Skip to content

v1.5.0

Latest
Latest

Choose a tag to compare

View all tags
@ashhem ashhem released this 10 Apr 07:18
v1.5.0
e72dce6

v1.5.0 — Added basic SQL Quality Analysis

Adds SQL performance anti-pattern detection with 2 new rules, reported in a dedicated section separate from security findings.

What's New

SQL Quality Rules

  • CX-SQLQ-001 — SQL Anti-Patterns: Detects common SQL anti-patterns in query strings:

    • SELECT * — fetches unnecessary columns
    • UPDATE/DELETE without WHERE — modifies/deletes all rows
    • LIKE with leading wildcard ('%...') — prevents index usage
    • ORDER BY without LIMIT — sorts entire result set
    • SELECT DISTINCT — often hides a bad JOIN
    • OR in WHERE clause — may prevent index usage

  • CX-SQLQ-002 — Inefficient Data Access: Detects Java-level data access anti-patterns:

    • N+1 queries — executeQuery()/findById() inside loops
    • findAll() + stream().filter() — fetches all then filters in Java
    • @OneToMany(fetch = EAGER) — loads entire related collection on every query
    • Unbounded queries — SELECT without LIMIT or WHERE

Report Changes

  • New SQL Quality section in the HTML report, separate from SAST security findings
  • Uses "Current Pattern" / "Recommended" labels instead of "Vulnerable Pattern" / "Secure Alternative"

Rule Summary

Category Count
Security (SAST) 14
SQL Quality 2 (new)
Total 16

Quick Start

Download codescanutil-1.5.0.jar from the assets below, then:

java -jar codescanutil-1.5.0.jar /path/to/your/java/project

SQL quality rules run automatically — no additional flags needed.

Requirements

  • Java 17+
Assets 3
Loading