-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[apex] Rule priorities don't conform to guidelines #3926
Comments
To be honest, I think also for the java rules, the priorities there are not always "correct". I guess we mostly use 3 - which is the golden mean - and don't think too much about it. I agree though, that the priorities could have a much "saner" default value. |
Maybe we should use 3 consistently in all category rulesets? I think the end user should be in charge here |
@oowekyala very pragmatic approach which I like. Also tool-wise a good idea as IDEs like Illuminated Cloud or VS Code ApexPMD show yellow lines for prior 3 and nothing for below numbers. Red for 1. I think yellow for PMD issues is good and people can then customize security category to be red and 1. |
@jfeingold35 @oowekyala @adangel any decision made here? Why not really make everything a 3. |
Discussed in #3911
Originally posted by jfeingold35 April 14, 2022
The priorities assigned to Apex rules don't seem correct to me.
E.g.,
ClassNamingConventions
is a code style rule whose priority is 1 (the highest value), as areFieldNamingConventions
, andFormalParameterNamingConventions
, while security rules likeApexCRUDViolation
,ApexInsecureEndpoint
, andApexSharingViolations
all have priority 3, which is the lowest value.Is this intentional? If so, what's the historical reason for this being the case?
To provide more clarity here: The security rules all have priority
3
, while code style rules such as those around naming conventions have priorities of1
.Based on the guidelines around rule priorities, it seems like security rules should be priority
1
or2
("Change absolutely required"/"Change highly recommended"), and code style rules should be either3
,4
, or5
("Change recommended"/"Change optional"/"Change highly optional").At the very least, it seems like reducing the priority of code style rules so it's below that of security rules would provide the most helpful output to users.
The text was updated successfully, but these errors were encountered: