jSparrow v3.18.0/v2.15.0

Aggiunge ulteriori regole relative alle vulnerabilità di SQL injection e ai miglioramenti delle prestazioni.
Luglio 7, 2020
Nuova versione

Funzionalità

  • jSparrow Eclipse Plugin and Maven Plugin
    • New Rules
      • Use Parameterized JPA Query - Finds JPQL queries that are built by dynamically concatenating query fragments with potential user inputs and replaces them with parameterized JPQL queries. With this measure, the JDBC driver will escape input data before it is executed and therefore prevent SQL injection.
      • Avoid Concatenation in Logging Statements - Replaces string concatenations passed in logging statements with built-in string formatting. This spares some needless computation in case the logging level is not low enough to show the message. A built-in formatted string message improves readability.
      • Use Arrays Stream - Transforms Arrays.asList(T..values).stream() into an un-boxed specialized stream (i.e., IntStream, LongStream, or DoubleStream) whenever possible. Otherwise, the same stream generation is replaced with the shorthand method Stream.of(T... values).

Correzioni

  • jSparrow Eclipse Plugin
    • Make Fields And Variables Final - Avoids converting a field to final if it is reassigned in the constructors or initializers of inner classes.
    • Use Functional Interfaces - Prevents transforming an anonymous class into a lambda expression in some cases where occurrences of the this keyword refers to the instance of the anonymous class.
    • StringBuffer() to StringBuilder() - Prevents replacing a StringBuffer with a StringBuilder in case the original StringBuffer variable implicitly determines the type of the returned value.
    • Replace For-Loop with Stream::forEach - Fixes a corner case where the type boundaries of a generic lambda parameter could no longer be derived after the transformation.
jSparrow

jSparrow

Refactoring Java automatico.

Hai una domanda?

Chatta live con i nostri specialisti di gestione delle licenze di jSparrow ora.