...
- Violation of the guideline is likely to result in a defect that may adversely affect the safety, reliability, or security of a system, for example, by introducing a security flaw that may result in an exploitable vulnerability.
- The guideline does not rely on source code annotations or assumptions.
- Conformance to the guideline can be determined through automated analysis (either static or dynamic), formal methods, or manual inspection techniques.
Rules are identified by the label rule.
Recommendations
Recommendations are suggestions for improving code quality. Guidelines are defined to be recommendations when all of the following conditions are met:
...
The set of recommendations that a particular development effort adopts depends on the requirements of the final software product. Projects with stricter requirements may decide to dedicate more resources to ensuring the safety, reliability, and security of a system and consequently are likely to adopt a broader set of recommendations.Recommendations are identified by the label recommendation.
Noncompliant Code Examples and Compliant Solutions
...