George Digkas · 9de26a88
--- a/technical-debt-toolbox-usage.md
+++ b/technical-debt-toolbox-usage.md
@@ -582,6 +582,41 @@ The response includes the cumulative interest of the project for each version. F
 ]
 ```

+{GET} [`<PROTOCOL>://<IP>:<PORT>/api/sdk4ed/nc/introducedNewIssues/{apache:commons-io}`](http://195.251.210.147:8989/api/sdk4ed/nc/introducedNewIssues/apache:commons-io)
+
+```
+[
+  {
+    "rank": 1,
+    "rule": "String literals should not be duplicated",
+    "description": "<p>Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.</p>\n<p>On the other hand, constants can be referenced from many places, but only need to be updated in a single place.</p>\n<h2>Noncompliant Code Example</h2>\n<p>With the default threshold of 3:</p>\n<pre>\npublic void run() {\n  prepare(\"action1\");                              // Noncompliant - \"action1\" is duplicated 3 times\n  execute(\"action1\");\n  release(\"action1\");\n}\n\n@SuppressWarning(\"all\")                            // Compliant - annotations are excluded\nprivate void method1() { /* ... */ }\n@SuppressWarning(\"all\")\nprivate void method2() { /* ... */ }\n\npublic String method3(String a) {\n  System.out.println(\"'\" + a + \"'\");               // Compliant - literal \"'\" has less than 5 characters and is excluded\n  return \"\";                                       // Compliant - literal \"\" has less than 5 characters and is excluded\n}\n</pre>\n<h2>Compliant Solution</h2>\n<pre>\nprivate static final String ACTION_1 = \"action1\";  // Compliant\n\npublic void run() {\n  prepare(ACTION_1);                               // Compliant\n  execute(ACTION_1);\n  release(ACTION_1);\n}\n</pre>\n<h2>Exceptions</h2>\n<p>To prevent generating some false-positives, literals having less than 5 characters are excluded.</p>",
+    "language": "java",
+    "count": 6
+  },
+  {
+    "rank": 2,
+    "rule": "Track uses of \"TODO\" tags",
+    "description": "<p><code>TODO</code> tags are commonly used to mark places where some more code is required, but which the developer wants to implement later.</p>\n<p>Sometimes the developer will not have the time or will simply forget to get back to that tag.</p>\n<p>This rule is meant to track those tags and to ensure that they do not go unnoticed.</p>\n<h2>Noncompliant Code Example</h2>\n<pre>\nvoid doSomething() {\n  // TODO\n}\n</pre>\n<h2>See</h2>\n<ul>\n  <li> <a href=\"http://cwe.mitre.org/data/definitions/546.html\">MITRE, CWE-546</a> - Suspicious Comment </li>\n</ul>",
+    "language": "java",
+    "count": 4
+  },
+  {
+    "rank": 3,
+    "rule": "\"throws\" declarations should not be superfluous",
+    "description": "<p>An exception in a <code>throws</code> declaration in Java is superfluous if it is:</p>\n<ul>\n  <li> listed multiple times </li>\n  <li> a subclass of another listed exception </li>\n  <li> a <code>RuntimeException</code>, or one of its descendants </li>\n  <li> completely unnecessary because the declared exception type cannot actually be thrown </li>\n</ul>\n<h2>Noncompliant Code Example</h2>\n<pre>\nvoid foo() throws MyException, MyException {}  // Noncompliant; should be listed once\nvoid bar() throws Throwable, Exception {}  // Noncompliant; Exception is a subclass of Throwable\nvoid baz() throws RuntimeException {}  // Noncompliant; RuntimeException can always be thrown\n</pre>\n<h2>Compliant Solution</h2>\n<pre>\nvoid foo() throws MyException {}\nvoid bar() throws Throwable {}\nvoid baz() {}\n</pre>\n<h2>Exceptions</h2>\n<p>The rule will not raise any issue for exceptions that cannot be thrown from the method body:</p>\n<ul>\n  <li> in overriding and implementation methods </li>\n  <li> in interface <code>default</code> methods </li>\n  <li> in non-private methods that only <code>throw</code>, have empty bodies, or a single return statement . </li>\n  <li> in overridable methods (non-final, or not member of a final class, non-static, non-private), if the exception is documented with a proper\n  javadoc. </li>\n</ul>\n<pre>\nclass A extends B {\n  @Override\n  void doSomething() throws IOException {\n    compute(a);\n  }\n\n  public void foo() throws IOException {}\n\n  protected void bar() throws IOException {\n    throw new UnsupportedOperationException(\"This method should be implemented in subclasses\");\n  }\n\n  Object foobar(String s) throws IOException {\n    return null;\n  }\n\n  /**\n   * @throws IOException Overriding classes may throw this exception if they print values into a file\n   */\n  protected void print() throws IOException { // no issue, method is overridable and the exception has proper javadoc\n    System.out.println(\"foo\");\n  }\n}\n</pre>",
+    "language": "java",
+    "count": 2
+  },
+  {
+    "rank": 4,
+    "rule": "Mutable fields should not be \"public static\"",
+    "description": "<p>There is no good reason to have a mutable object as the <code>public</code> (by default), <code>static</code> member of an <code>interface</code>.\nSuch variables should be moved into classes and their visibility lowered. </p>\n<p>Similarly, mutable <code>static</code> members of classes and enumerations which are accessed directly, rather than through getters and setters,\nshould be protected to the degree possible. That can be done by reducing visibility or making the field <code>final</code> if appropriate. </p>\n<p>Note that making a mutable field, such as an array, <code>final</code> will keep the variable from being reassigned, but doing so has no effect on\nthe mutability of the internal state of the array (i.e. it doesn't accomplish the goal).</p>\n<p>This rule raises issues for <code>public static</code> array, <code>Collection</code>, <code>Date</code>, and <code>awt.Point</code> members.</p>\n<h2>Noncompliant Code Example</h2>\n<pre>\npublic interface MyInterface {\n  public static String [] strings; // Noncompliant\n}\n\npublic class A {\n  public static String [] strings1 = {\"first\",\"second\"};  // Noncompliant\n  public static String [] strings2 = {\"first\",\"second\"};  // Noncompliant\n  public static List&lt;String&gt; strings3 = new ArrayList&lt;&gt;();  // Noncompliant\n  // ...\n}\n</pre>\n<h2>See</h2>\n<ul>\n  <li> <a href=\"http://cwe.mitre.org/data/definitions/582.html\">MITRE, CWE-582</a> - Array Declared Public, Final, and Static </li>\n  <li> <a href=\"http://cwe.mitre.org/data/definitions/607.html\">MITRE, CWE-607</a> - Public Static Final Field References Mutable Object </li>\n  <li> <a href=\"https://www.securecoding.cert.org/confluence/x/rwBc\">CERT, OBJ01-J.</a> - Limit accessibility of fields </li>\n  <li> <a href=\"https://www.securecoding.cert.org/confluence/x/JQLEAw\">CERT, OBJ13-J.</a> - Ensure that references to mutable objects are not exposed\n  </li>\n</ul>",
+    "language": "java",
+    "count": 2
+  }
+]
+```
+
 ## Design-Level Refactorings Service

 **End Points - URLS**