Home
Code Rules
Display all the rules belongs to Power Builder language.
Category | Severity | Name | Description |
---|---|---|---|
|
|
|
All branches in a conditional structure should not have exactly the same implementation |
|
|
|
AES encryption algorithm should be used with secured mode |
|
|
|
Boolean checks should not be inverted |
|
|
|
Boolean literals should not be redundant |
|
|
|
CASE clauses should not have too many lines |
|
|
|
CASE expressions should end with ELSE clauses |
|
|
|
CASE should be used for sequences of simple tests |
|
|
|
CASE structures should not have too many case clauses |
|
|
|
List all unused components |
|
|
|
Collapsible if statements should be merged |
|
|
|
Comments should not be located at the end of lines of code |
|
|
|
SHA-1 and Message-Digest hash algorithms should not be used in secure contexts |
|
|
|
Database queries should not be vulnerable to injection attacks |
|
|
|
DES Crypting should not be used |
|
|
|
Encryption algorithms should be used with secure mode and padding scheme |
|
|
|
Cryptographic keys should be robust |
|
|
|
Encryption keys should not be hardcoded |
|
|
|
EXIT should not be used in loops |
|
|
|
Fields should not have public accessibility |
|
|
|
Files should not have too many lines of code |
|
|
|
FOR loop end conditions should not be hard - coded |
|
|
|
Function and Event parameters should comply with a naming convention |
|
|
|
Function OR Event name should comply with a naming convention |
|
|
|
Function return type does not match with the actual variable returned |
|
|
|
Functions Or Events should not have too many parameters |
|
|
|
Functions should end with RETURN statements |
|
|
|
Generic exceptions should not be ignored |
|
|
|
GOTO should not be used to jump backwards |
|
|
|
GOTO should not be used within loops |
|
|
|
GOTO statements should not be used |
|
|
|
IF ... ELSEIF constructs should end with ELSE clauses |
|
|
|
IF statement conditions should not evaluate unconditionally to TRUE or to FALSE |
|
|
|
IF statements should not be nested too deeply |
|
|
|
Hard coded IP address should not be used |
|
|
|
Jump statements should not be followed by dead code |
|
|
|
Jump statements should not be redundant |
|
|
|
Lines should not be too long |
|
|
|
Lines should not end with trailing whitespaces |
|
|
|
Loops with at most one iteration should be refactored |
|
|
|
Empty Method |
|
|
|
Missing destructor |
|
|
|
Naming Conventions |
|
|
|
Console logging should not be used |
|
|
|
CoSetProxyBlanket and CoInitializeSecurity should not be used |
|
|
|
Newline and control characters should not be used in string literals |
|
|
|
Duplicated Components |
|
|
|
OS commands should not be vulnerable to injection attacks |
|
|
|
Large PBL |
|
|
|
Redundant pairs of parentheses should be removed |
|
|
|
Regular expressions should not be vulnerable to Denial of Service attacks |
|
|
|
Related IF/ELSIF statements and WHEN clauses in a CASE should not have the same condition |
|
|
|
Return of boolean expressions should not be wrapped into an if-then-else statement |
|
|
|
Uncommented scripts |
|
|
|
Large Scripts |
|
|
|
SOAP and INET PowerBuilder objects do not support use of TLS 1.2 and that makes it vulnerable to attacks |
|
|
|
Statements should be on separate lines |
|
|
|
String literals should not be duplicated |
|
|
|
Syntax Errors |
|
|
|
OLE Web Browser not secured |
|
|
|
Track uses of FIXME tags |
|
|
|
Track uses of TODO tags |
|
|
|
Two branches in a conditional structure should not have exactly the same implementation |
|
|
|
Unused event parameters should be removed |
|
|
|
Unused function parameters should be removed |
|
|
|
Unused global variables/constants should be removed |
|
|
|
Unused labels should be removed |
|
|
|
Unused local variables should be removed |
|
|
|
Hard coded UserId / Password for database connection should not be used |
|
|
|
I/O function calls should not be vulnerable to path injection attacks |
|
|
|
Variables should comply with a naming convention |
|
|
|
Variables should not be self-assigned |
Display all the rules belongs to Oracle language.
