diff --git a/rules/S107/description.adoc b/rules/S107/description.adoc index 41b94db167..46dbd0516c 100644 --- a/rules/S107/description.adoc +++ b/rules/S107/description.adoc @@ -1,6 +1,6 @@ == Why is this an issue? -{upper_function}s with a long parameter list are difficult to use, as maintainers must figure out the role of each parameter and keep track of their position. +{upper_function}s with a long parameter list are difficult to use because maintainers must figure out the role of each parameter and keep track of their position. include::{language}/noncompliant.adoc[] diff --git a/rules/S1135/description.adoc b/rules/S1135/description.adoc index 9c54679395..50749c87ca 100644 --- a/rules/S1135/description.adoc +++ b/rules/S1135/description.adoc @@ -1,7 +1,7 @@ Developers often use `TODO` tags to mark areas in the code where additional work or improvements are needed but are not implemented immediately. However, these `TODO` tags sometimes get overlooked or forgotten, leading to incomplete or unfinished code. -This code smell class aims to identify and address such unattended `TODO` tags to ensure a clean and maintainable codebase. -This description will explore why this is a problem and how it can be fixed to improve the overall code quality. +This rule aims to identify and address unattended `TODO` tags to ensure a clean and maintainable codebase. +This description explores why this is a problem and how it can be fixed to improve the overall code quality. === What is the potential impact? @@ -16,7 +16,7 @@ Delayed bug fixes can result in more severe issues and increase the effort requi Impact on Collaboration: In team-based development environments, unattended `TODO` tags can hinder collaboration. Other team members might not be aware of the intended changes, leading to conflicts or redundant efforts in the codebase. -Codebase Bloat: Accumulation of unattended `TODO` tags over time can clutter the codebase and make it difficult to distinguish between work in progress and completed code. +Codebase Bloat: The accumulation of unattended `TODO` tags over time can clutter the codebase and make it difficult to distinguish between work in progress and completed code. This bloat can make it challenging to maintain an organized and efficient codebase. Addressing this code smell is essential to ensure a maintainable, readable, reliable codebase and promote effective collaboration among developers. diff --git a/rules/S3776/why.adoc b/rules/S3776/why.adoc index 801c6091c5..7aa18e859e 100644 --- a/rules/S3776/why.adoc +++ b/rules/S3776/why.adoc @@ -9,8 +9,8 @@ As a rule of thumb, high cognitive complexity is a sign that the code should be Here are the core concepts: * **Cognitive complexity is incremented each time the code breaks the normal linear reading flow.** + -This concerns, for example: Loop structures, Conditionals, Catches, Switches, Jumps to label and mixed operators in condition. -* **Each nesting level adds a malus to the breaking call.** + +This concerns, for example, loop structures, conditionals, catches, switches, jumps to labels, and conditions mixing multiple operators. +* **Each nesting level increases complexity.** + During code reading, the deeper you go through nested layers, the harder it becomes to keep the context in mind. * **Method calls are free** + A well-picked method name is a summary of multiple lines of code. diff --git a/rules/S4830/impact.adoc b/rules/S4830/impact.adoc index 1a8171f823..8b5eb44432 100644 --- a/rules/S4830/impact.adoc +++ b/rules/S4830/impact.adoc @@ -9,7 +9,7 @@ threats. If a system does not validate certificates, it cannot confirm the identity of the other party involved in the communication. An attacker can exploit this by -creating a fake server and masquerading it as a legitimate one. For example, +creating a fake server and masquerading as a legitimate one. For example, they might set up a server that looks like your bank's server, tricking your system into thinking it is communicating with the bank. This scenario, called identity spoofing, allows the attacker to collect any data your system sends diff --git a/rules/S4830/rationale.adoc b/rules/S4830/rationale.adoc index eff17e095f..060eea5857 100644 --- a/rules/S4830/rationale.adoc +++ b/rules/S4830/rationale.adoc @@ -1,9 +1,9 @@ Transport Layer Security (TLS) provides secure communication between systems -over the internet by encrypting the data sent between them. The role of -certificate validation in this process is to ensure that a system is indeed the -one it claims to be, adding an extra layer of trust and security. +over the internet by encrypting the data sent between them. Certificate validation +adds an extra layer of trust and security to this process to ensure that a system +is indeed the one it claims to be. -When certificate validation is disabled, the client skips this critical check. +When certificate validation is disabled, the client skips a critical security check. This creates an opportunity for attackers to pose as a trusted entity and intercept, manipulate, or steal the data being transmitted.