Java

Comprehensive static and semantic analysis for Java applications across security, performance, maintainability, and framework usage.

Features

• Security vulnerability pattern detection
• Performance & efficiency heuristics
• Code quality & design smell identification
• Framework‑specific rules (Spring, Hibernate, etc.)

Supported Versions

• Java 8+

Analysis Capabilities

Security

• Java CWE Standards
• SQL injection risks
• Cross‑Site Scripting (XSS) patterns
• Authentication / authorization misconfigurations

Code Quality

• Design/code smells
• Common anti‑patterns
• Best practice violations
• Maintainability concerns (complexity / duplication)

Performance

• Inefficient algorithm usage
• Memory leak indicators
• Resource management misuse (streams, I/O, JDBC)
• Concurrency issues (locking / threading hazards)

Coverage Support

• Java Code Coverage
• JaCoCo integration (XML/exec report parsing)
• Cobertura report ingestion

Related Documentation

• Java CWE
• Code Coverage

See Also

• See how to customize Java rules.
• Set up Java code coverage.