Category | Severity | Name | Description |
---|---|---|---|
|
|
|
%TYPE and %ROWTYPE should not be used in package specification |
|
|
|
A primary key should be specified during table creation |
|
|
|
All branches in a conditional structure should not have exactly the same implementation |
|
|
|
An ORDER BY direction should be specified explicitly |
|
|
|
Block labels should appear on the same lines as END |
|
|
|
Block start and end labels should match |
|
|
|
Blocks containing EXECUTE IMMEDIATE should trap all exceptions |
|
|
|
Boolean checks should not be inverted |
|
|
|
Boolean literals should not be redundant |
|
|
|
CASE expressions should end with ELSE clauses |
|
|
|
CASE should be used for sequences of simple tests |
|
|
|
CASE should be used rather than DECODE |
|
|
|
CASE structures should not have too many WHEN clauses |
|
|
|
Unused components |
|
|
|
Collapsible if statements should be merged |
|
|
|
Collections should not be iterated in FOR loops |
|
|
|
Column aliases should be defined using AS |
|
|
|
Column names should be used in a SQL ORDER BY clause |
|
|
|
Columns should be aliased |
|
|
|
Columns to be read with a SELECT statement should be clearly defined |
|
|
|
Comments should not be located at the end of lines of code |
|
|
|
Comments should not be nested |
|
|
|
COMMIT and ROLLBACK should not be called from non-autonomous transaction triggers |
|
|
|
COMMIT should not be used inside a loop |
|
|
|
Compound triggers should define at least two triggers |
|
|
|
Constant declarations should contain initialization assignments |
|
|
|
Constraint names should comply with a naming convention |
|
|
|
Constraints should not be applied to types that cannot be constrained |
|
|
|
CREATE OR REPLACE should be used instead of CREATE |
|
|
|
CREATE_TIMER should not be used |
|
|
|
CROSS JOIN queries should not be used |
|
|
|
Cursor parameters should follow a naming convention |
|
|
|
cursor%NOTFOUND should be used instead of NOT cursor%FOUND |
|
|
|
Cursors should follow a naming convention |
|
|
|
DBMS_OUTPUT.PUT_LINE should not be used |
|
|
|
DBMS_UTILITY.FORMAT_ERROR_STACK and FORMAT_ERROR_BACKTRACE should be used together |
|
|
|
Dead stores should be removed |
|
|
|
DELETE and UPDATE statements should contain WHERE clause |
|
|
|
Deprecated LONG and LONG RAW datatypes should no longer be used |
|
|
|
Neither DES (Data Encryption Standard) nor DESede (3DES) should be used |
|
|
|
DML events clauses should not include multiple OF clauses |
|
|
|
Dynamically executing code is security-sensitive |
|
|
|
END LOOP should be followed by a semicolon |
|
|
|
END statements of labeled blocks should be labeled |
|
|
|
END statements of labeled loops should be labeled |
|
|
|
EXCEPTION WHEN ... THEN clauses should do more than RAISE |
|
|
|
EXCEPTION_INIT -20,NNN calls should be centralized |
|
|
|
Exceptions should follow a naming convention |
|
|
|
Exceptions should not be ignored |
|
|
|
EXECUTE IMMEDIATE should be used instead of DBMS_SQL procedure calls |
|
|
|
EXIT should not be used in loops |
|
|
|
EXIT WHEN should be used rather than IF ... THEN EXIT; END IF |
|
|
|
Explicitly opened cursors should be closed |
|
|
|
Features deprecated in Oracle 12 should not be used |
|
|
|
FETCH ... BULK COLLECT INTO should be used |
|
|
|
FETCH ... BULK COLLECT INTO should not be used without a LIMIT clause |
|
|
|
Files should not have too many lines of code |
|
|
|
FOR loop end conditions should not be hard - coded |
|
|
|
FORALL should be used |
|
|
|
FORALL statements should use the SAVE EXCEPTIONS clause |
|
|
|
FORMS_DDL('COMMIT') and FORMS_DDL('ROLLBACK') should not be used |
|
|
|
FULL OUTER JOINS should be used with caution |
|
|
|
Function and procedure names should comply with a naming convention |
|
|
|
Function and procedure parameters should comply with a naming convention |
|
|
|
Functions and procedures should not have too many parameters |
|
|
|
Functions should end with RETURN statements |
|
|
|
FUNCTIONS should not have OUT parameters |
|
|
|
Global public variables should not be defined |
|
|
|
GOTO should not be used to jump backwards |
|
|
|
GOTO should not be used within loops |
|
|
|
GOTO statements should not be used |
|
|
|
GROUP BY should not be used in SQL SELECT statements |
|
|
|
Identical expressions should not be used on both sides of a binary operator |
|
|
|
Identifiers should be written in lower case |
|
|
|
