Android Lint 检查项目列表

Correctness

AdapterViewChildren

Summary: AdapterViews cannot have children in XML

Priority: 10 / 10
Severity: Warning
Category: Correctness

AdapterViews such as ListViews must be configured with data from Java code,
such as a ListAdapter.

More information:
http://developer.android.com/reference/android/widget/AdapterView.html

OnClick

Summary: onClick method does not exist

Priority: 10 / 10
Severity: Error
Category: Correctness

The onClick attribute value should be the name of a method in this View's
context to invoke when the view is clicked. This name must correspond to a
public method that takes exactly one parameter of type View.

Must be a string value, using ';' to escape characters such as '\n' or
'\uxxxx' for a unicode character.

StopShip

Summary: Code contains STOPSHIP marker

Priority: 10 / 10
Severity: Warning
Category: Correctness
NOTE: This issue is disabled by default!
You can enable it by adding --enable StopShip

Using the comment // STOPSHIP can be used to flag code that is incomplete but
checked in. This comment marker can be used to indicate that the code should
not be shipped until the issue is addressed, and lint will look for these.

MissingPermission

Summary: Missing Permissions

Priority: 9 / 10
Severity: Error
Category: Correctness

This check scans through your code and libraries and looks at the APIs being
used, and checks this against the set of permissions required to access those
APIs. If the code using those APIs is called at runtime, then the program will
crash.

Furthermore, for permissions that are revocable (with targetSdkVersion 23),
client code must also be prepared to handle the calls throwing an exception if
the user rejects the request for permission at runtime.

MissingSuperCall

Summary: Missing Super Call

Priority: 9 / 10
Severity: Error
Category: Correctness

Some methods, such as View#onDetachedFromWindow, require that you also call
the super implementation as part of your method.

ResAuto

Summary: Hardcoded Package in Namespace

Priority: 9 / 10
Severity: Fatal
Category: Correctness

In Gradle projects, the actual package used in the final APK can vary; for
example,you can add a .debug package suffix in one version and not the other.
Therefore, you should not hardcode the application package in the resource;
instead, use the special namespace http://schemas.android.com/apk/res-auto
which will cause the tools to figure out the right namespace for the resource
regardless of the actual package used during the build.

SuspiciousImport

Summary: 'import android.R' statement

Priority: 9 / 10
Severity: Warning
Category: Correctness

Importing android.R is usually not intentional; it sometimes happens when you
use an IDE and ask it to automatically add imports at a time when your
project's R class it not present.

Once the import is there you might get a lot of "confusing" error messages
because of course the fields available on android.R are not the ones you'd
expect from just looking at your own R class.

UsesMinSdkAttributes

Summary: Minimum SDK and target SDK attributes not defined

Priority: 9 / 10
Severity: Warning
Category: Correctness

The manifest should contain a <uses-sdk> element which defines the minimum API
Level required for the application to run, as well as the target version (the
highest API level you have tested the version for.)

More information:
http://developer.android.com/guide/topics/manifest/uses-sdk-element.html

WrongViewCast

Summary: Mismatched view type

Priority: 9 / 10
Severity: Fatal
Category: Correctness

Keeps track of the view types associated with ids and if it finds a usage of
the id in the Java code it ensures that it is treated as the same type.

AaptCrash

Summary: Potential AAPT crash

Priority: 8 / 10
Severity: Fatal
Category: Correctness

Defining a style which sets android:id to a dynamically generated id can cause
many versions of aapt, the resource packaging tool, to crash. To work around
this, declare the id explicitly with <item type="id" name="..." /> instead.

More information:
https://code.google.com/p/android/issues/detail?id=20479

GradleCompatible

Summary: Incompatible Gradle Versions

Priority: 8 / 10
Severity: Error
Category: Correctness

There are some combinations of libraries, or tools and libraries, that are
incompatible, or can lead to bugs. One such incompatibility is compiling with
a version of the Android support libraries that is not the latest version (or
in particular, a version lower than your targetSdkVersion.)

GradlePluginVersion

Summary: Incompatible Android Gradle Plugin

Priority: 8 / 10
Severity: Error
Category: Correctness

Not all versions of the Android Gradle plugin are compatible with all versions
of the SDK. If you update your tools, or if you are trying to open a project
that was built with an old version of the tools, you may need to update your
plugin version number.

IllegalResourceRef

Summary: Name and version must be integer or string, not resource

Priority: 8 / 10
Severity: Warning
Category: Correctness

For the versionCode attribute, you have to specify an actual integer literal;
you cannot use an indirection with a @dimen/name resource. Similarly, the
versionName attribute should be an actual string, not a string resource url.

MergeMarker

Summary: Code contains merge marker

Priority: 8 / 10
Severity: Error
Category: Correctness

Many version control systems leave unmerged files with markers such as <<< in
the source code. This check looks for these markers, which are sometimes
accidentally left in, particularly in resource files where they don't break
compilation.

MissingLeanbackLauncher

Summary: Missing Leanback Launcher Intent Filter.

Priority: 8 / 10
Severity: Error
Category: Correctness

An application intended to run on TV devices must declare a launcher activity
for TV in its manifest using a android.intent.category.LEANBACK_LAUNCHER
intent filter.

More information:
https://developer.android.com/training/tv/start/start.html#tv-activity

MissingRegistered

Summary: Missing registered class

Priority: 8 / 10
Severity: Error
Category: Correctness

If a class is referenced in the manifest or in a layout file, it must also
exist in the project (or in one of the libraries included by the project. This
check helps uncover typos in registration names, or attempts to rename or move
classes without updating the manifest file properly.

More information:
http://developer.android.com/guide/topics/manifest/manifest-intro.html

MockLocation

Summary: Using mock location provider in production

Priority: 8 / 10
Severity: Fatal
Category: Correctness

Using a mock location provider (by requiring the permission
android.permission.ACCESS_MOCK_LOCATION) should only be done in debug builds
(or from tests). In Gradle projects, that means you should only request this
permission in a test or debug source set specific manifest file.

To fix this, create a new manifest file in the debug folder and move the
<uses-permission> element there. A typical path to a debug manifest override
file in a Gradle project is src/debug/AndroidManifest.xml.

NamespaceTypo

Summary: Misspelled namespace declaration

Priority: 8 / 10
Severity: Fatal
Category: Correctness

Accidental misspellings in namespace declarations can lead to some very
obscure error messages. This check looks for potential misspellings to help
track these down.

NotInterpolated

Summary: Incorrect Interpolation

Priority: 8 / 10
Severity: Error
Category: Correctness

To insert the value of a variable, you can use ${variable} inside a string
literal, but only if you are using double quotes!

More information:
http://www.groovy-lang.org/syntax.html#_string_interpolation

PendingBindings

Summary: Missing Pending Bindings

Priority: 8 / 10
Severity: Error
Category: Correctness

When using a ViewDataBinding in a onBindViewHolder method, you must call
executePendingBindings() before the method exits; otherwise the data binding
runtime will update the UI in the next animation frame causing a delayed
update and potential jumps if the item resizes.

Proguard

Summary: Using obsolete ProGuard configuration

Priority: 8 / 10
Severity: Fatal
Category: Correctness

Using -keepclasseswithmembernames in a proguard config file is not correct; it
can cause some symbols to be renamed which should not be.
Earlier versions of ADT used to create proguard.cfg files with the wrong
format. Instead of -keepclasseswithmembernames use -keepclasseswithmembers,
since the old flags also implies "allow shrinking" which means symbols only
referred to from XML and not Java (such as possibly CustomViews) can get
deleted.

More information:
http://http://code.google.com/p/android/issues/detail?id=16384

RecyclerView

Summary: RecyclerView Problems

Priority: 8 / 10
Severity: Error
Category: Correctness

RecyclerView will not call onBindViewHolder again when the position of the
item changes in the data set unless the item itself is invalidated or the new
position cannot be determined.

For this reason, you should only use the position parameter while acquiring
the related data item inside this method, and should not keep a copy of it.

If you need the position of an item later on (e.g. in a click listener), use
getAdapterPosition() which will have the updated adapter position.

ReferenceType

Summary: Incorrect reference types

Priority: 8 / 10
Severity: Fatal
Category: Correctness

When you generate a resource alias, the resource you are pointing to must be
of the same type as the alias

ResourceCycle

Summary: Cycle in resource definitions

Priority: 8 / 10
Severity: Fatal
Category: Correctness

There should be no cycles in resource definitions as this can lead to runtime
exceptions.

ResourceName

Summary: Resource with Wrong Prefix

Priority: 8 / 10
Severity: Fatal
Category: Correctness

In Gradle projects you can specify a resource prefix that all resources in the
project must conform to. This makes it easier to ensure that you don't
accidentally combine resources from different libraries, since they all end up
in the same shared app namespace.

ScrollViewCount

Summary: ScrollViews can have only one child

Priority: 8 / 10
Severity: Warning
Category: Correctness

ScrollViews can only have one child widget. If you want more children, wrap
them in a container layout.

StringShouldBeInt

Summary: String should be int

Priority: 8 / 10
Severity: Error
Category: Correctness

The properties compileSdkVersion, minSdkVersion and targetSdkVersion are
usually numbers, but can be strings when you are using an add-on (in the case
of compileSdkVersion) or a preview platform (for the other two properties).

However, you can not use a number as a string (e.g. "19" instead of 19); that
will result in a platform not found error message at build/sync time.

