SonarLint for Eclipse 3.6 发布，可激活或停用任意规则

内容简介：SonarLint for Eclipse 3.6 已发布，该版本在规则的管理上更进一步，现在可以在 Eclipse 首选项中找到已打开或关闭的规则，阅读其描述并选择激活或停用。 该版本还包含最新版本的 SonarJava analyzer ，支持使用 ...

SonarLint for Eclipse 3.6 已发布，该版本在规则的管理上更进一步，现在可以在 Eclipse 首选项中找到已打开或关闭的规则，阅读其描述并选择激活或停用。

该版本还包含最新版本的 SonarJava analyzer ，支持使用 Java 10 构建的项目。

此外，还包含 29 条新规则：

• S2761 - Unary prefix operators should not be repeated (Bug)

• S4351 - "compareTo" should not be overloaded (Bug, pitfall)

• S3366 - "this" should not be exposed from constructors (Code Smell, multi-threading, cwe, suspicious)

• S4449 - Nullness of parameters should be guaranteed (Code Smell)

• S4454 - "equals" method parameters should not be marked "@Nonnull" (Code Smell)

• S126 - "if ... else if" constructs should end with "else" clauses (Code Smell, misra, cert)

• S1821 - "switch" statements should not be nested (Code Smell, pitfall)

• S4423 - Weak SSLContexts should not be used (Vulnerability, owasp-a6, cwe, sans-top25-porous)

• S3510 - HostnameVerifier.verify" should not always return true (Vulnerability, owasp-a6, cwe)

• S4201 - Null check should not be used with instanceof (Code Smell)

• S4248 - Regex patterns should not be created needlessly (Code Smell, performance)

• S4274 - Asserts should not be used to check the parameters of a public method (Code Smell, pitfall)

• S4276 - Functional Interfaces should be as specialised as possible (Code Smell, performance)

• S2234 - Parameters should be passed in the correct order (Code Smell)

• S4524 - "default" clauses should be last (Code Smell, misra)

• S3626 - Jump statements should not be redundant (Code Smell, clumsy)

• S4425 - "Integer.toHexString" should not be used to build hexadecimal strings (Code Smell, cwe)

• S3973 - Conditionally executed code should be denoted by either indentation or curly braces (Code Smell, suspicious)

• S4424 - TrustManagers should not blindly accept any certificates (Vulnerability, owasp-a6, cwe, cert)

• S2255 - Cookies should not be used to store sensitive information (Vulnerability, owasp-a3, cwe, cert)

• S2755 - Untrusted XML should be parsed with a local, static DTD (Vulnerability, owasp-a1, owasp-a4, cwe)

• S3329 - Cypher Block Chaining IV's should be random and unique (Vulnerability, owasp-a6, cwe)

• S3330 - "HttpOnly" should be set on cookies (Vulnerability, owasp-a7, cwe, sans-top25-insecure)

• S4426 - Cryptographic keys should not be too short (Vulnerability, owasp-a3, cwe)

• S4432 - AES encryption algorithm should be used with secured mode (Vulnerability, owasp-a6, cwe, cert, sans-top25-porous)

• S4433 - LDAP connections should be authenticated (Vulnerability, owasp-a2, cwe)

• S4434 - LDAP deserialization should be disabled (Vulnerability, owasp-a8, cwe, cert)

• S4435 - XML transformers should be secured (Vulnerability, owasp-a4, cwe)

• S4499 - SMTP SSL connection should check server identity (Vulnerability, owasp-a3, cwe)

了解更多详情可查阅发行说明或访问 SonarLint for Eclipse 官网。

【声明】文章转载自：开源中国社区 [http://www.oschina.net]

以上所述就是小编给大家介绍的《SonarLint for Eclipse 3.6 发布，可激活或停用任意规则》，希望对大家有所帮助，如果大家有任何疑问请给我留言，小编会及时回复大家的。在此也非常感谢大家对 码农网 的支持！

查看所有标签

猜你喜欢:

• Java 社区平台 Sym 3.3.0 发布，支持停用账号
• Linux停用“黑名单”，因为这是敏感词，涉嫌种族歧视
• Python TfidfVectorizer throw：空词汇;也许文件只包含停用词“
• OpenBSD 6.4 将默认停用英特尔处理器的超线程功能
• 常用激活函数
• vue获取当前激活路由的方法

本站部分资源来源于网络，本站转载出于传递更多信息之目的，版权归原作者或者来源机构所有，如转载稿涉及版权问题，请联系我们。