IF statement conditions should not evaluate unconditionally to TRUE or to FALSE |
|
|
|
IF statements should not be nested too deeply |
|
|
|
IF...ELSEIF constructs should end with ELSE clauses |
|
|
|
Improper constraint forms should not be used |
|
|
|
In labeled loops EXIT should exit the label |
|
|
|
Individual WHERE clause conditions should not be unconditionally true or false |
|
|
|
Insert statements should include values for non-null columns |
|
|
|
INSERT statements should explicitly list the columns to be set |
|
|
|
Jump statements should not be followed by dead code |
|
|
|
Jump statements should not be redundant |
|
|
|
Labels should not be re-defined in inner scopes |
|
|
|
Large item lists should not be used with IN clauses |
|
|
|
LIKE clauses should not be used without wildcards |
|
|
|
LIKE clauses should not start with wildcard characters |
|
|
|
Lines in a multiline comment should start with * |
|
|
|
Lines should not be too long |
|
|
|
Lines should not end with trailing whitespaces |
|
|
|
LOOP ... END LOOP; constructs should be avoided |
|
|
|
Loop start and end labels should match |
|
|
|
Loops with at most one iteration should be refactored |
|
|
|
Magic numbers should not be used |
|
|
|
Empty Method |
|
|
|
MLSLABEL should not be used |
|
|
|
Naming Conventions |
|
|
|
Native SQL joins should be used |
|
|
|
NATURAL JOIN queries should not be used |
|
|
|
NCHAR and NVARCHAR2 size should not be specified in bytes |
|
|
|
Nested blocks should be labeled |
|
|
|
Nested loops should be labeled |
|
|
|
Nested subqueries should be avoided |
|
|
|
Newline and control characters should not be used in string literals |
|
|
|
NULL should not be compared directly |
|
|
|
Nullable subqueries should not be used in NOT IN conditions |
|
|
|
NUMBER variables should be declared with precision |
|
|
|
Object attributes should comply with a naming convention |
|
|
|
Similar Items |
|
|
|
Oracle's join operator (+) should not be used |
|
|
|
Output parameters should be assigned |
|
|
|
Predefined exceptions should not be overridden |
|
|
|
PACKAGE BODY initialization sections should not contain RETURN statements |
|
|
|
Package names should comply with a naming convention |
|
|
|
Parameter IN mode should be specified explicitly |
|
|
|
Pipelined functions should have at least one PIPE ROW statement and not return an expression (PLS-00633) |
|
|
|
PLS_INTEGER types should be used |
|
|
|
Positional and named arguments should not be mixed in invocations |
|
|
|
Procedures and functions should be encapsulated in packages |
|
|
|
Procedures should have parameters |
|
|
|
Procedures should not contain RETURN statements |
|
|
|
Queries should not SELECT too many columns |
|
|
|
Quoted identifiers should not be used |
|
|
|
RAISE_APPLICATION_ERROR should only be used with error codes from -20,000 to - 20,999 |
|
|
|
Record fields should comply with a naming convention |
|
|
|
Redundant pairs of parentheses should be removed |
|
|
|
Related IF / ELSIF statements and WHEN clauses in a CASE should not have the same condition |
|
|
|
RESULT_CACHE should not be used |
|
|
|
Return of boolean expressions should not be wrapped into an if-then -else statement |
|
|
|
ROWID and UROWID data types should not be used |
|
|
|
ROWNUM should not be used at the same query level as ORDER BY |
|
|
|
Scale should not be specified for float types |
|
|
|
Uncommented scripts |
|
|
|
Large Scripts |
|
|
|
SELECT statements used as argument of EXISTS statements should be selective |
|
|
|
Sensitive SYS owned functions should not be used |
|
|
|
SHA-1 and Message-Digest hash algorithms should not be used in secure contexts |
|
|
|
SIMPLE_INTEGER should be used instead of PLS_INTEGER |
|
|
|
Single line comments should start with -- |
|
|
|
SQL EXISTS subqueries should not be used |
|
|
|
SQL JOIN conditions should involve all joined tables |
|
|
|
SQL statements should not join too many tables |
|
|
|
SQL tables should be joined with the JOIN keyword |
|
|
|
Statements should be on separate lines |
|
|
|
String literals should not be duplicated |
|
|
|
Size should be specified for string variables |
|
|
|
Strings should only be moved to variables or columns which are large enough to hold them |
|
|
|
SYNCHRONIZE should not be used |
|
|
|
Syntax Errors |
|
|
|
Tables should be aliased |
|
|
|
The number of variables in a FETCH statement should match the number of columns in the cursor |
|
|
|
The RELIES_ON clause should not be used |
|
|
|
The result_cache hint should be avoided |
|
|
|
TO_DATE and TO_TIMESTAMP should be used with a datetime format model |
|
|
|
TO_NUMBER should be used with a format model |
|
|
|
Track breaches of an XPath rule |
|
|
|
Track comments matching a regular expression |
|
|
|
Track uses of FIXME tags |
|
|
|
Track uses of NOSONAR comments |
|
|
|
Track uses of TODO tags |
|
|
|
Two branches in a conditional structure should not have exactly the same implementation |
|
|
|
Types should follow a naming convention |
|
|
|
Unary prefix operators should not be repeated |
|
|
|
NOT NULL variables should be initialized |
|
|
|
UNION should be used with caution |
|
|
|
Unused labels should be removed |
|
|
|
Unused local variables should be removed |
|
|
|
Unused procedure and function parameters should be removed |
|
|
|
VARCHAR2 and NVARCHAR2 should be used |
|
|
|
VARCHAR2 should be used |
|
|
|
Variables and columns should not be self-assigned |
|
|
|
Variables should be declared only once in a scope |
|
|
|
Variables should comply with a naming convention |
|
|
|
Variables should be nullable |
|
|
|
Variables should not be initialized with NULL |
|
|
|
Weak REF CURSOR types should not be used |
|
|
|
WHEN clauses should not have too many lines |
|
|
|
WHEN OTHERS clauses should be used for exception handling |
|
|
|
WHEN OTHERS should not be the only exception handler |
|
|
|
WHERE clause conditions should not be contradictory |
Display all the rules belongs to SqlServer language.
Category | Severity | Name | Description |
---|---|---|---|
|
|
|
@@IDENTITY should not be used |
|
|
|
A primary key should be specified during table creation |
|
|
|
All branches in a conditional structure should not have exactly the same implementation |
|
|
|
ANSI_NULLS, ANSI_PADDING and CONCAT_NULL_YIELDS_NULL should not be configured |
|
|
|
Boolean checks should not be inverted |
|
|
|
CASE expressions should end with ELSE clauses |
|
|
|
CASE expressions should not have too many WHEN clauses |
|
|
|
CASE input expressions should be invariant |
|
|
|
CATCH clauses should do more than rethrow |
|
|
|
COALESCE, IIF, and CASE input expressions should not contain subqueries |
|
|
|
Unused components |
|
|
|
Collapsible if statements should be merged |
|
|
|
Column names should be used in an ORDER BY clause |
|
|
|
Column references should not have more than two-parts |
|
|
|
Columns to be read with a SELECT statement should be clearly defined |
|
|
|
Conditionally executed code should be denoted by either indentation or BEGIN...END block |
|
|
|
Conditionals should start on new lines |
|
|
|
Control flow statements IF, WHILE and TRY should not be nested too deeply |
|
|
|
Control structures should use BEGIN...END blocks |
|
|
|
DELETE and UPDATE statements should contain WHERE clauses |
|
|
|
Deprecated features should not be used |
|
|
|
Deprecated system tables and views should not be used |
|
|
|
Duplicate values should not be passed as arguments |
|
|
|
Dynamically executing code is security-sensitive |
|
|
|
Empty statements should be removed |
|
|
|
Expressions should not be too complex |
|
|
|
Files should not have too many lines of code |
|
|
|
Function and procedure names should comply with a naming convention |
|
|
|
Functions and procedures should not have too many parameters |
|
|
|
Functions and stored procedure should not have too many lines of code |
|
|
|
GOTO statements should not be used |
|
|
|
Identical expressions should not be used on both sides of a binary operator |
|
|
|
IF ... ELSEIF constructs should end with ELSE clauses |
|
|
|
INSERT statements should explicitly list the columns to be set |
|
|
|
Jump statements should not be followed by dead code |
|
|
|
Jump statements should not be redundant |
|
|
|
LIKE clauses should not be used without wildcards |
|
|
|
LIKE clauses should not start with wildcard characters |
|
|
|
Lines should not be too long |
|
|
|
Local variable and parameter names should comply with a naming convention |
|
|
|
Loops with at most one iteration should be refactored |
|
|
|
Empty Method |
|
|
|
Multiline blocks should be enclosed in BEGIN...END blocks |
|
|
|
Multiple variables should not be declared on the same line |
|
|
|
Naming Conventions |
|
|
|
NOCOUNT should be activated on PROCEDURE and TRIGGER definitions |
|
|
|
Non-standard comparison operators should not be used |
|
|