The normal rules in PMD indicate how to define a variant, avoid dead loop, etc. These rules are too simple to use in commercial development. Now I want to add some 'security check' rules for java in PMD tool, such as sql injections, Non-Authorized access, logic bomb, etc.
and where can I find standard security rules for java?
Last edit: Andreas Dangel 2020-02-13
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The normal rules in PMD indicate how to define a variant, avoid dead loop, etc. These rules are too simple to use in commercial development. Now I want to add some 'security check' rules for java in PMD tool, such as sql injections, Non-Authorized access, logic bomb, etc.
and where can I find standard security rules for java?
Last edit: Andreas Dangel 2020-02-13
See https://pmd.github.io/latest/pmd_userdocs_extending_writing_pmd_rules.html and https://pmd.github.io/latest/pmd_userdocs_extending_writing_xpath_rules.html
There are only two rules categorized as security right now: https://pmd.github.io/latest/pmd_rules_java_security.html