Coding Guidelines

1. ER-054 (1) Avoid calling an "abstract" method from a constructor in an "abstract" class

2. ER-033 (2) Source file is too long

3. ER-104 (2) Use a Collection instead of arrays Object[]

4. ER-031 (3) More than one statement per line

5. ER-032 (3) Array declarators should be placed next to the type, not the variable name

6. ER-034 (3) Variables should be declared in individual statements.

7. ER-036 (3) Line is too long

8. ER-096 (3) Empty statements

9. ER-098 (3) No need to provide (public, abstract, ) modifiers for interface methods

10. ER-107 (3) Instance variables and method names shouldn't have same name

11. ER-200 (3) Instance variables and the declaring type shouldn't have same name

12. ER-201 (3) Discourage usage of instance variables like a, j by enforcing minimal variable name length.

Coding standards

13. ER-211 (2) Dot chain (e.g. a().b.c.d().e().g().toString()) is too long.

14. ER-114 (3) Use object.equals(anotherObject) instead of object.compareTo(anotherObject)==0

15. ER-210 (3) StringTokenizer is deprecated, use String.split() instead.

Database Connection Pool

16. ER-207 (1) SQL Resource Management - Create Statement Without Close Rule: You have to close each created SQL Statement on method level. Use the finally block, but check for null value. If you use a operation in the finally block for closing your SQL resource, please define the operation name in the inspector.xml. Hammurapi will search for this method call and check the parameter list. This rule is only applicable in a connection-pooled environment.

17. ER-208 (1) SQL Resource Management - Create Statement Within a Loop: Never create Statements inside loops. This rule is only applicable in a connection-pooled environment.

18. ER-206 (2) Wrong declaration of SQL Resources Management: Do not declare Statements and ResultSets on Instance Level but use local variables on method level only. You may run in leakage problems if you do not close these resources in a connection-pooled environment.

EJB

19. ER-055 (1) Declare bean classes "public", but not "final"

20. ER-056 (1) Declare 'ejbCreate ()' methods "public", but neither "static" nor "final"

21. ER-057 (1) Declare finder methods "public" and neither "final" nor "static"

22. ER-058 (1) Implement one or more 'ejbCreate ()' methods in bean classes

23. ER-059 (1) Implement matching 'ejbPostCreate ()' methods for every 'ejbCreate()' in EntityBean classes

24. ER-061 (1) Do not define 'finalize ()' method in bean classes

25. ER-063 (1) Declare 'ejbPostCreate ()' "public" and neither "static" nor "final"

26. ER-064 (1) Make the return type "void" for SessionBeans' 'ejbCreate ()' methods

27. ER-065 (1) Make the return type "void" for the 'ejbPostCreate ()' method

28. ER-066 (1) Avoid passing the "this" reference as an argument

29. ER-067 (1) Avoid returning "this"

30. ER-068 (1) Avoid starting, stopping, or managing threads in any way

31. ER-060 (2) Avoid loading native libraries in a Bean class

32. ER-062 (2) Declare all "static" fields in the EJB component "final"

EJB, Clustring, or Load Balancing Architecture

33. ER-212 (2) Statefull Singleton could cause problems in an environment of EJB, Clustering, or Load Balancing Architecture. Make sure that all you class and instance variables are final. This inspector found non-final variable(s), beside the variable referenzing the singleton.

Exception handling

34. ER-039 (2) Catching too general exception type.

35. ER-045 (2) Throw too general exception type (Exception, Throwable, RuntimeException)

36. ER-046 (2) Method declares too general exception types (Exception, Throwable) in throws clause

37. ER-047 (2) Operation (method or constructor) declares subclasses of RuntimeException in throws clause

38. ER-095 (2) Too many exceptions listed in throws clause

Garbage Collection

39. ER-069 (1) Avoid calling 'finalize ()' explicitly

40. ER-070 (2) Avoid "static" collections; they can grow without bounds

General

41. ER-214 (1) Heterogenous Collection detected: The code adds objects of different types in a collection. This can cause serious mainteance issues. The creator and consumer of the collection have to have implicit knowledge about the index of a specific object inside of the collection. Go with a dedicated parameter or Data Transfer Object instead. There is only one exception for using Heterogenous Collection: If all objects in the collection implement a specific interface, this is acceptable.

JavaDoc

42. ER-105 (3) Document all Interfaces and public methods. Use a Class header. Provide Javadoc

Logging

43. ER-052 (1) Do not use printStackTrace(), use logger(, ) instead.

44. ER-049 (2) Unify logging strategy - define individual logger for class

45. ER-103 (2) Catch-blocks should log the exeption with Log4J.error("Context String" , exception )

Miscellaneous

46. ER-002 (1) Empty catch block

47. ER-006 (1) Missing default case for switch statement

48. ER-011 (1) Cyclomatic complexity exceeds specified limit

49. ER-019 (1) Avoid 'return' in finally block - meaning of this is not always obvious to the maintainer

50. ER-024 (1) Directory structure should match package structure

51. ER-027 (1) Avoid using "new" keyword when creating String objects to hold string literals.

52. ER-053 (1) ResultSetMetaData is banned. The disclosure of DB internals (here Column Names) on Business/Service layer is bad design

53. ER-072 (1) Avoid using constructors in the 'clone ()' method

54. ER-073 (1) Call 'super.clone ()' in all 'clone ()' methods

55. ER-108 (1) Application controlled garbage collection is banned in a J2EE environment and mostly indicates lack of design.