UnknownId

Summary: Reference to an unknown id

Priority: 8 / 10
Severity: Fatal
Category: Correctness

The @+id/ syntax refers to an existing id, or creates a new one if it has not
already been defined elsewhere. However, this means that if you have a typo in
your reference, or if the referred view no longer exists, you do not get a
warning since the id will be created on demand. This check catches errors
where you have renamed an id without updating all of the references to it.

WrongFolder

Summary: Resource file in the wrong res folder

Priority: 8 / 10
Severity: Fatal
Category: Correctness

Resource files are sometimes placed in the wrong folder, and it can lead to
subtle bugs that are hard to understand. This check looks for problems in this
area, such as attempting to place a layout "alias" file in a layout/ folder
rather than the values/ folder where it belongs.

CommitTransaction

Summary: Missing commit() calls

Priority: 7 / 10
Severity: Warning
Category: Correctness

After creating a FragmentTransaction, you typically need to commit it as well

DalvikOverride

Summary: Method considered overridden by Dalvik

Priority: 7 / 10
Severity: Error
Category: Correctness

The Android virtual machine will treat a package private method in one class
as overriding a package private method in its super class, even if they are in
separate packages. This may be surprising, but for compatibility reasons the
behavior has not been changed (yet).

If you really did intend for this method to override the other, make the
method protected instead.

If you did not intend the override, consider making the method private, or
changing its name or signature.

DeviceAdmin

Summary: Malformed Device Admin

Priority: 7 / 10
Severity: Warning
Category: Correctness

If you register a broadcast receiver which acts as a device admin, you must
also register an <intent-filter> for the action
android.app.action.DEVICE_ADMIN_ENABLED, without any <data>, such that the
device admin can be activated/deactivated.

To do this, add
<intent-filter>
<action android:name="android.app.action.DEVICE_ADMIN_ENABLED" />
</intent-filter>
to your <receiver>.

DuplicateIds

Summary: Duplicate ids within a single layout

Priority: 7 / 10
Severity: Fatal
Category: Correctness

Within a layout, id's should be unique since otherwise findViewById() can
return an unexpected view.

InconsistentArrays

Summary: Inconsistencies in array element counts

Priority: 7 / 10
Severity: Warning
Category: Correctness

When an array is translated in a different locale, it should normally have the
same number of elements as the original array. When adding or removing
elements to an array, it is easy to forget to update all the locales, and this
lint warning finds inconsistencies like these.

Note however that there may be cases where you really want to declare a
different number of array items in each configuration (for example where the
array represents available options, and those options differ for different
layout orientations and so on), so use your own judgement to decide if this is
really an error.

You can suppress this error type if it finds false errors in your project.

MissingTvBanner

Summary: TV Missing Banner

Priority: 7 / 10
Severity: Error
Category: Correctness

A TV application must provide a home screen banner for each localization if it
includes a Leanback launcher intent filter. The banner is the app launch point
that appears on the home screen in the apps and games rows.

More information:
http://developer.android.com/training/tv/start/start.html#banner

NestedScrolling

Summary: Nested scrolling widgets

Priority: 7 / 10
Severity: Warning
Category: Correctness

A scrolling widget such as a ScrollView should not contain any nested
scrolling widgets since this has various usability issues

ResourceAsColor

Summary: Should pass resolved color instead of resource id

Priority: 7 / 10
Severity: Error
Category: Correctness

Methods that take a color in the form of an integer should be passed an RGB
triple, not the actual color resource id. You must call
getResources().getColor(resource) to resolve the actual color value first.

ResourceType

Summary: Wrong Resource Type

Priority: 7 / 10
Severity: Fatal
Category: Correctness

Ensures that resource id's passed to APIs are of the right type; for example,
calling Resources.getColor(R.string.name) is wrong.

ScrollViewSize

Summary: ScrollView size validation

Priority: 7 / 10
Severity: Warning
Category: Correctness

ScrollView children must set their layout_width or layout_height attributes to
wrap_content rather than fill_parent or match_parent in the scrolling
dimension

TextViewEdits

Summary: TextView should probably be an EditText instead

Priority: 7 / 10
Severity: Warning
Category: Correctness

Using a <TextView> to input text is generally an error, you should be using
<EditText> instead. EditText is a subclass of TextView, and some of the
editing support is provided by TextView, so it's possible to set some
input-related properties on a TextView. However, using a TextView along with
input attributes is usually a cut & paste error. To input text you should be
using <EditText>.

This check also checks subclasses of TextView, such as Button and CheckBox,
since these have the same issue: they should not be used with editable
attributes.

WebViewLayout

Summary: WebViews in wrap_content parents

Priority: 7 / 10
Severity: Error
Category: Correctness

The WebView implementation has certain performance optimizations which will
not work correctly if the parent view is using wrap_content rather than
match_parent. This can lead to subtle UI bugs.

