A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://github.com/pmd/pmd/issues/5788 below:

[apex] ApexCRUDViolation unable to detect insecure SOQL if it is a direct input argument · Issue #5788 · pmd/pmd · GitHub

Affects PMD Version: 7.13.0

Rule:

ApexCRUDViolation

Description:

The ApexCRUDViolation rule is failing to detect a violation if SOQL is passed in directly as an input argument instead of being on its own line.

Code Sample demonstrating the issue:

Although this code correctly reports a violation

public with sharing class Dummy {
    public void test() {
        Map<ID, Account> mapOfAccounts;
        List<Account> accountList = [
            SELECT Id, Name 
            FROM Account 
            WHERE Id IN :setOfAccountId
        ];
        mapOfAccounts = new Map<ID, Account>(accountList);
    }
}

the following does not:

public with sharing class Dummy {
    public void test() {
        Map<ID, Account> mapOfAccounts;
        mapOfAccounts = new Map<ID, Account>([
            SELECT Id, Name 
            FROM Account 
            WHERE Id IN :setOfAccountId
        ]);
    }
}

Expected outcome:

PMD should report a violation.

Running PMD through: [CLI | Ant | Maven | Gradle | Designer | Other]
CLI

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4