This rule is only applicable in a connection-pooled environment.

17. ER-208 (1) SQL Resource Management - Create Statement Within a Loop: Never create Statements inside loops. This rule is only applicable in a connection-pooled environment.

18. ER-206 (2) Wrong declaration of SQL Resources Management: Do not declare Statements and ResultSets on Instance Level but use local variables on method level only. You may run in leakage problems if you do not close these resources in a connection-pooled environment.

EJB

19. ER-055 (1) Declare bean classes "public", but not "final"

20. ER-056 (1) Declare 'ejbCreate ()' methods "public", but neither "static" nor "final"

21. ER-057 (1) Declare finder methods "public" and neither "final" nor "static"

22. ER-058 (1) Implement one or more 'ejbCreate ()' methods in bean classes

23. ER-059 (1) Implement matching 'ejbPostCreate ()' methods for every 'ejbCreate()' in EntityBean classes

24. ER-061 (1) Do not define 'finalize ()' method in bean classes

25. ER-063 (1) Declare 'ejbPostCreate ()' "public" and neither "static" nor "final"

26. ER-064 (1) Make the return type "void" for SessionBeans' 'ejbCreate ()' methods

27. ER-065 (1) Make the return type "void" for the 'ejbPostCreate ()' method

28. ER-066 (1) Avoid passing the "this" reference as an argument

29. ER-067 (1) Avoid returning "this"

30. ER-068 (1) Avoid starting, stopping, or managing threads in any way

31. ER-060 (2) Avoid loading native libraries in a Bean class

32. ER-062 (2) Declare all "static" fields in the EJB component "final"

EJB, Clustring, or Load Balancing Architecture

33. ER-212 (2) Statefull Singleton could cause problems in an environment of EJB, Clustering, or Load Balancing Architecture. Make sure that all you class and instance variables are final. This inspector found non-final variable(s), beside the variable referenzing the singleton.

Exception handling

34. ER-039 (2) Catching too general exception type.

35. ER-045 (2) Throw too general exception type (Exception, Throwable, RuntimeException)

36. ER-046 (2) Method declares too general exception types (Exception, Throwable) in throws clause

37. ER-047 (2) Operation (method or constructor) declares subclasses of RuntimeException in throws clause

38. ER-095 (2) Too many exceptions listed in throws clause

Garbage Collection

39. ER-069 (1) Avoid calling 'finalize ()' explicitly

40. ER-070 (2) Avoid "static" collections; they can grow without bounds

General

41. ER-214 (1) Heterogenous Collection detected: The code adds objects of different types in a collection. This can cause serious mainteance issues. The creator and consumer of the collection have to have implicit knowledge about the index of a specific object inside of the collection. Go with a dedicated parameter or Data Transfer Object instead. There is only one exception for using Heterogenous Collection: If all objects in the collection implement a specific interface, this is acceptable.

JavaDoc

42. ER-105 (3) Document all Interfaces and public methods. Use a Class header. Provide Javadoc

Logging

43. ER-052 (1) Do not use printStackTrace(), use logger(, ) instead.

44. ER-049 (2) Unify logging strategy - define individual logger for class

45. ER-103 (2) Catch-blocks should log the exeption with Log4J.error("Context String" , exception )

Miscellaneous

46. ER-002 (1) Empty catch block

47. ER-006 (1) Missing default case for switch statement

48. ER-011 (1) Cyclomatic complexity exceeds specified limit

49. ER-019 (1) Avoid 'return' in finally block - meaning of this is not always obvious to the maintainer

50. ER-027 (1) Avoid using "new" keyword when creating String objects to hold string literals.

51. ER-053 (1) ResultSetMetaData is banned. The disclosure of DB internals (here Column Names) on Business/Service layer is bad design

52. ER-072 (1) Avoid using constructors in the 'clone ()' method

53. ER-073 (1) Call 'super.clone ()' in all 'clone ()' methods

54. ER-108 (1) Application controlled garbage collection is banned in a J2EE environment and mostly indicates lack of design.

55. ER-111 (1) LOG4J is mandatory for all logging in ERC. System.out.println will be lost in a system console of our web/app server.

