From b030d985aec7370e9768c790b5ada520b41cb0de Mon Sep 17 00:00:00 2001 From: denis-troller Date: Mon, 29 Sep 2025 20:28:12 +0000 Subject: [PATCH 1/5] Create rule S8129 --- rules/S8129/apex/metadata.json | 25 +++++++++++++++++++ rules/S8129/apex/rule.adoc | 44 ++++++++++++++++++++++++++++++++++ rules/S8129/metadata.json | 2 ++ 3 files changed, 71 insertions(+) create mode 100644 rules/S8129/apex/metadata.json create mode 100644 rules/S8129/apex/rule.adoc create mode 100644 rules/S8129/metadata.json diff --git a/rules/S8129/apex/metadata.json b/rules/S8129/apex/metadata.json new file mode 100644 index 00000000000..7d9fc8d4f5e --- /dev/null +++ b/rules/S8129/apex/metadata.json @@ -0,0 +1,25 @@ +{ + "title": "FIXME", + "type": "CODE_SMELL", + "status": "ready", + "remediation": { + "func": "Constant\/Issue", + "constantCost": "5min" + }, + "tags": [ + ], + "defaultSeverity": "Major", + "ruleSpecification": "RSPEC-8129", + "sqKey": "S8129", + "scope": "All", + "defaultQualityProfiles": ["Sonar way"], + "quickfix": "unknown", + "code": { + "impacts": { + "MAINTAINABILITY": "HIGH", + "RELIABILITY": "MEDIUM", + "SECURITY": "LOW" + }, + "attribute": "CONVENTIONAL" + } +} diff --git a/rules/S8129/apex/rule.adoc b/rules/S8129/apex/rule.adoc new file mode 100644 index 00000000000..3edb7d8d0d2 --- /dev/null +++ b/rules/S8129/apex/rule.adoc @@ -0,0 +1,44 @@ +FIXME: add a description + +// If you want to factorize the description uncomment the following line and create the file. +//include::../description.adoc[] + +== Why is this an issue? + +FIXME: remove the unused optional headers (that are commented out) + +//=== What is the potential impact? + +== How to fix it +//== How to fix it in FRAMEWORK NAME + +=== Code examples + +==== Noncompliant code example + +[source,apex,diff-id=1,diff-type=noncompliant] +---- +FIXME +---- + +==== Compliant solution + +[source,apex,diff-id=1,diff-type=compliant] +---- +FIXME +---- + +//=== How does this work? + +//=== Pitfalls + +//=== Going the extra mile + + +//== Resources +//=== Documentation +//=== Articles & blog posts +//=== Conference presentations +//=== Standards +//=== External coding guidelines +//=== Benchmarks diff --git a/rules/S8129/metadata.json b/rules/S8129/metadata.json new file mode 100644 index 00000000000..2c63c085104 --- /dev/null +++ b/rules/S8129/metadata.json @@ -0,0 +1,2 @@ +{ +} From 2fcf2ce88051cfecaea585d80d66fd2c4ab0df35 Mon Sep 17 00:00:00 2001 From: denis-troller Date: Mon, 29 Sep 2025 22:30:37 +0200 Subject: [PATCH 2/5] Update rules/S8129/apex/rule.adoc in PR #5662 --- rules/S8129/apex/rule.adoc | 53 ++++++++++++++++++++++++-------------- 1 file changed, 34 insertions(+), 19 deletions(-) diff --git a/rules/S8129/apex/rule.adoc b/rules/S8129/apex/rule.adoc index 3edb7d8d0d2..b9dc29060c4 100644 --- a/rules/S8129/apex/rule.adoc +++ b/rules/S8129/apex/rule.adoc @@ -1,16 +1,28 @@ -FIXME: add a description - -// If you want to factorize the description uncomment the following line and create the file. -//include::../description.adoc[] +This rule raises an issue when a SOQL query contains hardcoded date or datetime literals in WHERE clauses instead of using bind variables or dynamic date calculations. == Why is this an issue? -FIXME: remove the unused optional headers (that are commented out) +Hardcoded date literals in SOQL queries create several maintenance and flexibility problems. + +When you write dates directly in your queries like `2025-06-01T00:00:00Z`, you're creating code that only works for that specific time period. This approach has significant drawbacks: + +**Inflexibility**: The query can only retrieve data for the exact dates you specified. If you need to query different time periods, you must modify the code each time. + +**Maintenance burden**: Every time you want to analyze data for a different month, quarter, or year, you need to update the hardcoded values and redeploy your code. + +**Testing challenges**: It becomes difficult to test your code with different date ranges or to create comprehensive test scenarios that cover various time periods. -//=== What is the potential impact? +**Business logic coupling**: Your data access logic becomes tightly coupled to specific dates, making it harder to reuse the same query logic for different business scenarios. + +SOQL provides powerful mechanisms like bind variables and built-in date functions that make queries dynamic and adaptable. Using these features keeps your code flexible and maintainable. + +=== What is the potential impact? + +Hardcoded date literals make code inflexible and increase maintenance overhead. Every time you need to query different time periods, you must modify and redeploy the code. This approach also makes testing more difficult and couples your queries to specific dates rather than business logic. == How to fix it -//== How to fix it in FRAMEWORK NAME + +Replace hardcoded date literals with bind variables that reference dynamic date calculations or variables. Use Apex Date and DateTime methods to calculate dates dynamically based on current time or business requirements. === Code examples @@ -18,27 +30,30 @@ FIXME: remove the unused optional headers (that are commented out) [source,apex,diff-id=1,diff-type=noncompliant] ---- -FIXME +SELECT UserId, COUNT(Id) loginCount +FROM LoginHistory +WHERE LoginTime >= 2025-06-01T00:00:00Z AND LoginTime <= 2025-06-30T23:59:59Z // Noncompliant +GROUP BY UserId ---- ==== Compliant solution [source,apex,diff-id=1,diff-type=compliant] ---- -FIXME +Date startDate = Date.today().toStartOfMonth(); +Date endDate = Date.today(); +SELECT UserId, COUNT(Id) loginCount +FROM LoginHistory +WHERE LoginTime >= :startDate AND LoginTime <= :endDate +GROUP BY UserId ---- -//=== How does this work? +== Resources -//=== Pitfalls +=== Documentation -//=== Going the extra mile + * SOQL Date Formats and Date Literals - https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select_dateformats.htm[Official Salesforce documentation on date formats and literals in SOQL queries] + * Apex Date and Datetime Methods - https://developer.salesforce.com/docs/atlas.en-us.apexref.meta/apexref/apex_methods_system_date.htm[Reference for Apex Date and DateTime class methods for dynamic date calculations] -//== Resources -//=== Documentation -//=== Articles & blog posts -//=== Conference presentations -//=== Standards -//=== External coding guidelines -//=== Benchmarks + * SOQL Bind Variables - https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select_variables.htm[Documentation on using bind variables in SOQL queries] From 65ac8829cfbb3c8851865c656272787aa4ed0bd3 Mon Sep 17 00:00:00 2001 From: denis-troller Date: Mon, 29 Sep 2025 22:30:40 +0200 Subject: [PATCH 3/5] Update rules/S8129/apex/metadata.json in PR #5662 --- rules/S8129/apex/metadata.json | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/rules/S8129/apex/metadata.json b/rules/S8129/apex/metadata.json index 7d9fc8d4f5e..d84f424e348 100644 --- a/rules/S8129/apex/metadata.json +++ b/rules/S8129/apex/metadata.json @@ -1,25 +1,27 @@ { - "title": "FIXME", + "title": "SOQL