1.静态代码检查-Sonar-GO语言扫描规则
1.sonar搭建成功后查看语言扫描规则如图:默认GO语言扫描规则46条。
2.规则总结
1.异味
"=+" should not be used instead of "+=" 不应该用"=+"代替"+=" |
"default" clauses should be first or last default 应该出现在最开头 或 最结尾 |
"for" loop increment clauses should modify variables from loop conditions for“循环增量”子句应该根据循环条件修改变量 |
"if ... else if" constructs should end with "else" clauses else if”结构应该以“else”子句结束 |
"switch case" clauses should not have too many lines “switch case”子句不应该有太多行 |
"switch" statements should have "default" clauses “switch”语句应该有“default”子句 |
"switch" statements should not be nested “switch”语句不应该嵌套 |
"switch" statements should not have too many "case" clauses “switch”语句不应该有太多的“case”子句 |
Boolean literals should not be redundant 布尔文字不应该是多余的 |
Branches should have sufficient coverage by tests 分支应该有足够的测试覆盖率 |
Cognitive Complexity of functions should not be too high 功能的认知复杂性不应过高 |
Collapsible "if" statements should be merged 应该合并可折叠的“if”语句 |
Control flow statements "if", "for" and "switch" should not be nested too deeply 控制流语句“if”、“for”和“switch”不应该嵌套得太深 |
Files should not have too many lines of code 文件不应该有太对代码行 |
Function and method names should comply with a naming convention 函数名和方法名应该符合命名约 |
Functions and methods should not have too many lines 函数和方法不应该有太多行 |
Functions should not be empty 函数不应该是空行的 |
Functions should not have identical implementations 函数不应该有相同的实现 |
Lines should have sufficient coverage by tests 行应该有足够的测试覆盖率 |
Lines should not be too long 行不应该太长 |
Nested blocks of code should not be left empty 嵌套的代码块不应该是空的 |
Octal values should not be used 不应该使用八进制值 |
Skipped unit tests should be either removed or fixed 应该删除或修复跳过的单元测试 |
Source files should have a sufficient density of comment lines 源文件应该有足够的注释行密度 |
Source files should not have any duplicated blocks 源文件不应该有任何重复的块 |
String literals should not be duplicated 字符串文字不应重复 |
Track lack of copyright and license headers 跟踪缺乏版权和许可证标题 |
Track uses of "FIXME" tags 跟踪“FIXME”标签的使用 |
Track uses of "TODO" tags 不应该有 “TODO” 标签 |
Two branches in a conditional structure should not have exactly the same implementation 条件结构中的两个分支不应该具有完全相同的实现 |
Unused function parameters should be removed 应该删除未使用的函数参数 |
2.漏洞
Credentials should not be hard-coded 凭证不应该硬编码 |
IP addresses should not be hardcoded IP地址不应该硬编码 |
3.bug
All branches in a conditional structure should not have exactly the same implementation 条件结构中的所有分支不应该具有完全相同的实现 |
Collection sizes and array length comparisons should make sense 集合大小和数组长度比较应该有意义 |
Failed unit tests should be fixed 失败的单元测试应该被修复 |
Identical expressions should not be used on both sides of a binary operator 二进制运算符的两边不应该使用相同的表达式 |
Jump statements should not be followed by dead code 跳转语句后面不应该跟着死代码 |
Loops with at most one iteration should be refactored 应该重构最多一次迭代的循环 |
Related "if/else if" statements should not have the same condition 相关的“if/else if”语句不应该具有相同的条件 |
Unary prefix operators should not be repeated 不应重复使用一元前缀运算符 |
Useless "if(true) {...}" and "if(false){...}" blocks should be removed 无用的“如果(真正的){…}”和“如果(false){…}”块应该被删除 |
Variables should not be self-assigned 变量不应该自行分配 |