QP21 Java Style Guide Presence
What this means
SiteShadow flagged missing Java style configuration (Checkstyle/Spotless/formatter config) or missing enforcement signals.
Why it matters
Style configuration enforces consistent code practices.
- Noisy diffs hide logic changes during review.
- Inconsistent patterns make security auditing harder.
- Higher defect rate as codebase grows without guardrails.
Safer examples
1) Add a Java formatter / style tool
Use Checkstyle/Spotless/Google Java Format, and commit the config.
2) Enforce style in CI
Fail builds when formatting/lint checks fail (see QP02 / QP15).
3) Keep rules consistent across modules
In multi-module projects, share a single config to avoid drift.
How SiteShadow detects it (high level)
- Detects absence of common Java style config and enforcement in build/CI workflows.
- Flags Java repos where code quality gates appear missing.
References
- OWASP Top 10: https://owasp.org/Top10/
---