-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
71 changed files
with
13,413 additions
and
63 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,43 +1,60 @@ | ||
| --- | ||
| title: Apex Rules | ||
| tags: [languages] | ||
| summary: PMD Apex Rules | ||
| sidebar: pmd_sidebar | ||
| permalink: pmd_rules_apex.html | ||
| last_updated: July 3, 2016 | ||
| folder: pmd/rules | ||
| --- | ||
| List of rulesets and rules contained in each ruleset. | ||
|
|
||
| * [ApexUnit](pmd_rules_apex_apexunit.html): These rules deal with different problems that can occur with Apex unit tests. | ||
| * [Braces](pmd_rules_apex_braces.html): The Braces ruleset contains rules regarding the use and placement of braces. | ||
| * [Complexity](pmd_rules_apex_complexity.html): The Complexity ruleset contains rules that find problems related to code size or complexity. | ||
| * [Performance](pmd_rules_apex_performance.html): The Performance ruleset contains a collection of good practices which should be followed. | ||
| * [Security](pmd_rules_apex_security.html): These rules deal with different security problems that can occur within Apex. | ||
| * [Style](pmd_rules_apex_style.html): The Style Ruleset contains rules regarding preferred usage of names and identifiers. | ||
|
|
||
| ## ApexUnit | ||
| * [ApexUnitTestClassShouldHaveAsserts](pmd_rules_apex_apexunit.html#apexunittestclassshouldhaveasserts): Apex unit tests should include at least one assertion. This makes the tests more robust, and usi... | ||
| * [ApexUnitTestShouldNotUseSeeAllDataTrue](pmd_rules_apex_apexunit.html#apexunittestshouldnotuseseealldatatrue): Apex unit tests should not use @isTest(seeAllData=true) because it opens up the existing database... | ||
|
|
||
| ## Braces | ||
| * [ForLoopsMustUseBraces](pmd_rules_apex_braces.html#forloopsmustusebraces): Avoid using 'for' statements without using surrounding braces. If the code formatting orindentati... | ||
| * [IfElseStmtsMustUseBraces](pmd_rules_apex_braces.html#ifelsestmtsmustusebraces): Avoid using if..else statements without using surrounding braces. If the code formattingor indent... | ||
| * [IfStmtsMustUseBraces](pmd_rules_apex_braces.html#ifstmtsmustusebraces): Avoid using if statements without using braces to surround the code block. If the codeformatting ... | ||
| * [WhileLoopsMustUseBraces](pmd_rules_apex_braces.html#whileloopsmustusebraces): Avoid using 'while' statements without using braces to surround the code block. If the codeformat... | ||
|
|
||
| ## Complexity | ||
| * [AvoidDeeplyNestedIfStmts](pmd_rules_apex_complexity.html#avoiddeeplynestedifstmts): Avoid creating deeply nested if-then statements since they are harder to read and error-prone to ... | ||
| * [ExcessiveClassLength](pmd_rules_apex_complexity.html#excessiveclasslength): Excessive class file lengths are usually indications that the class may be burdened with excessiv... | ||
| * [ExcessiveParameterList](pmd_rules_apex_complexity.html#excessiveparameterlist): Methods with numerous parameters are a challenge to maintain, especially if most of them share th... | ||
| * [ExcessivePublicCount](pmd_rules_apex_complexity.html#excessivepubliccount): Classes with large numbers of public methods and attributes require disproportionate testing effo... | ||
| * [NcssConstructorCount](pmd_rules_apex_complexity.html#ncssconstructorcount): This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of l... | ||
| * [NcssMethodCount](pmd_rules_apex_complexity.html#ncssmethodcount): This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of l... | ||
| * [NcssTypeCount](pmd_rules_apex_complexity.html#ncsstypecount): This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of l... | ||
| * [StdCyclomaticComplexity](pmd_rules_apex_complexity.html#stdcyclomaticcomplexity): Complexity directly affects maintenance costs is determined by the number of decision points in a... | ||
| * [TooManyFields](pmd_rules_apex_complexity.html#toomanyfields): Classes that have too many fields can become unwieldy and could be redesigned to have fewer field... | ||
|
|
||
| ## Performance | ||
| * [AvoidDmlStatementsInLoops](pmd_rules_apex_performance.html#avoiddmlstatementsinloops): Avoid DML statements inside loops to avoid hitting the DML governor limit. Instead, try to batch ... | ||
| * [AvoidSoqlInLoops](pmd_rules_apex_performance.html#avoidsoqlinloops): New objects created within loops should be checked to see if they can created outside them and re... | ||
|
|
||
| ## Security | ||
| * [ApexBadCrypto](pmd_rules_apex_security.html#apexbadcrypto): The rule makes sure you are using randomly generated IVs and keys for 'Crypto' calls.Hard-wiring ... | ||
| * [ApexCRUDViolation](pmd_rules_apex_security.html#apexcrudviolation): The rule validates you are checking for access permissions before a SOQL/SOSL/DML operation.Since... | ||
| * [ApexCSRF](pmd_rules_apex_security.html#apexcsrf): Check to avoid making DML operations in Apex class constructor/init method. This preventsmodifica... | ||
| * [ApexDangerousMethods](pmd_rules_apex_security.html#apexdangerousmethods): Checks against calling dangerous methods.For the time being, it reports: Against 'FinancialForce'... | ||
| * [ApexInsecureEndpoint](pmd_rules_apex_security.html#apexinsecureendpoint): Checks against accessing endpoints under plain http. You should always usehttps for security. | ||
| * [ApexOpenRedirect](pmd_rules_apex_security.html#apexopenredirect): Checks against redirects to user-controlled locations. This prevents attackers fromredirecting us... | ||
| * [ApexSharingViolations](pmd_rules_apex_security.html#apexsharingviolations): Detect classes declared without explicit sharing mode if DML methods are used. Thisforces the dev... | ||
| * [ApexSOQLInjection](pmd_rules_apex_security.html#apexsoqlinjection): Detects the usage of untrusted / unescaped variables in DML queries. | ||
| * [ApexSuggestUsingNamedCred](pmd_rules_apex_security.html#apexsuggestusingnamedcred): Detects hardcoded credentials used in requests to an endpoint.You should refrain from hardcoding ... | ||
| * [ApexXSSFromEscapeFalse](pmd_rules_apex_security.html#apexxssfromescapefalse): Reports on calls to 'addError' with disabled escaping. The message passed to 'addError'will be di... | ||
| * [ApexXSSFromURLParam](pmd_rules_apex_security.html#apexxssfromurlparam): Makes sure that all values obtained from URL parameters are properly escaped / sanitizedto avoid ... | ||
|
|
||
| ## Style | ||
| * [AvoidGlobalModifier](pmd_rules_apex_style.html#avoidglobalmodifier): Global classes should be avoided (especially in managed packages) as they can never be deleted or... | ||
| * [AvoidLogicInTrigger](pmd_rules_apex_style.html#avoidlogicintrigger): As triggers do not allow methods like regular classes they are less flexible and suited to apply ... | ||
| * [ClassNamingConventions](pmd_rules_apex_style.html#classnamingconventions): Class names should always begin with an upper case character. | ||
| * [MethodNamingConventions](pmd_rules_apex_style.html#methodnamingconventions): Method names should always begin with a lower case character, and should not contain underscores. | ||
| * [MethodWithSameNameAsEnclosingClass](pmd_rules_apex_style.html#methodwithsamenameasenclosingclass): Non-constructor methods should not have the same name as the enclosing class. | ||
| * [VariableNamingConventions](pmd_rules_apex_style.html#variablenamingconventions): A variable naming conventions rule - customize this to your liking. Currently, itchecks for fina... | ||
|
|
||
| ## PMD Has the Following Rules for Apex *(Salesforce)* | ||
|
|
||
| ### Performance | ||
|
|
||
| | Rule | Description | | ||
| | --- | --- | | ||
| | AvoidSoqlInLoops | New objects created within loops should be checked to see if they can created outside them and reused. | | ||
