An explicit call was made to a finalize method. Finalize methods are meant to be executed at most once (by the garbage collector). Calling it explicitly could result in the method being executed twice for that object (once by you, once by the garbage collector). 4 Classes that have too many fields could be redesigned to have less fields and some nested object grouping some of the information collected on the many fields. 4 Avoid importing anything from the package 'java.lang'. These classes are automatically imported (JLS 7.5.3). 4 Identifies a possible unsafe usage of a static field. 4 Abstract classes should be named 'AbstractXXX'. 4 Avoid instantiating an object just to call getClass() on it; use the .class public member instead 4 A high number of imports can indicate a high degree of coupling within an object. Rule counts the number of unique imports and reports a violation if the count is above the user defined threshold. 4 Non-constructor methods should not have the same name as the enclosing class. 4 It is a good practice to call super() in a constructor. If super() is not called but another constructor, such as an overloaded constructor, of the class is called, this rule will not report it. 4 When doing a String.toLowerCase()/toUpperCase() call, use a Locale. This avoids problems with certain locales, i.e. Turkish. 4 A large amount of public methods and attributes declared in an object can indicate the class may need to be broken up as increased effort will be required to thoroughly test such a class. 4 Avoid using dollar signs in variable/method/class/interface names. 4 Avoid using 'for' statements without using curly braces 4 The method name and parameter number are suspiciously close to equals(Object), which may mean you are trying (and failing) to override the equals(Object) method. 2 This is dangerous because if a java.lang.Error, for example OutOfMemmoryError, occurs then it will be caught. The container should handle java.lang.Error. If application code will catch them, try to log them (which will probably fail) and continue silently the situation will not be desirable. 4 Using Exceptions as flow control leads to GOTOish code. 4 If a final field is assigned to a compile-time constant, it could be made static, thus saving overhead in each object 4 The method name and return type are suspiciously close to hashCode(), which may mean you are trying (and failing) to override the hashCode() method. 4 Fields in interfaces are automatically public static final, and methods are public abstract. Classes or interfaces nested in an interface are automatically public and static (all nested interfaces are automatically static). For historical reasons, modifiers which are implied by the context are accepted by the compiler, but are superfluous. 4 Calling overridable methods during construction poses a risk of invoking methods on an incompletely constructed object. This situation can be difficult to discern. It may leave the sub-class unable to construct its superclass or forced to replicate the construction process completely within itself, losing the ability to call super(). If the default constructor contains a call to an overridable method, the subclass may be completely uninstantiable. Note that this includes method calls throughout the control flow graph - i.e., if a constructor Foo() calls a private method bar() that calls a public method buz(), there's a problem. 2 The abstract class does not contain any abstract methods. An abstract class suggests an incomplete implementation, which is to be completed by subclasses implementing the abstract methods. If the class is intended to be used as a base class only (not to be instantiated direcly) a protected constructor can be provided prevent direct instantiation. 4 A nonstatic initializer block will be called any time a constructor is invoked (just prior to invoking the constructor). While this is a valid language construct, it is rarely used and is confusing. 4 Detects when a local variable is declared and/or assigned, but not used. 4 A high ratio of statements to labels in a switch statement implies that the switch statement is doing too much work. Consider moving the statements either into new methods, or creating subclasses based on the switch variable. 4 At some places Exception is caught and then a check with instanceof is performed. This result in messy code. It's considered better to catch all the specific exceptions instead. 4 Avoid empty finally blocks - these can be deleted. 4 Normally only one logger is used in each class. 2 1 ] ]]> Avoid returning from a finally block - this can discard exceptions. 4 Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Scale: 1-4 (low complexity) 5-7 (moderate complexity) 8-10 (high complexity) 10+ (very high complexity) 4 Avoid calling toString() on String objects; this is unnecessary 4 Each caught exception type should be handled in its own catch clause. 4 Avoid unused import statements. 4 Avoid empty try blocks - what's the point? 2 The method clone() should only be implemented if the class implements Cloneable interface 4 An empty statement (aka a semicolon by itself) that is not used as the sole body of a for loop or while loop is probably a bug. It could also be a double semicolon, which is useless and should be removed. 4 Sometimes return statement expressions are wrapped in unnecessary parentheses, making them look like a function call. 4 It is somewhat confusing to have a field name with the same name as a method. While this is totally legal, having information (field) and actions (method) is not clear naming. 4 The default label in a switch statement should be the last label, by convention. Most programmers will expect the default label (if present) to be the last one. 4 Method level synchronization can backfire when new code is added to the method. Block-level synchronization helps to ensure that only the code that needs synchronization gets it. 4 It is unclear which exceptions that can be thrown from the methods. It might be difficult to document and understand the vague interfaces. Use either a class derived from RuntimeException or a checked exception. 4 Detects when a private field is declared and/or assigned a value, but not used. 4 Instantiation by way of private constructors from outside of the constructor's class often causes the generation of an accessor. A factory method, or non-privitization of the constructor can eliminate this situation. The generated class file is actually an interface. It gives the accessing class the ability to invoke a new hidden package scope constructor that takes the interface as a supplementary parameter. This turns a private constructor effectively into one with package scope, though not visible to the naked eye. 4 Reassigning values to parameters is a questionable practice. Use a temporary local variable instead. 4 A class that has private constructors and does not have any static method cannot be used. 4 0 and count(.//ConstructorDeclaration) = count(.//ConstructorDeclaration[@Private='true']) ) and count(.//MethodDeclaration[@Static='true'])=0 ] ]]> Excessive Method Length usually means that the method is doing too much. There is usually quite a bit of Cut and Paste there as well. Try to reduce the method size by creating helper methods, and removing cut and paste. Default value is 2.5 sigma greater than the mean. There are three parameters available: minimum - Minimum Length before reporting. sigma - Std Deviations away from the mean before reporting. topscore - The Maximum Number of reports to generate. At this time, only one can be used at a time. 4 No need to import a type that's in the same package. 4 Rule counts unique attributes, local variables and return types within an object. An amount higher than specified threshold can indicate a high degree of couping with in an object 4 It is somewhat confusing to have a field name matching the declaring class name. This proabably means that type and or field names could be more precise. 4 Avoid idempotent operations - they are silly. 4 Method names should always begin with a lower case character, and should not contain underscores. 2 A method should have only one exit point, and that should be the last statement in the method. 0) { return "hey"; // oops, multiple exit points! } return "hi"; } } ]]> 4 Override both public boolean Object.equals(Object other), and public int Object.hashCode(), or override neither. Even if you are inheriting a hashCode() from a parent class, consider implementing hashCode and explicitly delegating to your superclass. 4 Avoid duplicate import statements. 4 Avoid unnecessary temporaries when converting primitives to Strings 4 The method clone() should throw a CloneNotSupportedException 4 Avoid using implementation types (i.e., HashSet); use the interface (i.e, Set) instead 4 A non-case label (e.g. a named break/continue label) was present in a switch statement. This legal, but confusing. It is easy to mix up the case labels and the non-case labels. 4 A switch statement without an enclosed break statement may be a bug. 4 Finds usages of += for appending strings. 4 Avoid assigments in operands; this can make code more complicated and harder to read. 4 Avoid unnecessary comparisons in boolean expressions - this makes simple code seem complicated. 4 Unnecessary constructor detects when a constructor is not necessary; i.e., when there's only one constructor, it's public, has an empty body, and takes no arguments. 4 Long Class files are indications that the class may be trying to do too much. Try to break it down, and reduce the size to something managable. Default value is 2.5 sigma greater than the mean. NOTE: In version 0.9 and higher, their are three parameters available: minimum - Minimum Length before reporting. sigma - Std Deviations away from the mean before reporting. topscore - The Maximum Number of reports to generate. At this time, only one can be used at a time. 4 Object clone() should be implemented with super.clone() 2 0 ] ]]> If you override finalize(), make it protected. Otherwise, subclasses may not called your implementation of finalize. 4 No need to check for null before an instanceof; the instanceof keyword returns false when given a null argument. 4 Avoid unnecessary if..then..else statements when returning a boolean 4 In an "if" expression with an "else" clause, avoid negation in the test. For example, rephrase: if (x != y) diff(); else same(); as: if (x == y) same(); else diff(); Most "if (x != y)" cases without an "else" are often return cases, so consistent use of this rule makes the code easier to read. Also, this resolves trivial ordering problems, such as "does the error case go first?" or "does the common case go first?". 4 Avoid unnecessary return statements 4 In most cases, the Logger can be declared static and final. 2 Avoid importing anything from the 'sun.*' packages. These packages are not portable and are likely to change. 4 A field that's only used by one method could perhaps be replaced by a local variable 4 A suspicious octal escape sequence was found inside a String literal. The Java language specification (section 3.10.6) says an octal escape sequence inside a literal String shall consist of a backslash followed by: OctalDigit | OctalDigit OctalDigit | ZeroToThree OctalDigit OctalDigit Any octal escape sequence followed by non-octal digits can be confusing, e.g. "\038" is interpreted as the octal escape sequence "\03" followed by the literal character "8". 4 Empty Catch Block finds instances where an exception is caught, but nothing is done. In most circumstances, this swallows an exception which should either be acted on or reported. 4 1] [count(*) = 0] [../@Finally='false' or following-sibling::Block] ]]> Some for loops can be simplified to while loops - this makes them more concise. 4 1][not(ForInit)][not(ForUpdate)] ]]> ArrayList is a much better Collection implementation than Vector. 4 It is very easy to confuse methods with classname with constructors. It is preferrable to name these non-constructor methods in a different way. 4 A field name is all in uppercase characters, which in sun's java naming conventions indicate a constant. However, the field is not final. 4 Code containing duplicate String literals can usually be improved by declaring the String as a constant field. 4 Unused Private Method detects when a private method is declared but is unused. 4 An empty static initializer was found. 4 If the finalize() is implemented, it should do something besides just calling super.finalize(). 4 A call to Collection.toArray can use the Collection's size vs an empty Array of the desired type. 4 Avoid using if statements without using curly braces 4 Empty While Statement finds all instances where a while statement does nothing. If it is a timing loop, then you should use Thread.sleep() for it; if it's a while loop that does a lot in the exit expression, rewrite it to make it clearer. 2 If the finalize() method is empty, then it does not need to exist. 4 Avoid empty switch statements. 4 Avoid instantiating Boolean objects, instead use Boolean.valueOf(). 2 Avoid jumbled loop incrementers - it's usually a mistake, and it's confusing even if it's what's intended. 4 If you have a class that has nothing but static methods, consider making it a Singleton. Note that this doesn't apply to abstract classes, since their subclasses may well include non-static methods. Also, if you want this class to be a Singleton, remember to add a private constructor to prevent instantiation. 4 Be sure to specify a Locale when creating a new instance of SimpleDateFormat. 4 Avoid passing parameters to methods and then not using those parameters. 4 Do not use "if" statements that are always true or always false. 4 finalize() is called by the garbage collector on an object when garbage collection determines that there are no more references to the object. 4 Do not use protected fields in final classes since they cannot be subclassed. Clarify your intent by using private or package access modifiers instead. 4 1) Avoid throwing certain exception types. Rather than throw a raw RuntimeException, Throwable, Exception, or Error, use a subclassed exception or error instead. 2) Avoid throwing a NullPointerException - it's confusing because most people will assume that the VM threw NPE. Consider using InvalidArgumentException("Null parameter") which will be clearly seen as a programmer initiated exception.. Use IllegalArgumentException or IllegalStateException instead. 2 A method argument that is never assigned can be declared final. 4 Code should never throw NPE under normal circumstances. A catch block may hide the original error, causing other more subtle errors in its wake. 4 Deeply nested if..then statements are hard to read. y) { if (y>z) { if (z==x) { // this is officially out of control now } } } } } ]]> 4 Since it passes in a literal of length 1, this call to String.startsWith can be rewritten using String.charAt(0) to save some time. 4 Detects when a new object is created inside a loop 4 This checks to make sure that the Parameter Lists in the project aren't getting too long. If there are long parameter lists, then that is generally indicative that another object is hiding around there. Basically, try to group the parameters together. Default value is 2.5 sigma greater than the mean. NOTE: In version 0.9 and higher, their are three parameters available: minimum - Minimum Length before reporting. sigma - Std Deviations away from the mean before reporting. topscore - The Maximum Number of reports to generate. At this time, only one can be used at a time. 4 Assigning a "null" to a variable (outside of its declaration) is usually in bad form. Some times, the assignment is an indication that the programmer doesn't completely understand what is going on in the code. NOTE: This sort of assignment may in rare cases be useful to encourage garbage collection. If that's what you're using it for, by all means, disregard this rule :-) 4 Avoid using if..else statements without using curly braces 4 Avoid instantiating String objects; this is usually unnecessary. 2 Empty If Statement finds instances where a condition is checked but nothing is done about it. 2 Avoid using 'while' statements without using curly braces 4 Newbie programmers sometimes get the comparison concepts confused and use equals() to compare to null. 2 Ensures that Connection objects are always closed after use 4 Avoid equality comparisons with Double.NaN - these are likely to be logic errors. 4 Detects when a field, formal or local variable is declared with a long name. 4 32]]]> Class names should always begin with an upper case character. 2 Partially created objects can be returned by the Double Checked Locking pattern when used in Java. An optimizing JRE may assign a reference to the baz variable before it creates the object the reference is intended to point to. For more details see http://www.javaworld.com/javaworld/jw-02-2001/jw-0209-double.html. 2 Sometimes two 'if' statements can be consolidated by separating their conditions with a boolean short-circuit operator. 5 notify() awakens a thread monitoring the object. If more than one thread is monitoring, then only one is chosen. The thread chosen is arbitrary; thus it's usually safer to call notifyAll() instead. 4 A local variable assigned only once can be declared final. 4 Detects when very short method names are used. 4 Avoid concatenating non literals in a StringBuffer constructor or append(). 2 System.(out|err).println is used, consider using a logger. 2 If the finalize() is implemented, its last action should be to call super.finalize 4 Avoid empty synchronized blocks - they're useless. 4 When a class has the final modifier, all the methods are marked finally. 4 Switch statements should have a default label. 4 Methods named finalize() should not have parameters. It is confusing and probably a bug to overload finalize(). It will not be called by the VM. 4 0]] ]]> Identifies private fields whose values never change once they are initialized either in the declaration of the field or by a constructor. This aids in converting existing classes to immutable classes. 4