Read about 3 new Scala code patterns we just added to our platform in our mission Codacy to support multiple coding languages effectively.
1. Avoid using DateTime.now without a timezone (ErrorΒ Prone)
Using DateTime.now without specifying a timezone can lead to error prone code with regard to dealing with other timezones than those initially considered, as well as with daylight saving time.
For instance, the following example:
val now = DateTime.now
could easily be written as:
val now = DateTime.now(DateTimeZone.UTC)
2. Prefer usingΒ .nonEmpty (CodeΒ Style)
The collections libraries usually provide a method for determining if the iterable has, at least, one element, with:
val hasElements = SomeSequence.nonEmpty
This is a bit cleaner than verifying explicitly the length or the size:
val hasElements = SomeSequence.length > 0 val hasElementsUsingSize = SomeSequence.size > 0
3. Prevent XML parsing attacks (Security)
XML External Entity (XXE) attacks can occur when an XML parser supports XML entities while processing XML received from an untrusted source.
Vulnerable Code:
SAXParser parser = SAXParserFactory.newInstance().newSAXParser(); parser.parse(inputStream, customHandler);
Solution using βSecure processingβ mode:
SAXParserFactory spf = SAXParserFactory.newInstance(); spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true); SAXParser parser = spf.newSAXParser(); parser.parse(inputStream, customHandler);
Solution disabling DTD:
SAXParserFactory spf = SAXParserFactory.newInstance();
spf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
SAXParser parser = spf.newSAXParser();
parser.parse(inputStream, customHandler);
Enabling patterns withΒ Codacy
When new patterns are added, theyβre disabled for already existing projects.
To enable them for a project first head to the project and hit βCode Patternsβ on the top right corner. Youβll be able to filter the patterns by language or category:
To enable the new patterns simply look for the βNewβ tag on them and hit their respective checkbox:
If youβre interested, thereβs also a βFork patternβ button on the bottom right corner of the details of every Scala pattern.
Hitting this button will take you to our Beta Pattern Creator with the current pattern loaded; you can then edit it to create your own:
Have fun, code well!
Edit: We just published an ebook: βThe Ultimate Guide to Code Reviewβ based on a survey of 680+ developers. Enjoy!
About Codacy
Codacy is used by thousands of developers to analyze billions of lines of code every day!
Getting started is easy β and free! Just use yourΒ Β GitHub, Bitbucket or Google account toΒ sign up.
