{"meta":{"title":"针对代码质量的 Java CodeQL 查询","intro":"探索 CodeQL 用于分析 Java 编写的代码质量的查询。","product":"安全性和代码质量","breadcrumbs":[{"href":"/zh/code-security","title":"安全性和代码质量"},{"href":"/zh/code-security/reference","title":"Reference"},{"href":"/zh/code-security/reference/code-quality","title":"代码质量"},{"href":"/zh/code-security/reference/code-quality/codeql-queries","title":"CodeQL 查询"},{"href":"/zh/code-security/reference/code-quality/codeql-queries/java-queries","title":"Java 查询"}],"documentType":"article"},"body":"# 针对代码质量的 Java CodeQL 查询\n\n探索 CodeQL 用于分析 Java 编写的代码质量的查询。\n\nCode Quality 使用以下 CodeQL 查询来分析 Java 代码并检测代码质量问题：\n\n* 你的**默认分支**，结果显示在存储库的“常规发现”仪表板上\n* **拉取请求**，结果显示为由 `github-code-quality[bot]` 发表的评论\n\n尽可能为结果提供 Copilot自动修复 建议。\n\n<div class=\"ghd-tool rowheaders\">\n\n| 查询名称 | 类别 | Severity |\n| --- | --- | --- |\n| [访问不支持的 JDK 内部 API](https://codeql.github.com/codeql-query-help/java/java-jdk-internal-api-access/) | 可维护性 | 建议 |\n| [装箱变量从不为 null](https://codeql.github.com/codeql-query-help/java/java-non-null-boxed-variable/) | 可维护性 | 警告 |\n| [从抽象转换为具体集合](https://codeql.github.com/codeql-query-help/java/java-abstract-to-concrete-cast/) | 可维护性 | 警告 |\n| [类与超级类同名](https://codeql.github.com/codeql-query-help/java/java-class-name-matches-super-class/) | 可维护性 | 建议 |\n| [方法名称因为大写而混淆](https://codeql.github.com/codeql-query-help/java/java-confusing-method-name/) | 可维护性 | 建议 |\n| [方法重载导致混淆](https://codeql.github.com/codeql-query-help/java/java-confusing-method-signature/) | 可维护性 | 建议 |\n| [常量接口反模式](https://codeql.github.com/codeql-query-help/java/java-constants-only-interface/) | 可维护性 | 建议 |\n| [永远不会访问容器内容](https://codeql.github.com/codeql-query-help/java/java-unused-container/) | 可维护性 | 错误 |\n| [低效空字符串测试](https://codeql.github.com/codeql-query-help/java/java-inefficient-empty-string-test/) | 可维护性 | 建议 |\n| [低效的字符串构造函数](https://codeql.github.com/codeql-query-help/java/java-inefficient-string-constructor/) | 可维护性 | 建议 |\n| [内部类可以是静态的](https://codeql.github.com/codeql-query-help/java/java-non-static-nested-class/) | 可维护性 | 建议 |\n| [无法实现接口](https://codeql.github.com/codeql-query-help/java/java-unimplementable-interface/) | 可维护性 | 警告 |\n| [Javadoc 具有不可能的“抛出”标记](https://codeql.github.com/codeql-query-help/java/java-inconsistent-javadoc-throws/) | 可维护性 | 建议 |\n| [误导性缩进](https://codeql.github.com/codeql-query-help/java/java-misleading-indentation/) | 可维护性 | 警告 |\n| [缺少重写注释](https://codeql.github.com/codeql-query-help/java/java-missing-override-annotation/) | 可维护性 | 建议 |\n| [字符串文本中缺少空格](https://codeql.github.com/codeql-query-help/java/java-missing-space-in-concatenation/) | 可维护性 | 建议 |\n| [对类的所有公共方法进行模拟可能表明单元测试的范围过大](https://codeql.github.com/codeql-query-help/java/java-excessive-public-method-mocking/) | 可维护性 | 建议 |\n| [switch 语句中的非大小写标签](https://codeql.github.com/codeql-query-help/java/java-label-in-switch/) | 可维护性 | 建议 |\n| [非显式控件和空格字符](https://codeql.github.com/codeql-query-help/java/java-non-explicit-control-and-whitespace-chars-in-literals/) | 可维护性 | 警告 |\n| [可能混淆本地变量和字段变量](https://codeql.github.com/codeql-query-help/java/java-local-shadows-field/) | 可维护性 | 建议 |\n| [错误的 Javadoc @param 标记](https://codeql.github.com/codeql-query-help/java/java-unknown-javadoc-parameter/) | 可维护性 | 建议 |\n| [对继承方法的微妙调用](https://codeql.github.com/codeql-query-help/java/java-subtle-inherited-call/) | 可维护性 | 警告 |\n| [用作标识符的下划线](https://codeql.github.com/codeql-query-help/java/java-underscore-identifier/) | 可维护性 | 建议 |\n| [未读本地变量](https://codeql.github.com/codeql-query-help/java/java-local-variable-is-never-read/) | 可维护性 | 建议 |\n| [未使用的类和接口](https://codeql.github.com/codeql-query-help/java/java-unused-reference-type/) | 可维护性 | 建议 |\n| [未使用的格式参数](https://codeql.github.com/codeql-query-help/java/java-unused-format-argument/) | 可维护性 | 警告 |\n| [未使用的标签](https://codeql.github.com/codeql-query-help/java/java-unused-label/) | 可维护性 | 建议 |\n| [在生产代码中使用 VisibleForTesting](https://codeql.github.com/codeql-query-help/java/java-visible-for-testing-abuse/) | 可维护性 | 警告 |\n| [无用的“null”检查](https://codeql.github.com/codeql-query-help/java/java-useless-null-check/) | 可维护性 | 警告 |\n| [无用参数](https://codeql.github.com/codeql-query-help/java/java-unused-parameter/) | 可维护性 | 建议 |\n| [无用的 toString 调用在字符串上](https://codeql.github.com/codeql-query-help/java/java-useless-tostring-call/) | 可维护性 | 建议 |\n| [无用类型测试](https://codeql.github.com/codeql-query-help/java/java-useless-type-test/) | 可维护性 | 警告 |\n| [数组索引超出范围](https://codeql.github.com/codeql-query-help/java/java-index-out-of-bounds/) | Reliability | 错误 |\n| [传递给 StringBuffer 或 StringBuilder 构造函数的字符](https://codeql.github.com/codeql-query-help/java/java-string-buffer-char-init/) | Reliability | 错误 |\n| [相同值的比较](https://codeql.github.com/codeql-query-help/java/java-comparison-of-identical-expressions/) | Reliability | 错误 |\n| [常量循环条件](https://codeql.github.com/codeql-query-help/java/java-constant-loop-condition/) | Reliability | 警告 |\n| [容器内容永远不会初始化](https://codeql.github.com/codeql-query-help/java/java-empty-container/) | Reliability | 错误 |\n| [容器大小与零相比](https://codeql.github.com/codeql-query-help/java/java-test-for-negative-container-size/) | Reliability | 警告 |\n| [无法继续的 continue 语句](https://codeql.github.com/codeql-query-help/java/java-continue-in-false-loop/) | Reliability | 警告 |\n| [相互矛盾的类型检查](https://codeql.github.com/codeql-query-help/java/java-contradictory-type-checks/) | Reliability | 错误 |\n| [解引用表达式可能为 null](https://codeql.github.com/codeql-query-help/java/java-dereferenced-expr-may-be-null/) | Reliability | 警告 |\n| [解引用的变量始终为 null](https://codeql.github.com/codeql-query-help/java/java-dereferenced-value-is-always-null/) | Reliability | 错误 |\n| [取消引用的变量可能为 null](https://codeql.github.com/codeql-query-help/java/java-dereferenced-value-may-be-null/) | Reliability | 警告 |\n| [直接调用 run（） 方法](https://codeql.github.com/codeql-query-help/java/java-call-to-thread-run/) | Reliability | 建议 |\n| [请勿调用 `finalize()`](https://codeql.github.com/codeql-query-help/java/java-do-not-call-finalize/) | Reliability | 错误 |\n| [双重检查锁定不是线程安全的](https://codeql.github.com/codeql-query-help/java/java-unsafe-double-checked-locking/) | Reliability | 错误 |\n| [Equals 方法不检查参数类型](https://codeql.github.com/codeql-query-help/java/java-unchecked-cast-in-equals/) | Reliability | 错误 |\n| [与不可比类型相等](https://codeql.github.com/codeql-query-help/java/java-equals-on-unrelated-types/) | Reliability | 错误 |\n| [Equals 或 hashCode 在数组上的使用](https://codeql.github.com/codeql-query-help/java/java-equals-on-arrays/) | Reliability | 错误 |\n| [转义](https://codeql.github.com/codeql-query-help/java/java-escaping/) | Reliability | 警告 |\n| [公开内部表示形式](https://codeql.github.com/codeql-query-help/java/java-internal-representation-exposure/) | Reliability | 建议 |\n| [表达式始终计算结果为相同的值](https://codeql.github.com/codeql-query-help/java/java-evaluation-to-constant/) | Reliability | 警告 |\n| [没有 hashCode 定义的哈希值](https://codeql.github.com/codeql-query-help/java/java-hashing-without-hashcode/) | Reliability | 错误 |\n| [调用时被忽略的错误状态](https://codeql.github.com/codeql-query-help/java/java-ignored-error-status-of-call/) | Reliability | 建议 |\n| [在记录类中被忽略的序列化成员](https://codeql.github.com/codeql-query-help/java/java-ignored-serialization-member-of-record-class/) | Reliability | 警告 |\n| [从数组到字符串的隐式转换](https://codeql.github.com/codeql-query-help/java/java-print-array/) | Reliability | 建议 |\n| [不一致的等于和 hashCode](https://codeql.github.com/codeql-query-help/java/java-inconsistent-equals-and-hashcode/) | Reliability | 错误 |\n| [getter 和 setter 的同步不一致](https://codeql.github.com/codeql-query-help/java/java-unsynchronized-getter/) | Reliability | 错误 |\n| [低效的输出流](https://codeql.github.com/codeql-query-help/java/java-inefficient-output-stream/) | Reliability | 警告 |\n| [低效基元构造函数](https://codeql.github.com/codeql-query-help/java/java-inefficient-boxed-constructor/) | Reliability | 建议 |\n| [密钥集迭代器使用效率低下](https://codeql.github.com/codeql-query-help/java/java-inefficient-key-set-iterator/) | Reliability | 建议 |\n| [包装迭代器的可迭代对象](https://codeql.github.com/codeql-query-help/java/java-iterable-wraps-iterator/) | Reliability | 警告 |\n| [实现可迭代的迭代器](https://codeql.github.com/codeql-query-help/java/java-iterator-implements-iterable/) | Reliability | 警告 |\n| [左移超过类型宽度](https://codeql.github.com/codeql-query-help/java/java-lshift-larger-than-type-width/) | Reliability | 警告 |\n| [JUnit 5 内部测试类上缺少 `@Nested` 注释](https://codeql.github.com/codeql-query-help/java/java-junit5-missing-nested-annotation/) | Reliability | 警告 |\n| [缺少对 NumberFormatException 的捕获](https://codeql.github.com/codeql-query-help/java/java-uncaught-number-format-exception/) | Reliability | 建议 |\n| [缺少格式参数](https://codeql.github.com/codeql-query-help/java/java-missing-format-argument/) | Reliability | 错误 |\n| [构造函数中的非最终方法调用](https://codeql.github.com/codeql-query-help/java/java-non-final-call-in-constructor/) | Reliability | 错误 |\n| [同步方法的非同步重写](https://codeql.github.com/codeql-query-help/java/java-non-sync-override/) | Reliability | 警告 |\n| [不是线程安全的](https://codeql.github.com/codeql-query-help/java/java-not-threadsafe/) | Reliability | 警告 |\n| [潜在的数据库资源泄漏](https://codeql.github.com/codeql-query-help/java/java-database-resource-leak/) | Reliability | 警告 |\n| [潜在的输入资源泄漏](https://codeql.github.com/codeql-query-help/java/java-input-resource-leak/) | Reliability | 警告 |\n| [潜在的输出资源泄漏](https://codeql.github.com/codeql-query-help/java/java-output-resource-leak/) | Reliability | 警告 |\n| [双重检查锁定对象初始化中的竞态条件](https://codeql.github.com/codeql-query-help/java/java-unsafe-double-checked-locking-init-order/) | Reliability | 警告 |\n| [装箱类型的引用相等性测试](https://codeql.github.com/codeql-query-help/java/java-reference-equality-of-boxed-types/) | Reliability | 错误 |\n| [乘法结果转换为更宽类型](https://codeql.github.com/codeql-query-help/java/java-integer-multiplication-cast-to-long/) | Reliability | 警告 |\n| [安全发布](https://codeql.github.com/codeql-query-help/java/java-safe-publication/) | Reliability | 警告 |\n| [自我赋值](https://codeql.github.com/codeql-query-help/java/java-redundant-assignment/) | Reliability | 错误 |\n| [可疑日期格式](https://codeql.github.com/codeql-query-help/java/java-suspicious-date-format/) | Reliability | 警告 |\n| [在装箱类型或字符串上实现同步](https://codeql.github.com/codeql-query-help/java/java-sync-on-boxed-types/) | Reliability | 错误 |\n| [容器访问时的类型不匹配](https://codeql.github.com/codeql-query-help/java/java-type-mismatch-access/) | Reliability | 错误 |\n| [容器修改时的类型不匹配](https://codeql.github.com/codeql-query-help/java/java-type-mismatch-modification/) | Reliability | 错误 |\n| [无法访问 catch 子句](https://codeql.github.com/codeql-query-help/java/java-unreachable-catch-clause/) | Reliability | 警告 |\n| [使用第一个参数不是正则表达式的`String#replaceAll`](https://codeql.github.com/codeql-query-help/java/java-string-replace-all-with-non-regex/) | Reliability | 建议 |\n| [使用默认 toString（）](https://codeql.github.com/codeql-query-help/java/java-call-to-object-tostring/) | Reliability | 建议 |\n| [无用比较测试](https://codeql.github.com/codeql-query-help/java/java-constant-comparison/) | Reliability | 警告 |\n| [空格与运算符优先级相矛盾](https://codeql.github.com/codeql-query-help/java/java-whitespace-contradicts-precedence/) | Reliability | 警告 |\n| [错误的 NaN 比较](https://codeql.github.com/codeql-query-help/java/java-comparison-with-nan/) | Reliability | 错误 |\n| [零线程已设置为 `java.util.concurrent.ScheduledThreadPoolExecutor`](https://codeql.github.com/codeql-query-help/java/java-java-util-concurrent-scheduledthreadpoolexecutor/) | Reliability | 建议 |\n\n</div>"}