From 1238af2787b2c83a6f9364d64c7ddf7cd8cd4dbb Mon Sep 17 00:00:00 2001 From: denis-troller Date: Mon, 29 Sep 2025 13:00:37 +0000 Subject: [PATCH 1/5] Create rule S8049 --- rules/S8049/apex/metadata.json | 25 +++++++++++++++++++ rules/S8049/apex/rule.adoc | 44 ++++++++++++++++++++++++++++++++++ rules/S8049/metadata.json | 2 ++ 3 files changed, 71 insertions(+) create mode 100644 rules/S8049/apex/metadata.json create mode 100644 rules/S8049/apex/rule.adoc create mode 100644 rules/S8049/metadata.json diff --git a/rules/S8049/apex/metadata.json b/rules/S8049/apex/metadata.json new file mode 100644 index 00000000000..536138c42ba --- /dev/null +++ b/rules/S8049/apex/metadata.json @@ -0,0 +1,25 @@ +{ + "title": "FIXME", + "type": "CODE_SMELL", + "status": "ready", + "remediation": { + "func": "Constant\/Issue", + "constantCost": "5min" + }, + "tags": [ + ], + "defaultSeverity": "Major", + "ruleSpecification": "RSPEC-8049", + "sqKey": "S8049", + "scope": "All", + "defaultQualityProfiles": ["Sonar way"], + "quickfix": "unknown", + "code": { + "impacts": { + "MAINTAINABILITY": "HIGH", + "RELIABILITY": "MEDIUM", + "SECURITY": "LOW" + }, + "attribute": "CONVENTIONAL" + } +} diff --git a/rules/S8049/apex/rule.adoc b/rules/S8049/apex/rule.adoc new file mode 100644 index 00000000000..3edb7d8d0d2 --- /dev/null +++ b/rules/S8049/apex/rule.adoc @@ -0,0 +1,44 @@ +FIXME: add a description + +// If you want to factorize the description uncomment the following line and create the file. +//include::../description.adoc[] + +== Why is this an issue? + +FIXME: remove the unused optional headers (that are commented out) + +//=== What is the potential impact? + +== How to fix it +//== How to fix it in FRAMEWORK NAME + +=== Code examples + +==== Noncompliant code example + +[source,apex,diff-id=1,diff-type=noncompliant] +---- +FIXME +---- + +==== Compliant solution + +[source,apex,diff-id=1,diff-type=compliant] +---- +FIXME +---- + +//=== How does this work? + +//=== Pitfalls + +//=== Going the extra mile + + +//== Resources +//=== Documentation +//=== Articles & blog posts +//=== Conference presentations +//=== Standards +//=== External coding guidelines +//=== Benchmarks diff --git a/rules/S8049/metadata.json b/rules/S8049/metadata.json new file mode 100644 index 00000000000..2c63c085104 --- /dev/null +++ b/rules/S8049/metadata.json @@ -0,0 +1,2 @@ +{ +} From 1c7570b1886829fd9f830267062b6e9b228e4e16 Mon Sep 17 00:00:00 2001 From: denis-troller Date: Mon, 29 Sep 2025 22:25:01 +0200 Subject: [PATCH 2/5] Update rules/S8049/apex/rule.adoc in PR #5655 --- rules/S8049/apex/rule.adoc | 57 +++++++++++++++++++++++++------------- 1 file changed, 38 insertions(+), 19 deletions(-) diff --git a/rules/S8049/apex/rule.adoc b/rules/S8049/apex/rule.adoc index 3edb7d8d0d2..50e64b04776 100644 --- a/rules/S8049/apex/rule.adoc +++ b/rules/S8049/apex/rule.adoc @@ -1,16 +1,33 @@ -FIXME: add a description - -// If you want to factorize the description uncomment the following line and create the file. -//include::../description.adoc[] +This rule raises an issue when a `while` loop does not use braces to enclose its body, even if the body contains only a single statement. == Why is this an issue? -FIXME: remove the unused optional headers (that are commented out) +While loops without braces can lead to maintenance issues and bugs. When the loop body contains only one statement, it's tempting to omit the braces for brevity. + +However, this practice creates several problems: + +* **Accidental logic errors**: When developers later add statements after the loop, they might