queries should not contain hardcoded date literals", "type": "CODE_SMELL", "status": "ready", "remediation": { - "func": "Constant\/Issue", - "constantCost": "5min" + "func": "Constant/Issue", + "constantCost": "5 min" }, "tags": [ + "soql", + "salesforce" ], - "defaultSeverity": "Major", + "defaultSeverity": "Blocker", "ruleSpecification": "RSPEC-8129", "sqKey": "S8129", - "scope": "All", - "defaultQualityProfiles": ["Sonar way"], + "scope": "Main", + "defaultQualityProfiles": [ + "Sonar way" + ], "quickfix": "unknown", "code": { "impacts": { - "MAINTAINABILITY": "HIGH", - "RELIABILITY": "MEDIUM", - "SECURITY": "LOW" + "MAINTAINABILITY": "BLOCKER" }, "attribute": "CONVENTIONAL" } -} +} \ No newline at end of file From 895b0e1d82a8ddb050e024faf21ce291c999e843 Mon Sep 17 00:00:00 2001 From: yassin-kammoun-sonarsouce Date: Mon, 13 Oct 2025 11:29:22 +0200 Subject: [PATCH 4/5] Update metadata and description --- rules/S8129/apex/metadata.json | 6 +++--- rules/S8129/apex/rule.adoc | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/rules/S8129/apex/metadata.json b/rules/S8129/apex/metadata.json index d84f424e348..300f13fe235 100644 --- a/rules/S8129/apex/metadata.json +++ b/rules/S8129/apex/metadata.json @@ -10,7 +10,7 @@ "soql", "salesforce" ], - "defaultSeverity": "Blocker", + "defaultSeverity": "Major", "ruleSpecification": "RSPEC-8129", "sqKey": "S8129", "scope": "Main", @@ -20,8 +20,8 @@ "quickfix": "unknown", "code": { "impacts": { - "MAINTAINABILITY": "BLOCKER" + "MAINTAINABILITY": "HIGH" }, "attribute": "CONVENTIONAL" } -} \ No newline at end of file +} diff --git a/rules/S8129/apex/rule.adoc b/rules/S8129/apex/rule.adoc index b9dc29060c4..741a2be0a17 100644 --- a/rules/S8129/apex/rule.adoc +++ b/rules/S8129/apex/rule.adoc @@ -4,7 +4,7 @@ This rule raises an issue when a SOQL query contains hardcoded date or datetime Hardcoded date literals in SOQL queries create several maintenance and flexibility problems. -When you write dates directly in your queries like `2025-06-01T00:00:00Z`, you're creating code that only works for that specific time period. This approach has significant drawbacks: +When you write dates directly in your queries like ``++2025-06-01T00:00:00Z++``, you're creating code that only works for that specific time period. This approach has significant drawbacks: **Inflexibility**: The query can only retrieve data for the exact dates you specified. If you need to query different time periods, you must modify the code each time. From fd63c9d384a0282bc8a13bf04c77dc253d5bae97 Mon Sep 17 00:00:00 2001 From: yassin-kammoun-sonarsouce Date: Tue, 14 Oct 2025 10:01:55 +0200 Subject: [PATCH 5/5] Fix link --- rules/S8129/apex/rule.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules/S8129/apex/rule.adoc b/rules/S8129/apex/rule.adoc index 741a2be0a17..a85447b7c85 100644 --- a/rules/S8129/apex/rule.adoc +++ b/rules/S8129/apex/rule.adoc @@ -56,4 +56,4 @@ GROUP BY UserId * Apex Date and Datetime Methods - https://developer.salesforce.com/docs/atlas.en-us.apexref.meta/apexref/apex_methods_system_date.htm[Reference for Apex Date and DateTime class methods for dynamic date calculations] - * SOQL Bind Variables - https://developer.salesforce.com/docs/atlas.en-us.soql_sosl.meta/soql_sosl/sforce_api_calls_soql_select_variables.htm[Documentation on using bind variables in SOQL queries] + * SOQL Bind Variables - https://developer.salesforce.com/docs/atlas.en-us.apexcode.meta/apexcode/langCon_apex_SOQL_variables.htm[Documentation on using bind variables in SOQL queries]