56. ER-111 (1) LOG4J is mandatory for all logging in ERC. System.out.println will be lost in a system console of our web/app server.

57. ER-004 (2) A class should have no public fields except 'final' or 'static final'"

58. ER-008 (2) Synchronize at the block level rather than the method level

59. ER-009 (2) For statement requires update clause

60. ER-010 (2) Assignment inside conditional

61. ER-012 (2) Too many parameters

62. ER-013 (2) For statement requires initialization clause (1st argument)

63. ER-014 (2) For statement requires condition clause (2nd argument)"

64. ER-016 (2) Missing package declaration - encourage structuring and avoid namesapace conflicts by using packages

65. ER-017-E (2) Do not assign new value to a parameter. For comprehensibility, formal parameters should be final

66. ER-020 (2) Avoid empty finally block

67. ER-021 (2) One class/interface per file.

68. ER-026 (2) Avoid expressions like ? true : false

69. ER-037 (2) Logical nesting limit exceeded

70. ER-038 (2) Non-sequential logic - 'continue' statement

71. ER-040 (2) Avoid equality operations on 'true' and 'false' boolean literals.

72. ER-041 (2) Method is too long

73. ER-043 (2) Packages should be neither too lean nor too fat.

74. ER-071 (2) Avoid using an object to access "static" fields or methods

75. ER-074 (2) Avoid using "public static final" array fields

76. ER-112 (2) File doesn't contain classes or interfaces

77. ER-113 (2) Unused private/local variables

78. ER-202 (2) Disallows to use a particular type or package in a particular context.

79. ER-000 (3) No need to import classes from java.lang

80. ER-001 (3) Imports should be ordered according to the configuartion parameters and further for each parameter, imports should be arrange alphabetically

81. ER-003 (3) do, while, if, and for statements need a brace enclosed block

82. ER-005 (3) Classes, interfaces, methods, and variables should be named according to Sun's naming conventions.

83. ER-007 (3) Use upper case 'L' rather that lower case 'l' to qualify long literals

84. ER-015 (3) Duplicate import declaration

85. ER-018 (3) Sun coding standards - class modifiers should be in order (public protected private abstract static final strictfp)

86. ER-022 (3) No * imports.

87. ER-023 (3) Packages should begin with project or organization package prefix

88. ER-025 (3) Parenthesis are redundant

89. ER-109 (3) It is good practice to call in any case super() in a constructor. (see also: UnnecessaryConstructorRule )

90. ER-110 (3) Unnecessary constructor detects when a constructor is not necessary; i.e., when there's only one constructor, it's public, has an empty body, and takes no arguments.

Object Oriented Programming

91. ER-075 (1) Avoid hiding inherited instance fields

92. ER-077 (2) Avoid more than two levels of nested inner classes

Performance

93. ER-116 (3) Use StringBuffer for excessive String concatenation. This inspector skips static fields initializers, single concatenations (one +) and concatenations of constants like "a"+"b"+"c" because they are calculated at compile time.

Possible bugs

94. ER-035 (1) Switch statement case without 'break'

95. ER-048 (1) Use BigDecimal instead of Float or Double for monetary values

96. ER-080 (1) Avoid "for", "do", "while", "if" and "if ... else" statements with empty bodies

97. ER-084 (1) Avoid using text labels in "switch" statements

98. ER-079 (2) Avoid casting primitive data types to lower precision

99. ER-081 (2) Do not assign loop control variables in the body of a "for" loop

100. ER-102 (2) String Arrays are deprecated and are ONLY allowed for final variables

101. ER-106 (2) If you have to compare with a string do not use degree.equals("1")) but "1".equals(degree)

102. ER-028 (3) Avoid hardwired character literals

103. ER-029 (3) Avoid hardwired numeric literals

104. ER-030 (3) Avoid hardwired string literals

105. ER-082 (3) Avoid using method parameter names that conflict with class member names

106. ER-083 (3) Avoid giving non-constructor methods the same name as the class

Reports

107. ER-History (5) Generates history annotation.

108. Technology stack (5) Technology stack report

Resource management

109. ER-204 (2) Allocation of the resource should follow try/finally pattern to ensure proper de-allocation.

Security

110. ER-076 (1) Make inner classes "private"

Servlet

111. ER-086 (2) Minimize synchronization in Servlets

Threads and Synchronization

112. ER-088 (1) Avoid using variables of type 'java.lang.ThreadGroup'

113. ER-089 (2) Avoid using 'Thread.yield'

114. ER-091 (2) Give subclasses of Thread a 'run ()' method

115. ER-093 (2) Call 'wait ()' only inside a "while" loop

116. ER-094 (2) Use 'wait ()' and 'notifyAll ()' instead of polling loops

117. ER-099 (2) Use the "synchronized" modifier on methods that implement 'Runnable.run ()'

118. ER-087 (3) Do not use 'notify ()'; use 'notifyAll ()' instead

Work prioritization

119. Prioritizer (5) Generates priority metric. This metric is calculated as 100/((ln(clients+1)+1)*violationLevel+1) where clients is a number of classes which depend on classes in this file and violationLevel is a weighed sum of violations in the file. In a nutshell the worse the code in the file the lower priority metric value and as such the higher its position in the list.

Sources