assume these new statements are part of the loop body. Without braces, only the first statement actually belongs to the loop. +* **Reduced readability**: Braces make the loop structure immediately clear to anyone reading the code. +* **Inconsistent formatting**: Different developers might format single-statement loops differently, making the codebase harder to maintain. + +Consider this example: + +[source,apex] +---- +while (i < items.size()) + processItem(items[i]); + i++; // This line is NOT part of the loop! +---- + +In this case, the increment statement runs only once after the loop completes, creating an infinite loop. With braces, this mistake would be immediately obvious. + +=== What is the potential impact? -//=== What is the potential impact? +This issue can lead to logic errors and infinite loops when developers mistakenly add statements they believe are part of the loop body. It also reduces code maintainability and consistency across the codebase. == How to fix it -//== How to fix it in FRAMEWORK NAME + +Add braces around the while loop body, even for single statements. Place the opening brace on the same line as the while statement and the closing brace on its own line. === Code examples @@ -18,27 +35,29 @@ FIXME: remove the unused optional headers (that are commented out) [source,apex,diff-id=1,diff-type=noncompliant] ---- -FIXME +while (i < 10) + i++; // Noncompliant ---- ==== Compliant solution [source,apex,diff-id=1,diff-type=compliant] ---- -FIXME +while (i < 10) { + i++; +} ---- -//=== How does this work? +== Resources + +=== Documentation + + * Apex Developer Guide - Control Flow Statements - https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/langCon_apex_loops.htm[Official Salesforce documentation on loop statements in Apex] -//=== Pitfalls +=== Standards -//=== Going the extra mile + * CWE-483: Incorrect Block Delimitation - https://cwe.mitre.org/data/definitions/483.html[Covers issues related to incorrect use of block delimiters that can lead to logic errors] +=== Related rules -//== Resources -//=== Documentation -//=== Articles & blog posts -//=== Conference presentations -//=== Standards -//=== External coding guidelines -//=== Benchmarks + * RSPEC-121 - https://rules.sonarsource.com/csharp/RSPEC-121/[Control structures should use curly braces (C# version)] From bc07f6980e766e65b4388a73e48acc75ec64aa7b Mon Sep 17 00:00:00 2001 From: denis-troller Date: Mon, 29 Sep 2025 22:25:03 +0200 Subject: [PATCH 3/5] Update rules/S8049/apex/metadata.json in PR #5655 --- rules/S8049/apex/metadata.json | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) diff --git a/rules/S8049/apex/metadata.json b/rules/S8049/apex/metadata.json index 536138c42ba..065f0507ac2 100644 --- a/rules/S8049/apex/metadata.json +++ b/rules/S8049/apex/metadata.json @@ -1,25 +1,28 @@ { - "title": "FIXME", - "type": "CODE_SMELL", + "title": "While loops should use braces", + "type": "BUG", "status": "ready", "remediation": { - "func": "Constant\/Issue", - "constantCost": "5min" + "func": "Constant/Issue", + "constantCost": "1 min" }, "tags": [ + "convention", + "formatting" ], - "defaultSeverity": "Major", + "defaultSeverity": "Blocker", "ruleSpecification": "RSPEC-8049", "sqKey": "S8049", "scope": "All", - "defaultQualityProfiles": ["Sonar way"], + "defaultQualityProfiles": [ + "Sonar way" + ], "quickfix": "unknown", "code": { "impacts": { - "MAINTAINABILITY": "HIGH", - "RELIABILITY": "MEDIUM", - "SECURITY": "LOW" + "RELIABILITY": "BLOCKER", + "MAINTAINABILITY": "BLOCKER" }, "attribute": "CONVENTIONAL" } -} +} \ No newline