| | AvoidDmlStatementsInLoops | Avoid DML statements inside loops to avoid hitting the DML governor limit. Instead, try to batch up the data into a list and invoke your DML once on that list of data outside the loop. | | ||
|
|
||
| ### Complexity | ||
|
|
||
| | Rule | Description | | ||
| | --- | --- | | ||
| | AvoidDeeplyNestedIfStmts | Avoid creating deeply nested if-then statements since they are harder to read and error-prone to maintain. | | ||
| | ExcessiveParameterList | Methods with numerous parameters are a challenge to maintain, especially if most of them share the same datatype. These situations usually denote the need for new objects to wrap the numerous parameters. | | ||
| | ExcessiveClassLength | Excessive class file lengths are usually indications that the class may be burdened with excessive responsibilities that could be provided by external classes or functions. In breaking these methods apart the code becomes more managable and ripe for reuse. | | ||
| | NcssMethodCount | This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of lines of code for a given method. NCSS ignores comments, and counts actual statements. Using this algorithm, lines of code that are split are counted as one. | | ||
| | NcssTypeCount | This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of lines of code for a given type. NCSS ignores comments, and counts actual statements. Using this algorithm, lines of code that are split are counted as one. | | ||
| | NcssConstructorCount | This rule uses the NCSS (Non-Commenting Source Statements) algorithm to determine the number of lines of code for a given constructor. NCSS ignores comments, and counts actual statements. Using this algorithm, lines of code that are split are counted as one. | | ||
| | StdCyclomaticComplexity | Complexity directly affects maintenance costs is determined by the number of decision points in a method plus one for the method entry. The decision points include ‘if’, ‘while’, ‘for’, and ‘case labels’ calls. Generally, numbers ranging from 1-4 denote low complexity, 5-7 denote moderate complexity, 8-10 denote high complexity, and 11+ is very high complexity. | | ||
| | TooManyFields | Classes that have too many fields can become unwieldy and could be redesigned to have fewer fields, possibly through grouping related fields in new objects. For example, a class with individual city/state/zip fields could park them within a single Address field. | | ||
| | ExcessivePublicCount | Classes with large numbers of public methods and attributes require disproportionate testing efforts since combinational side effects grow rapidly and increase risk. Refactoring these classes into smaller ones not only increases testability and reliability but also allows new variations to be developed easily. | | ||
|
|
||
| ### Style | ||
|
|
||
| | Rule | Description | | ||
| | --- | --- | | ||
| | VariableNamingConventions | A variable naming conventions rule - customize this to your liking. Currently, it checks for final variables that should be fully capitalized and non-final variables that should not include underscores. | | ||
| | MethodNamingConventions | Method names should always begin with a lower case character, and should not contain underscores. | | ||
| | ClassNamingConventions | Class names should always begin with an upper case character. | | ||
| | MethodWithSameNameAsEnclosingClass | Non-constructor methods should not have the same name as the enclosing class. | | ||
| | AvoidLogicInTrigger | As triggers do not allow methods like regular classes they are less flexible and suited to apply good encapsulation style. Therefore delegate the triggers work to a regular class (often called Trigger handler class). See more here: <a href="https://developer.salesforce.com/page/Trigger_Frameworks_and_Apex_Trigger_Best_Practices" target="_blank">Trigger Frameworks and Apex Trigger Best Practices</a> | | ||
| | AvoidGlobalModifier | Global classes should be avoided (especially in managed packages) as they can never be deleted or changed in signature. Always check twice if something needs to be global. Many interfaces (e.g. Batch) required global modifiers in the past but don’t require this anymore. Don’t look yourself in. | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,73 @@ | ||
| --- | ||
| title: ApexUnit | ||
| summary: These rules deal with different problems that can occur with Apex unit tests. | ||
| permalink: pmd_rules_apex_apexunit.html | ||
| folder: pmd/rules/apex | ||
| sidebaractiveurl: /pmd_rules_apex.html | ||
| editmepath: ../pmd-apex/src/main/resources/rulesets/apex/apexunit.xml | ||
| --- | ||
| ## ApexUnitTestClassShouldHaveAsserts | ||
|
|
||
| **Since:** PMD 5.5.1 | ||
|
|
||
| **Priority:** Medium (3) | ||
|
|
||
| Apex unit tests should include at least one assertion. This makes the tests more robust, and using assert | ||
| with messages provide the developer a clearer idea of what the test does. | ||
|
|
||
| **This rule is defined by the following Java class:** [net.sourceforge.pmd.lang.apex.rule.apexunit.ApexUnitTestClassShouldHaveAsserts](https://github.com/pmd/pmd/blob/master/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/apexunit/ApexUnitTestClassShouldHaveAsserts.java) | ||
|
|
||
| **Example(s):** | ||
|
|
||
| ``` | ||
| @isTest | ||
| public class Foo { | ||
| public static testMethod void testSomething() { | ||
| Account a = null; | ||
| // This is better than having a NullPointerException | ||
| // System.assertNotEquals(a, null, 'account not found'); | ||
| a.toString(); | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| **This rule has the following properties:** | ||
|
|
||
| |Name|Default Value|Description| | ||
| |----|-------------|-----------| | ||
| |cc_categories|[Style]|Code Climate Categories| | ||
| |cc_remediation_points_multiplier|1|Code Climate Remediation Points multiplier| | ||
| |cc_block_highlighting|false|Code Climate Block Highlighting| | ||
|
|
||
| ## ApexUnitTestShouldNotUseSeeAllDataTrue | ||
|
|
||
| **Since:** PMD 5.5.1 | ||
|
|
||
| **Priority:** Medium (3) | ||
|
|
||
| Apex unit tests should not use @isTest(seeAllData=true) because it opens up the existing database data for unexpected modification by tests. | ||
|
|
||
| **This rule is defined by the following Java class:** [net.sourceforge.pmd.lang.apex.rule.apexunit.ApexUnitTestShouldNotUseSeeAllDataTrue](https://github.com/pmd/pmd/blob/master/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/apexunit/ApexUnitTestShouldNotUseSeeAllDataTrue.java) | ||
|
|
||
| **Example(s):** | ||
|
|
||
| ``` | ||
| @isTest(seeAllData = true) | ||
| public class Foo { | ||
| public static testMethod void testSomething() { | ||
| Account a = null; | ||
| // This is better than having a NullPointerException | ||
| // System.assertNotEquals(a, null, 'account not found'); | ||
| a.toString(); | ||
| } | ||
| } | ||
| ``` | ||
|
|
||
| **This rule has the following properties:** | ||
|
|
||
| |Name|Default Value|Description| | ||
| |----|-------------|-----------| | ||
| |cc_categories|[Style]|Code Climate Categories| | ||
| |cc_remediation_points_multiplier|1|Code Climate Remediation Points multiplier| | ||
| |cc_block_highlighting|false|Code Climate Block Highlighting| | ||
|
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,150 @@ | ||
| --- | ||
| title: Braces | ||
| summary: The Braces ruleset contains rules regarding the use and placement of braces. | ||
| permalink: pmd_rules_apex_braces.html | ||
| folder: pmd/rules/apex | ||
| sidebaractiveurl: /pmd_rules_apex.html | ||
| editmepath: ../pmd-apex/src/main/resources/rulesets/apex/braces.xml | ||
| --- | ||
| ## ForLoopsMustUseBraces | ||
|
|
||
| **Since:** PMD 5.6.0 | ||
|
|
||
| **Priority:** Medium (3) | ||
|
|
||