56. ER-004 (2) A class should have no public fields except 'final' or 'static final'"

57. ER-008 (2) Synchronize at the block level rather than the method level

58. ER-009 (2) For statement requires update clause

59. ER-010 (2) Assignment inside conditional

60. ER-012 (2) Too many parameters

61. ER-013 (2) For statement requires initialization clause (1st argument)

62. ER-014 (2) For statement requires condition clause (2nd argument)"

63. ER-016 (2) Missing package declaration - encourage structuring and avoid namesapace conflicts by using packages

64. ER-017-E (2) Do not assign new value to a parameter. For comprehensibility, formal parameters should be final

65. ER-020 (2) Avoid empty finally block

66. ER-021 (2) One class/interface per file.

67. ER-026 (2) Avoid expressions like ? true : false

68. ER-037 (2) Logical nesting limit exceeded

69. ER-038 (2) Non-sequential logic - 'continue' statement

70. ER-040 (2) Avoid equality operations on 'true' and 'false' boolean literals.

71. ER-041 (2) Method is too long

72. ER-043 (2) Packages should be neither too lean nor too fat.

73. ER-071 (2) Avoid using an object to access "static" fields or methods

74. ER-074 (2) Avoid using "public static final" array fields

75. ER-112 (2) File doesn't contain classes or interfaces

76. ER-113 (2) Unused private/local variables

77. ER-202 (2) Disallows to use a particular type or package in a particular context.

78. ER-000 (3) No need to import classes from java.lang

79. ER-001 (3) Imports should be ordered according to the configuartion parameters and further for each parameter, imports should be arrange alphabetically

80. ER-003 (3) do, while, if, and for statements need a brace enclosed block

81. ER-005 (3) Classes, interfaces, methods, and variables should be named according to Sun's naming conventions.

82. ER-007 (3) Use upper case 'L' rather that lower case 'l' to qualify long literals

83. ER-015 (3) Duplicate import declaration

84. ER-018 (3) Sun coding standards - class modifiers should be in order (public protected private abstract static final strictfp)

85. ER-022 (3) No * imports.

86. ER-023 (3) Packages should begin with project or organization package prefix

87. ER-025 (3) Parenthesis are redundant

88. ER-109 (3) It is good practice to call in any case super() in a constructor. (see also: UnnecessaryConstructorRule )

89. ER-110 (3) Unnecessary constructor detects when a constructor is not necessary; i.e., when there's only one constructor, it's public, has an empty body, and takes no arguments.

Object Oriented Programming

90. ER-075 (1) Avoid hiding inherited instance fields

91. ER-077 (2) Avoid more than two levels of nested inner classes

Performance

92. ER-116 (3) Use StringBuffer for excessive String concatenation. This inspector skips static fields initializers, single concatenations (one +) and concatenations of constants like "a"+"b"+"c" because they are calculated at compile time.

Possible bugs

93. ER-035 (1) Switch statement case without 'break'

94. ER-048 (1) Use BigDecimal instead of Float or Double for monetary values

95. ER-080 (1) Avoid "for", "do", "while", "if" and "if ... else" statements with empty bodies

96. ER-084 (1) Avoid using text labels in "switch" statements

97. ER-079 (2) Avoid casting primitive data types to lower precision

98. ER-081 (2) Do not assign loop control variables in the body of a "for" loop

99. ER-102 (2) String Arrays are deprecated and are ONLY allowed for final variables

100. ER-106 (2) If you have to compare with a string do not use degree.equals("1")) but "1".equals(degree)

101. ER-028 (3) Avoid hardwired character literals

102. ER-029 (3) Avoid hardwired numeric literals

103. ER-030 (3) Avoid hardwired string literals

104. ER-082 (3) Avoid using method parameter names that conflict with class member names

105. ER-083 (3) Avoid giving non-constructor methods the same name as the class

Reports

106. ER-History (5) Generates history annotation.

107. Technology stack (5) Technology stack report

Resource management

108. ER-204 (2) Allocation of the resource should follow try/finally pattern to ensure proper de-allocation.

Security

109. ER-076 (1) Make inner classes "private"

Servlet

110. ER-086 (2) Minimize synchronization in Servlets

Threads and Synchronization

111. ER-088 (1) Avoid using variables of type 'java.lang.ThreadGroup'

112. ER-089 (2) Avoid using 'Thread.yield'

113. ER-091 (2) Give subclasses of Thread a 'run ()' method

114. ER-093 (2) Call 'wait ()' only inside a "while" loop

115. ER-094 (2) Use 'wait ()' and 'notifyAll ()' instead of polling loops

116. ER-099 (2) Use the "synchronized" modifier on methods that implement 'Runnable.run ()'

117. ER-087 (3) Do not use 'notify ()'; use 'notifyAll ()' instead

Work prioritization

118. Prioritizer (5) Generates priority metric. This metric is calculated as 100/((ln(clients+1)+1)*violationLevel+1) where clients is a number of classes which depend on classes in this file and violationLevel is a weighed sum of violations in the file. In a nutshell the worse the code in the file the lower priority metric value and as such the higher its position in the list.

Sources