at end of file From 6faee6c721516d460f72b4196e544a6d38fc9408 Mon Sep 17 00:00:00 2001 From: yassin-kammoun-sonarsouce Date: Mon, 13 Oct 2025 13:57:52 +0200 Subject: [PATCH 4/5] Update metadata and description --- rules/S8049/apex/metadata.json | 12 ++++++------ rules/S8049/apex/rule.adoc | 12 ++++++------ 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/rules/S8049/apex/metadata.json b/rules/S8049/apex/metadata.json index 065f0507ac2..8fa35dd0cb9 100644 --- a/rules/S8049/apex/metadata.json +++ b/rules/S8049/apex/metadata.json @@ -1,6 +1,6 @@ { - "title": "While loops should use braces", - "type": "BUG", + "title": "Loops should use braces", + "type": "CODE_SMELL", "status": "ready", "remediation": { "func": "Constant/Issue", @@ -10,7 +10,7 @@ "convention", "formatting" ], - "defaultSeverity": "Blocker", + "defaultSeverity": "Minor", "ruleSpecification": "RSPEC-8049", "sqKey": "S8049", "scope": "All", @@ -20,9 +20,9 @@ "quickfix": "unknown", "code": { "impacts": { - "RELIABILITY": "BLOCKER", - "MAINTAINABILITY": "BLOCKER" + "RELIABILITY": "LOW", + "MAINTAINABILITY": "LOW" }, "attribute": "CONVENTIONAL" } -} \ No newline at end of file +} diff --git a/rules/S8049/apex/rule.adoc b/rules/S8049/apex/rule.adoc index 50e64b04776..69f8fd6ce70 100644 --- a/rules/S8049/apex/rule.adoc +++ b/rules/S8049/apex/rule.adoc @@ -1,8 +1,8 @@ -This rule raises an issue when a `while` loop does not use braces to enclose its body, even if the body contains only a single statement. +This rule raises an issue when a loop does not use braces to enclose its body, even if the body contains only a single statement. == Why is this an issue? -While loops without braces can lead to maintenance issues and bugs. When the loop body contains only one statement, it's tempting to omit the braces for brevity. +Loops without braces can lead to maintenance issues and bugs. When the loop body contains only one statement, it's tempting to omit the braces for brevity. However, this practice creates several problems: @@ -27,7 +27,7 @@ This issue can lead to logic errors and infinite loops when developers mistakenl == How to fix it -Add braces around the while loop body, even for single statements. Place the opening brace on the same line as the while statement and the closing brace on its own line. +Add braces around the loop body, even for single statements. Place the opening brace on the same line as the loop statement and the closing brace on its own line. === Code examples @@ -35,8 +35,8 @@ Add braces around the while loop body, even for single statements. Place the ope [source,apex,diff-id=1,diff-type=noncompliant] ---- -while (i < 10) - i++; // Noncompliant +while (i < 10) // Noncompliant + i++; ---- ==== Compliant solution @@ -60,4 +60,4 @@ while (i < 10) { === Related rules - * RSPEC-121 - https://rules.sonarsource.com/csharp/RSPEC-121/[Control structures should use curly braces (C# version)] + * S121 From a6752cecf3d3c21bed8e6738549c32db0065fc99 Mon Sep 17 00:00:00 2001 From: yassin-kammoun-sonarsouce Date: Mon, 20 Oct 2025 09:39:35 +0200 Subject: [PATCH 5/5] Remove from Sonar way --- rules/S8049/apex/metadata.json | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/rules/S8049/apex/metadata.json b/rules/S8049/apex/metadata.json index 8fa35dd0cb9..2bc46ff9196 100644 --- a/rules/S8049/apex/metadata.json +++ b/rules/S8049/apex/metadata.json @@ -14,9 +14,7 @@ "ruleSpecification": "RSPEC-8049", "sqKey": "S8049", "scope": "All", - "defaultQualityProfiles": [ - "Sonar way" - ], + "defaultQualityProfiles": [], "quickfix": "unknown", "code": { "impacts": {