SonarLint for Eclipse 3.6 发布,可激活或停用任意规则

本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们

SonarLint for Eclipse 3.6 已发布,该版本在规则的管理上更进一步,现在可以在 Eclipse 首选项中找到已打开或关闭的规则,阅读其描述并选择激活或停用。

SonarLint for Eclipse 3.6 发布,可激活或停用任意规则

该版本还包含最新版本的 SonarJava analyzer ,支持使用 Java 10 构建的项目。

此外,还包含 29 条新规则:

  • S2761 - Unary prefix operators should not be repeated (Bug)

  • S4351 - "compareTo" should not be overloaded (Bug, pitfall)

  • S3366 - "this" should not be exposed from constructors (Code Smell, multi-threading, cwe, suspicious)

  • S4449 - Nullness of parameters should be guaranteed (Code Smell)

  • S4454 - "equals" method parameters should not be marked "@Nonnull" (Code Smell)

  • S126 - "if ... else if" constructs should end with "else" clauses (Code Smell, misra, cert)

  • S1821 - "switch" statements should not be nested (Code Smell, pitfall)

  • S4423 - Weak SSLContexts should not be used (Vulnerability, owasp-a6, cwe, sans-top25-porous)

  • S3510 - HostnameVerifier.verify" should not always return true (Vulnerability, owasp-a6, cwe)

  • S4201 - Null check should not be used with instanceof (Code Smell)

  • S4248 - Regex patterns should not be created needlessly (Code Smell, performance)

  • S4274 - Asserts should not be used to check the parameters of a public method (Code Smell, pitfall)

  • S4276 - Functional Interfaces should be as specialised as possible (Code Smell, performance)

  • S2234 - Parameters should be passed in the correct order (Code Smell)

  • S4524 - "default" clauses should be last (Code Smell, misra)

  • S3626 - Jump statements should not be redundant (Code Smell, clumsy)

  • S4425 - "Integer.toHexString" should not be used to build hexadecimal strings (Code Smell, cwe)

  • S3973 - Conditionally executed code should be denoted by either indentation or curly braces (Code Smell, suspicious)

  • S4424 - TrustManagers should not blindly accept any certificates (Vulnerability, owasp-a6, cwe, cert)

  • S2255 - Cookies should not be used to store sensitive information (Vulnerability, owasp-a3, cwe, cert)

  • S2755 - Untrusted XML should be parsed with a local, static DTD (Vulnerability, owasp-a1, owasp-a4, cwe)

  • S3329 - Cypher Block Chaining IV's should be random and unique (Vulnerability, owasp-a6, cwe)

  • S3330 - "HttpOnly" should be set on cookies (Vulnerability, owasp-a7, cwe, sans-top25-insecure)

  • S4426 - Cryptographic keys should not be too short (Vulnerability, owasp-a3, cwe)

  • S4432 - AES encryption algorithm should be used with secured mode (Vulnerability, owasp-a6, cwe, cert, sans-top25-porous)

  • S4433 - LDAP connections should be authenticated (Vulnerability, owasp-a2, cwe)

  • S4434 - LDAP deserialization should be disabled (Vulnerability, owasp-a8, cwe, cert)

  • S4435 - XML transformers should be secured (Vulnerability, owasp-a4, cwe)

  • S4499 - SMTP SSL connection should check server identity (Vulnerability, owasp-a3, cwe)

了解更多详情可查阅发行说明或访问 SonarLint for Eclipse 官网


【声明】文章转载自:开源中国社区 [http://www.oschina.net]


以上所述就是小编给大家介绍的《SonarLint for Eclipse 3.6 发布,可激活或停用任意规则》,希望对大家有所帮助,如果大家有任何疑问请给我留言,小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持!

为你推荐:

查看所有标签

码农书籍
CSS3专业网页开发指南

CSS3专业网页开发指南

Peter Gasston / 李景媛、吴晓嘉 / 人民邮电出版社 / 2014-3-1 / 45.00元

《CSS3专业网页开发指南》是英国著名Web前端开发工程师PeterGasston对CSS3高级技术的全面介绍。书中既有CSS3的发展历史、基本语法等入门知识介绍,也涵盖了媒体查询、选择器、伪类与伪元素、网页字体、文本排版、图形处理、动画、布局等CSS3前端开发必不可少的知识,还介绍了CSS3的未来发展方向。全书共分为17章,作者在每一章的讲解中都结合了大量的实例,同时也不忘介绍每一项技术的发展背景和适用场景,让读者对CSS3技术的应用真正做到融会贯通。

HTML 压缩/解压工具
HTML 压缩/解压工具

在线压缩/解压 HTML 代码

图片转BASE64编码
图片转BASE64编码

在线图片转Base64编码工具

RGB CMYK 转换工具
RGB CMYK 转换工具

RGB CMYK 互转工具