| Avoid using 'for' statements without using surrounding braces. If the code formatting or | ||
| indentation is lost then it becomes difficult to separate the code being controlled | ||
| from the rest. | ||
|
|
||
| ``` | ||
| //ForLoopStatement | ||
| [child::ExpressionStatement] | ||
| | | ||
| //ForEachStatement | ||
| [child::ExpressionStatement] | ||
| ``` | ||
|
|
||
| **Example(s):** | ||
|
|
||
| ``` | ||
| for (int i = 0; i < 42; i++) // not recommended | ||
| foo(); | ||
| for (int i = 0; i < 42; i++) { // preferred approach | ||
| foo(); | ||
| } | ||
| ``` | ||
|
|
||
| **This rule has the following properties:** | ||
|
|
||
| |Name|Default Value|Description| | ||
| |----|-------------|-----------| | ||
| |cc_categories|[Style]|Code Climate Categories| | ||
| |cc_remediation_points_multiplier|1|Code Climate Remediation Points multiplier| | ||
| |cc_block_highlighting|false|Code Climate Block Highlighting| | ||
|
|
||
| ## IfElseStmtsMustUseBraces | ||
|
|
||
| **Since:** PMD 5.6.0 | ||
|
|
||
| **Priority:** Medium (3) | ||
|
|
||
| Avoid using if..else statements without using surrounding braces. If the code formatting | ||
| or indentation is lost then it becomes difficult to separate the code being controlled | ||
| from the rest. | ||
|
|
||
| ``` | ||
| //ExpressionStatement[parent::IfBlockStatement] | ||
| | | ||
| //ExpressionStatement[parent::IfElseBlockStatement] | ||
| | | ||
| //IfElseBlockStatement[parent::IfBlockStatement] | ||
| ``` | ||
|
|
||
| **Example(s):** | ||
|
|
||
| ``` | ||
| // this is OK | ||
| if (foo) x++; | ||
| // but this is not | ||
| if (foo) | ||
| x = x+1; | ||
| else | ||
| x = x-1; | ||
| ``` | ||
|
|
||
| **This rule has the following properties:** | ||
|
|
||
| |Name|Default Value|Description| | ||
| |----|-------------|-----------| | ||
| |cc_categories|[Style]|Code Climate Categories| | ||
| |cc_remediation_points_multiplier|1|Code Climate Remediation Points multiplier| | ||
| |cc_block_highlighting|false|Code Climate Block Highlighting| | ||
|
|
||
| ## IfStmtsMustUseBraces | ||
|
|
||
| **Since:** PMD 5.6.0 | ||
|
|
||
| **Priority:** Medium (3) | ||
|
|
||
| Avoid using if statements without using braces to surround the code block. If the code | ||
| formatting or indentation is lost then it becomes difficult to separate the code being | ||
| controlled from the rest. | ||
|
|
||
| ``` | ||
| //IfBlockStatement/ExpressionStatement | ||
| ``` | ||
|
|
||
| **Example(s):** | ||
|
|
||
| ``` | ||
| if (foo) // not recommended | ||
| x++; | ||
| if (foo) { // preferred approach | ||
| x++; | ||
| } | ||
| ``` | ||
|
|
||
| **This rule has the following properties:** | ||
|
|
||
| |Name|Default Value|Description| | ||
| |----|-------------|-----------| | ||
| |cc_categories|[Style]|Code Climate Categories| | ||
| |cc_remediation_points_multiplier|1|Code Climate Remediation Points multiplier| | ||
| |cc_block_highlighting|false|Code Climate Block Highlighting| | ||
|
|
||
| ## WhileLoopsMustUseBraces | ||
|
|
||
| **Since:** PMD 5.6.0 | ||
|
|
||
| **Priority:** Medium (3) | ||
|
|
||
| Avoid using 'while' statements without using braces to surround the code block. If the code | ||
| formatting or indentation is lost then it becomes difficult to separate the code being | ||
| controlled from the rest. | ||
|
|
||
| ``` | ||
| //WhileLoopStatement/ExpressionStatement | ||
| ``` | ||
|
|
||
| **Example(s):** | ||
|
|
||
| ``` | ||
| while (true) // not recommended | ||
| x++; | ||
| while (true) { // preferred approach | ||
| x++; | ||
| } | ||
| ``` | ||
|
|
||
| **This rule has the following properties:** | ||
|
|
||
| |Name|Default Value|Description| | ||
| |----|-------------|-----------| | ||
| |cc_categories|[Style]|Code Climate Categories| | ||
| |cc_remediation_points_multiplier|1|Code Climate Remediation Points multiplier| | ||
| |cc_block_highlighting|false|Code Climate Block Highlighting| | ||
|
|
Oops, something went wrong.