-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[apex] ApexCRUDViolationRule not reporting for Database.query #2628
Comments
Will confirm this issue still exists in If someone can point me in a direction i can attempt to resolve |
Thanks for volunteering. I'm happy to give you some pointers. This is the switch were different pmd/pmd-apex/src/main/java/net/sourceforge/pmd/lang/apex/rule/security/ApexCRUDViolationRule.java Lines 203 to 231 in 37de19f
You would have to add the cases for those methods and check the type of operation. As these are read only methods, all checks should be as The add proper test cases. You can follow this PR as a general guide #3201 For what I see in the documentation you linked though, there are plenty more methods still unmaped. |
Affects PMD 7.0.0
Rule: ApexCRUDViolation
Description:
The ApexCRUDViolation rule does not report on potential CRUD violations if they are using the Database library to perform queries or DML, for example: Contact c = Database.query('SELECT Name FROM Contact');
The following methods are not yet considered by this rule:
Database.countQuery(String query)
Database.getQueryLocator(String query)
Database.query(String queryString)
See https://developer.salesforce.com/docs/atlas.en-us.apexref.meta/apexref/apex_methods_system_database.htm for full API doc.
The text was updated successfully, but these errors were encountered: