Home Products 3 new Scala code patterns

3 new Scala code patterns

Author

Date

Category

Read about 3 new Scala code patterns we just added to our platform in our mission Codacy to support multiple coding languages effectively.

1. Avoid using DateTime.now without a timezone (Errorย Prone)

Using DateTime.now without specifying a timezone can lead to error prone code with regard to dealing with other timezones than those initially considered, as well as with daylight saving time.

For instance, the following example:

val now = DateTime.now

could easily be written as:

val now = DateTime.now(DateTimeZone.UTC)

2. Prefer usingย .nonEmpty (Codeย Style)

The collections libraries usually provide a method for determining if the iterable has, at least, one element, with:

val hasElements = SomeSequence.nonEmpty

This is a bit cleaner than verifying explicitly the length or the size:

val hasElements = SomeSequence.length > 0
 val hasElementsUsingSize = SomeSequence.size > 0

3. Prevent XML parsing attacks (Security)

XML External Entity (XXE) attacks can occur when an XML parser supports XML entities while processing XML received from an untrusted source.

Vulnerable Code:

SAXParser parser = SAXParserFactory.newInstance().newSAXParser();
 parser.parse(inputStream, customHandler);

Solution using โ€œSecure processingโ€ mode:

SAXParserFactory spf = SAXParserFactory.newInstance();
 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 SAXParser parser = spf.newSAXParser();
 parser.parse(inputStream, customHandler);

Solution disabling DTD:

SAXParserFactory spf = SAXParserFactory.newInstance();
 spf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
 SAXParser parser = spf.newSAXParser();
 parser.parse(inputStream, customHandler);

Enabling patterns withย Codacy

When new patterns are added, theyโ€™re disabled for already existing projects.

To enable them for a project first head to the project and hit โ€œCode Patternsโ€ on the top right corner. Youโ€™ll be able to filter the patterns by language or category:

selecting language for patterns

To enable the new patterns simply look for the โ€œNewโ€ tag on them and hit their respective checkbox:

enabling patterns

If youโ€™re interested, thereโ€™s also a โ€œFork patternโ€ button on the bottom right corner of the details of every Scala pattern.

fork pattern

Hitting this button will take you to our Beta Pattern Creator with the current pattern loaded; you can then edit it to create your own:

pattern creator - beta

Have fun, code well!


Edit: We just published an ebook: โ€œThe Ultimate Guide to Code Reviewโ€ based on a survey of 680+ developers. Enjoy!


About Codacy

Codacy is used by thousands of developers to analyze billions of lines of code every day!

Getting started is easy โ€“ and free! Just use yourย ย GitHub, Bitbucket or Google account toย sign up.

GET STARTED

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

Recent posts

How does code quality fit into your CI/CD pipeline?

Continuous Integration and Continuous Deployment (CI/CD) are key for organizations wanting to deliver software at scale. CI/CD allows developers to automate...

How Stim uses Codacy to achieve high-quality code

We spoke with Tobias Sjรถsten, Head of Software Engineering at Stim, about how Codacy helps them guarantee code quality and standardization...

6 things developers should do to ship more secure code

Writing better, more secure source code is fundamental to prevent potential exploits and attacks that could undermine your software applications. However,...

Best practices for security code reviews

In today's interconnected world, where data breaches and cyber threats are increasingly common, one of your top priorities should be to...

April Product Update ๐Ÿš€

Hi there ๐Ÿ‘‹ It's been a whirlwind month, and we have big news to share: