Get started
Home Codacy News 3 new Scala code patterns

3 new Scala code patterns

3 new code patterns for Scala

Author

Codacy

Date

Category

Codacy News

Read about 3 new Scala code patterns we just added to our platform in our mission Codacy to support multiple coding languages effectively.

1. Avoid using DateTime.now without a timezone (Error Prone)

Using DateTime.now without specifying a timezone can lead to error prone code with regard to dealing with other timezones than those initially considered, as well as with daylight saving time.

For instance, the following example:

val now = DateTime.now

could easily be written as:

val now = DateTime.now(DateTimeZone.UTC)

2. Prefer using .nonEmpty (Code Style)

The collections libraries usually provide a method for determining if the iterable has, at least, one element, with:

val hasElements = SomeSequence.nonEmpty

This is a bit cleaner than verifying explicitly the length or the size:

val hasElements = SomeSequence.length > 0
 val hasElementsUsingSize = SomeSequence.size > 0

3. Prevent XML parsing attacks (Security)

XML External Entity (XXE) attacks can occur when an XML parser supports XML entities while processing XML received from an untrusted source.

Vulnerable Code:

SAXParser parser = SAXParserFactory.newInstance().newSAXParser();
 parser.parse(inputStream, customHandler);

Solution using “Secure processing” mode:

SAXParserFactory spf = SAXParserFactory.newInstance();
 spf.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
 SAXParser parser = spf.newSAXParser();
 parser.parse(inputStream, customHandler);

Solution disabling DTD:

SAXParserFactory spf = SAXParserFactory.newInstance();
 spf.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
 SAXParser parser = spf.newSAXParser();
 parser.parse(inputStream, customHandler);

Enabling patterns with Codacy

When new patterns are added, they’re disabled for already existing projects.

To enable them for a project first head to the project and hit “Code Patterns” on the top right corner. You’ll be able to filter the patterns by language or category:

selecting language for patterns

To enable the new patterns simply look for the “New” tag on them and hit their respective checkbox:

enabling patterns

If you’re interested, there’s also a “Fork pattern” button on the bottom right corner of the details of every Scala pattern.

fork pattern

Hitting this button will take you to our Beta Pattern Creator with the current pattern loaded; you can then edit it to create your own:

pattern creator - beta

Have fun, code well!

Edit: We just published an ebook: “The Ultimate Guide to Code Review” based on a survey of 680+ developers. Enjoy!

About Codacy

Codacy is used by thousands of developers to analyze billions of lines of code every day!

Getting started is easy – and free! Just use your  GitHub, Bitbucket or Google account to sign up.

GET STARTED

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Previous article8 more Scala security issues you should know about
Next articleCode Review vs. Testing

Subscribe to our newsletter

To be updated with all the latest news, offers and special announcements.

You may also like

Codacy News

2020, It’s a wrap! 🎊

Codacy - 0
Looking back at 2020, it has been a year of change and innovation for Codacy. We became fully remote and will continue to be,...
Read more
Codacy News

Free Codacy Pro account to fight COVID-19

Emily Hunt - 0
Our hearts go out to everyone who has been directly or indirectly impacted by the global coronavirus (COVID-19) pandemic. We are committed...
Read more
Codacy News

Spring tech events with Codacy: Coverage & what's next

Emily Hunt - 0
Although many Spring tech events are being canceled or turning virtual due to coronavirus we are fortunate to have already participated in...
Read more

Recent posts

7 drawbacks of linting tools

Best Practices Codacy - 0
Linting tools (also known as linters or static analyzers) help automate the code review process. They perform basic static code analysis by flagging programming...
Read more

Using the API to add Codacy Grade details to the Readme

Tutorials Helio Rocha - 0
Some context Codacy has a badge mechanism that can be included in your Readme file. It gives you an idea of the grade of your repository, from...
Read more

March Product Update: Support for Cloud Infrastructure-as-code, Custom Reports with API endpoints & more 🚀

Product Codacy - 0
Here are some fresh updates from March! This month we bring you a new product offering, new features, and product updates, interesting reads, and...
Read more

Top 10 ways to perform fast code review

Developer Codacy - 0
We always want to be fast at code review.. How frequent is it for you to be reviewing code at 3am? When code reviewing, do you...
Read more

Interview with Gary McKay, Somos’ Director of Agile Service Delivery

Product Codacy - 0
Somos is a proven leader in registry management and data solutions. Somos fosters meaningful connections by delivering value, innovation and confidence to consumers. We...
Read more

Automatically identify issues through static code review analysis. Get notified on security issues, code coverage, code duplication, and code complexity in every commit and pull request, directly from your current workflow.

Follow Us