Software ResiliencyProgramming Best Practices
Production Risk
How we detect
Why you should care
A static or unqualified report is found in the JSP which is analogous to normal import declaration. The report is unqualified after adding a star(*) at the end of the import statement.
However the issue with the unqualified report is that they make one’s program unreadable impacting all the members that are imported as well. All static or unqualified members from a class can be particularly harmful to readability.
However the issue with the unqualified report is that they make one’s program unreadable impacting all the members that are imported as well. All static or unqualified members from a class can be particularly harmful to readability.
Business Impacts
A static or unqualified report is a risky contributor to a JSP script causing readability issues.
CAST Recommendations
How we detect
This code insight shows that having unqualified (i.e. imports finishing with .*) means that potentially every Class in the Package imported could be accessed.
Example of an unqualified import: Import com.castsoftware.product.*
Example of an unqualified import: Import com.castsoftware.product.*
About CAST and Highlight’s Code Insights
Over the last 25 years, CAST has leveraged unique knowledge on software quality measurement by analyzing thousands of applications and billions of lines of code. Based on this experience and community standards on programming best practices, Highlight implements hundreds of code insights across 15+ technologies to calculate health factors of a software.
See featuresHow it works