AppCompatMethod

Summary: Using Wrong AppCompat Method

Priority: 6 / 10
Severity: Warning
Category: Correctness

When using the appcompat library, there are some methods you should be calling
instead of the normal ones; for example, getSupportActionBar() instead of
getActionBar(). This lint check looks for calls to the wrong method.

More information:
http://developer.android.com/tools/support-library/index.html

ApplySharedPref

Summary: Use apply() on SharedPreferences

Priority: 6 / 10
Severity: Warning
Category: Correctness

Consider using apply() instead of commit on shared preferences. Whereas commit
blocks and writes its data to persistent storage immediately, apply will
handle it in the background.

Assert

Summary: Assertions

Priority: 6 / 10
Severity: Warning
Category: Correctness

Assertions are not checked at runtime. There are ways to request that they be
used by Dalvik (adb shell setprop debug.assert 1), but the property is ignored
in many places and can not be relied upon. Instead, perform conditional
checking inside if (BuildConfig.DEBUG) { } blocks. That constant is a static
final boolean which is true in debug builds and false in release builds, and
the Java compiler completely removes all code inside the if-body from the
app.

For example, you can replace assert speed > 0 with if (BuildConfig.DEBUG &&
!(speed > 0)) { throw new AssertionError() }.

(Note: This lint check does not flag assertions purely asserting nullness or
non-nullness; these are typically more intended for tools usage than runtime
checks.)

More information:
https://code.google.com/p/android/issues/detail?id=65183

CheckResult

Summary: Ignoring results

Priority: 6 / 10
Severity: Warning
Category: Correctness

Some methods have no side effects, an calling them without doing something
without the result is suspicious.

CommitPrefEdits

Summary: Missing commit() on SharedPreference editor

Priority: 6 / 10
Severity: Warning
Category: Correctness

After calling edit() on a SharedPreference, you must call commit() or apply()
on the editor to save the results.

CustomViewStyleable

Summary: Mismatched Styleable/Custom View Name

Priority: 6 / 10
Severity: Warning
Category: Correctness

The convention for custom views is to use a declare-styleable whose name
matches the custom view class name. The IDE relies on this convention such
that for example code completion can be offered for attributes in a custom
view in layout XML resource files.

(Similarly, layout parameter classes should use the suffix _Layout.)

CutPasteId

Summary: Likely cut & paste mistakes

Priority: 6 / 10
Severity: Warning
Category: Correctness

This lint check looks for cases where you have cut & pasted calls to
findViewById but have forgotten to update the R.id field. It's possible that
your code is simply (redundantly) looking up the field repeatedly, but lint
cannot distinguish that from a case where you for example want to initialize
fields prev and next and you cut & pasted findViewById(R.id.prev) and forgot
to update the second initialization to R.id.next.

DefaultLocale

Summary: Implied default locale in case conversion

Priority: 6 / 10
Severity: Warning
Category: Correctness

Calling String#toLowerCase() or #toUpperCase() without specifying an explicit
locale is a common source of bugs. The reason for that is that those methods
will use the current locale on the user's device, and even though the code
appears to work correctly when you are developing the app, it will fail in
some locales. For example, in the Turkish locale, the uppercase replacement
for i is not I.

If you want the methods to just perform ASCII replacement, for example to
convert an enum name, call String#toUpperCase(Locale.US) instead. If you
really want to use the current locale, call
String#toUpperCase(Locale.getDefault()) instead.

More information:
http://developer.android.com/reference/java/util/Locale.html#default_locale

DuplicateDefinition

Summary: Duplicate definitions of resources

Priority: 6 / 10
Severity: Error
Category: Correctness

You can define a resource multiple times in different resource folders; that's
how string translations are done, for example. However, defining the same
resource more than once in the same resource folder is likely an error, for
example attempting to add a new resource without realizing that the name is
already used, and so on.

DuplicateIncludedIds

Summary: Duplicate ids across layouts combined with include tags

Priority: 6 / 10
Severity: Warning
Category: Correctness

It's okay for two independent layouts to use the same ids. However, if layouts
are combined with include tags, then the id's need to be unique within any
chain of included layouts, or Activity#findViewById() can return an unexpected
view.

GradleDeprecated

Summary: Deprecated Gradle Construct

Priority: 6 / 10
Severity: Warning
Category: Correctness

This detector looks for deprecated Gradle constructs which currently work but
will likely stop working in a future update.

GradleGetter

Summary: Gradle Implicit Getter Call

Priority: 6 / 10
Severity: Error
Category: Correctness

Gradle will let you replace specific constants in your build scripts with
method calls, so you can for example dynamically compute a version string
based on your current version control revision number, rather than hardcoding
a number.

When computing a version name, it's tempting to for example call the method to
do that getVersionName. However, when you put that method call inside the
defaultConfig block, you will actually be calling the Groovy getter for the
versionName property instead. Therefore, you need to name your method
something which does not conflict with the existing implicit getters. Consider
using compute as a prefix instead of get.

ImpliedTouchscreenHardware

Summary: Hardware feature touchscreen not explicitly marked as optional

Priority: 6 / 10
Severity: Error
Category: Correctness

Apps require the android.hardware.touchscreen feature by default. If you want
your app to be available on TV, you must also explicitly declare that a
touchscreen is not required as follows:
<uses-feature android:name="android.hardware.touchscreen"
android:required="false"/>

More information:
https://developer.android.com/guide/topics/manifest/uses-feature-element.html

InconsistentLayout

Summary: Inconsistent Layouts

Priority: 6 / 10
Severity: Warning
Category: Correctness

This check ensures that a layout resource which is defined in multiple
resource folders, specifies the same set of widgets.

This finds cases where you have accidentally forgotten to add a widget to all
variations of the layout, which could result in a runtime crash for some
resource configurations when a findViewById() fails.

There are cases where this is intentional. For example, you may have a
dedicated large tablet layout which adds some extra widgets that are not
present in the phone version of the layout. As long as the code accessing the
layout resource is careful to handle this properly, it is valid. In that case,
you can suppress this lint check for the given extra or missing views, or the
whole layout

InlinedApi

Summary: Using inlined constants on older versions

Priority: 6 / 10
Severity: Warning
Category: Correctness

This check scans through all the Android API field references in the
application and flags certain constants, such as static final integers and
Strings, which were introduced in later versions. These will actually be
copied into the class files rather than being referenced, which means that the
value is available even when running on older devices. In some cases that's
fine, and in other cases it can result in a runtime crash or incorrect
behavior. It depends on the context, so consider the code carefully and device
whether it's safe and can be suppressed or whether the code needs tbe
guarded.

If you really want to use this API and don't need to support older devices
just set the minSdkVersion in your build.gradle or AndroidManifest.xml files.
If your code is deliberately accessing newer APIs, and you have ensured (e.g.
with conditional execution) that this code will only ever be called on a
supported platform, then you can annotate your class or method with the
@TargetApi annotation specifying the local minimum SDK to apply, such as
@TargetApi(11), such that this check considers 11 rather than your manifest
file's minimum SDK as the required API level.

Instantiatable

Summary: Registered class is not instantiatable

Priority: 6 / 10
Severity: Fatal
Category: Correctness

Activities, services, broadcast receivers etc. registered in the manifest file
(or for custom views, in a layout file) must be "instantiatable" by the
system, which means that the class must be public, it must have an empty
public constructor, and if it's an inner class, it must be a static inner
class.

InvalidAnalyticsName

Summary: Invalid Analytics Name

Priority: 6 / 10
Severity: Error
Category: Correctness

Event names and parameters must follow the naming conventions defined in
theFirebaseAnalytics#logEvent() documentation.

More information:
http://firebase.google.com/docs/reference/android/com/google/firebase/analytics/FirebaseAnalytics#logEvent(java.lang.String,%20android.os.Bundle)

InvalidId

Summary: Invalid ID declaration

Priority: 6 / 10
Severity: Fatal
Category: Correctness

An id definition must be of the form @+id/yourname. The tools have not
rejected strings of the form @+foo/bar in the past, but that was an error, and
could lead to tricky errors because of the way the id integers are assigned.

If you really want to have different "scopes" for your id's, use prefixes
instead, such as login_button1 and login_button2.

InvalidPackage

Summary: Package not included in Android

Priority: 6 / 10
Severity: Error
Category: Correctness

This check scans through libraries looking for calls to APIs that are not
included in Android.

When you create Android projects, the classpath is set up such that you can
only access classes in the API packages that are included in Android. However,
if you add other projects to your libs/ folder, there is no guarantee that
those .jar files were built with an Android specific classpath, and in
particular, they could be accessing unsupported APIs such as java.applet.

This check scans through library jars and looks for references to API packages
that are not included in Android and flags these. This is only an error if
your code calls one of the library classes which wind up referencing the
unsupported package.

InvalidResourceFolder

Summary: Invalid Resource Folder

Priority: 6 / 10
Severity: Error
Category: Correctness

This lint check looks for a folder name that is not a valid resource folder
name; these will be ignored and not packaged by the Android Gradle build
plugin.

Note that the order of resources is very important; for example, you can't
specify a language before a network code.

Similarly, note that to use 3 letter region codes, you have to use a special
BCP 47 syntax: the prefix b+ followed by the BCP 47 language tag but with + as
the individual separators instead of -. Therefore, for the BCP 47 language tag
nl-ABW you have to use b+nl+ABW.

More information:
http://developer.android.com/guide/topics/resources/providing-resources.html
https://tools.ietf.org/html/bcp47

InvalidUsesTagAttribute

Summary: Invalid name attribute for uses element.

Priority: 6 / 10
Severity: Error
Category: Correctness

The <uses> element in <automotiveApp> should contain a valid value for the
name attribute.
Valid values are media or notification.

More information:
https://developer.android.com/training/auto/start/index.html#auto-metadata

LibraryCustomView

Summary: Custom views in libraries should use res-auto-namespace

Priority: 6 / 10
Severity: Fatal
Category: Correctness

When using a custom view with custom attributes in a library project, the
layout must use the special namespace http://schemas.android.com/apk/res-auto
instead of a URI which includes the library project's own package. This will
be used to automatically adjust the namespace of the attributes when the
library resources are merged into the application project.

LocaleFolder

Summary: Wrong locale name

Priority: 6 / 10
Severity: Warning
Category: Correctness

From the java.util.Locale documentation:
"Note that Java uses several deprecated two-letter codes. The Hebrew ("he")
language code is rewritten as "iw", Indonesian ("id") as "in", and Yiddish
("yi") as "ji". This rewriting happens even if you construct your own Locale
object, not just for instances returned by the various lookup methods.

Because of this, if you add your localized resources in for example values-he
they will not be used, since the system will look for values-iw instead.

To work around this, place your resources in a values folder using the
deprecated language code instead.

More information:
http://developer.android.com/reference/java/util/Locale.html

ManifestResource

Summary: Manifest Resource References

Priority: 6 / 10
Severity: Fatal
Category: Correctness

Elements in the manifest can reference resources, but those resources cannot
vary across configurations (except as a special case, by version, and except
for a few specific package attributes such as the application title and
icon.)

MissingBackupPin

Summary: Missing Backup Pin

Priority: 6 / 10
Severity: Warning
Category: Correctness

It is highly recommended to declare a backup <pin> element. Not having a
second pin defined can cause connection failures when the particular site
certificate is rotated and the app has not yet been updated.

More information:
https://developer.android.com/preview/features/security-config.html

MissingConstraints

Summary: Missing Constraints in ConstraintLayout

Priority: 6 / 10
Severity: Error
Category: Correctness

The layout editor allows you to place widgets anywhere on the canvas, and it
records the current position with designtime attributes (such as
layout_editor_absoluteX.) These attributes are not applied at runtime, so if
you push your layout on a device, the widgets may appear in a different
location than shown in the editor. To fix this, make sure a widget has both
horizontal and vertical constraints by dragging from the edge connections.

MissingIntentFilterForMediaSearch

Summary: Missing intent-filter with action
android.media.action.MEDIA_PLAY_FROM_SEARCH

Priority: 6 / 10
Severity: Error
Category: Correctness

To support voice searches on Android Auto, you should also register an
intent-filter for the action android.media.action.MEDIA_PLAY_FROM_SEARCH.
To do this, add
<intent-filter>
<action android:name="android.media.action.MEDIA_PLAY_FROM_SEARCH" />
</intent-filter>
to your <activity> or <service>.

More information:
https://developer.android.com/training/auto/audio/index.html#support_voice

MissingLeanbackSupport

Summary: Missing Leanback Support.

Priority: 6 / 10
Severity: Error
Category: Correctness

The manifest should declare the use of the Leanback user interface required by
Android TV.
To fix this, add
<uses-feature android:name="android.software.leanback"
android:required="false" />
to your manifest.

More information:
https://developer.android.com/training/tv/start/start.html#leanback-req

MissingMediaBrowserServiceIntentFilter

Summary: Missing intent-filter with action
android.media.browse.MediaBrowserService.

Priority: 6 / 10
Severity: Error
Category: Correctness

An Automotive Media App requires an exported service that extends
android.service.media.MediaBrowserService with an intent-filter for the action
android.media.browse.MediaBrowserService to be able to browse and play media.
To do this, add
<intent-filter>
<action android:name="android.media.browse.MediaBrowserService" />
</intent-filter>
to the service that extends android.service.media.MediaBrowserService

More information:
https://developer.android.com/training/auto/audio/index.html#config_manifest

MissingOnPlayFromSearch

Summary: Missing onPlayFromSearch.

Priority: 6 / 10
Severity: Error
Category: Correctness

To support voice searches on Android Auto, in addition to adding an
intent-filter for the action onPlayFromSearch, you also need to override and
implement onPlayFromSearch(String query, Bundle bundle)

More information:
https://developer.android.com/training/auto/audio/index.html#support_voice

MissingPrefix

Summary: Missing Android XML namespace

Priority: 6 / 10
Severity: Error
Category: Correctness

Most Android views have attributes in the Android namespace. When referencing
these attributes you must include the namespace prefix, or your attribute will
be interpreted by aapt as just a custom attribute.

Similarly, in manifest files, nearly all attributes should be in the android:
namespace.

MultipleUsesSdk

Summary: Multiple <uses-sdk> elements in the manifest

Priority: 6 / 10
Severity: Fatal
Category: Correctness

The <uses-sdk> element should appear just once; the tools will not merge the
contents of all the elements so if you split up the attributes across multiple
elements, only one of them will take effect. To fix this, just merge all the
attributes from the various elements into a single <uses-sdk> element.

More information:
http://developer.android.com/guide/topics/manifest/uses-sdk-element.html

NewApi

Summary: Calling new methods on older versions

Priority: 6 / 10
Severity: Error
Category: Correctness

This check scans through all the Android API calls in the application and
warns about any calls that are not available on all versions targeted by this
application (according to its minimum SDK attribute in the manifest).

If you really want to use this API and don't need to support older devices
just set the minSdkVersion in your build.gradle or AndroidManifest.xml files.

If your code is deliberately accessing newer APIs, and you have ensured (e.g.
with conditional execution) that this code will only ever be called on a
supported platform, then you can annotate your class or method with the
@TargetApi annotation specifying the local minimum SDK to apply, such as
@TargetApi(11), such that this check considers 11 rather than your manifest
file's minimum SDK as the required API level.

If you are deliberately setting android: attributes in style definitions, make
sure you place this in a values-vNN folder in order to avoid running into
runtime conflicts on certain devices where manufacturers have added custom
attributes whose ids conflict with the new ones on later platforms.

Similarly, you can use tools:targetApi="11" in an XML file to indicate that
the element will only be inflated in an adequate context.

NotSibling

Summary: RelativeLayout Invalid Constraints

Priority: 6 / 10
Severity: Fatal
Category: Correctness

Layout constraints in a given RelativeLayout should reference other views
within the same relative layout (but not itself!)

OldTargetApi

Summary: Target SDK attribute is not targeting latest version

Priority: 6 / 10
Severity: Warning
Category: Correctness

When your application runs on a version of Android that is more recent than
your targetSdkVersion specifies that it has been tested with, various
compatibility modes kick in. This ensures that your application continues to
work, but it may look out of place. For example, if the targetSdkVersion is
less than 14, your app may get an option button in the UI.

To fix this issue, set the targetSdkVersion to the highest available value.
Then test your app to make sure everything works correctly. You may want to
consult the compatibility notes to see what changes apply to each version you
are adding support for:
http://developer.android.com/reference/android/os/Build.VERSION_CODES.html

More information:
http://developer.android.com/reference/android/os/Build.VERSION_CODES.html

Override

Summary: Method conflicts with new inherited method

Priority: 6 / 10
Severity: Error
Category: Correctness

Suppose you are building against Android API 8, and you've subclassed
Activity. In your subclass you add a new method called isDestroyed(). At some
later point, a method of the same name and signature is added to Android. Your
method will now override the Android method, and possibly break its contract.
Your method is not calling super.isDestroyed(), since your compilation target
doesn't know about the method.

The above scenario is what this lint detector looks for. The above example is
real, since isDestroyed() was added in API 17, but it will be true for any
method you have added to a subclass of an Android class where your build
target is lower than the version the method was introduced in.

To fix this, either rename your method, or if you are really trying to augment
the builtin method if available, switch to a higher build target where you can
deliberately add @Override on your overriding method, and call super if
appropriate etc.

OverrideAbstract

Summary: Not overriding abstract methods on older platforms

Priority: 6 / 10
Severity: Fatal
Category: Correctness

To improve the usability of some APIs, some methods that used to be abstract
have been made concrete by adding default implementations. This means that
when compiling with new versions of the SDK, your code does not have to
override these methods.

However, if your code is also targeting older versions of the platform where
these methods were still abstract, the code will crash. You must override all
methods that used to be abstract in any versions targeted by your
application's minSdkVersion.

PinSetExpiry

Summary: Validate <pin-set> expiration attribute

Priority: 6 / 10
Severity: Warning
Category: Correctness

Ensures that the expiration attribute of the <pin-set> element is valid and
has not already expired or is expiring soon

More information:
https://developer.android.com/preview/features/security-config.html

PropertyEscape

Summary: Incorrect property escapes

Priority: 6 / 10
Severity: Error
Category: Correctness

All backslashes and colons in .property files must be escaped with a backslash
(). This means that when writing a Windows path, you must escape the file
separators, so the path \My\Files should be written as key=\My\Files.

Range

Summary: Outside Range

Priority: 6 / 10
Severity: Error
Category: Correctness

Some parameters are required to in a particular numerical range; this check
makes sure that arguments passed fall within the range. For arrays, Strings
and collections this refers to the size or length.

Registered

Summary: Class is not registered in the manifest

Priority: 6 / 10
Severity: Warning
Category: Correctness

Activities, services and content providers should be registered in the
AndroidManifest.xml file using <activity>, <service> and <provider> tags.

If your activity is simply a parent class intended to be subclassed by other
"real" activities, make it an abstract class.

More information:
http://developer.android.com/guide/topics/manifest/manifest-intro.html

SdCardPath

Summary: Hardcoded reference to /sdcard

Priority: 6 / 10
Severity: Warning
Category: Correctness

Your code should not reference the /sdcard path directly; instead use
Environment.getExternalStorageDirectory().getPath().

Similarly, do not reference the /data/data/ path directly; it can vary in
multi-user scenarios. Instead, use Context.getFilesDir().getPath().

More information:
http://developer.android.com/guide/topics/data/data-storage.html#filesExternal

ServiceCast

Summary: Wrong system service casts

Priority: 6 / 10
Severity: Fatal
Category: Correctness

When you call Context#getSystemService(), the result is typically cast to a
specific interface. This lint check ensures that the cast is compatible with
the expected type of the return value.

ShortAlarm

Summary: Short or Frequent Alarm

Priority: 6 / 10
Severity: Warning
Category: Correctness

Frequent alarms are bad for battery life. As of API 22, the AlarmManager will
override near-future and high-frequency alarm requests, delaying the alarm at
least 5 seconds into the future and ensuring that the repeat interval is at
least 60 seconds.

If you really need to do work sooner than 5 seconds, post a delayed message or
runnable to a Handler.

ShowToast

Summary: Toast created but not shown

Priority: 6 / 10
Severity: Warning
Category: Correctness

Toast.makeText() creates a Toast but does not show it. You must call show() on
the resulting object to actually make the Toast appear.

SimpleDateFormat

Summary: Implied locale in date format

Priority: 6 / 10
Severity: Warning
Category: Correctness

Almost all callers should use getDateInstance(), getDateTimeInstance(), or
getTimeInstance() to get a ready-made instance of SimpleDateFormat suitable
for the user's locale. The main reason you'd create an instance this class
directly is because you need to format/parse a specific machine-readable
format, in which case you almost certainly want to explicitly ask for US to
ensure that you get ASCII digits (rather than, say, Arabic digits).

Therefore, you should either use the form of the SimpleDateFormat constructor
where you pass in an explicit locale, such as Locale.US, or use one of the get
instance methods, or suppress this error if really know what you are doing.

More information:
http://developer.android.com/reference/java/text/SimpleDateFormat.html

Suspicious0dp

Summary: Suspicious 0dp dimension

Priority: 6 / 10
Severity: Error
Category: Correctness

Using 0dp as the width in a horizontal LinearLayout with weights is a useful
trick to ensure that only the weights (and not the intrinsic sizes) are used
when sizing the children.

However, if you use 0dp for the opposite dimension, the view will be
invisible. This can happen if you change the orientation of a layout without
also flipping the 0dp dimension in all the children.

UniquePermission

Summary: Permission names are not unique

Priority: 6 / 10
Severity: Fatal
Category: Correctness

The unqualified names or your permissions must be unique. The reason for this
is that at build time, the aapt tool will generate a class named Manifest
which contains a field for each of your permissions. These fields are named
using your permission unqualified names (i.e. the name portion after the last
dot).

If more than one permission maps to the same field name, that field will
arbitrarily name just one of them.

UnsupportedTvHardware

Summary: Unsupported TV Hardware Feature

Priority: 6 / 10
Severity: Error
Category: Correctness

The <uses-feature> element should not require this unsupported TV hardware
feature. Any uses-feature not explicitly marked with required="false" is
necessary on the device to be installed on. Ensure that any features that
might prevent it from being installed on a TV device are reviewed and marked
as not required in the manifest.

More information:
https://developer.android.com/training/tv/start/hardware.html#unsupported-features

UnusedAttribute

Summary: Attribute unused on older versions

Priority: 6 / 10
Severity: Warning
Category: Correctness

This check finds attributes set in XML files that were introduced in a version
newer than the oldest version targeted by your application (with the
minSdkVersion attribute).

This is not an error; the application will simply ignore the attribute.
However, if the attribute is important to the appearance of functionality of
your application, you should consider finding an alternative way to achieve
the same result with only available attributes, and then you can optionally
create a copy of the layout in a layout-vNN folder which will be used on API
NN or higher where you can take advantage of the newer attribute.

Note: This check does not only apply to attributes. For example, some tags can
be unused too, such as the new <tag> element in layouts introduced in API 21.

UseAlpha2

Summary: Using 3-letter Codes

Priority: 6 / 10
Severity: Warning
Category: Correctness

For compatibility with earlier devices, you should only use 3-letter language
and region codes when there is no corresponding 2 letter code.

More information:
https://tools.ietf.org/html/bcp47

ValidFragment

Summary: Fragment not instantiatable

Priority: 6 / 10
Severity: Fatal
Category: Correctness

From the Fragment documentation:
Every fragment must have an empty constructor, so it can be instantiated when
restoring its activity's state. It is strongly recommended that subclasses do
not have other constructors with parameters, since these constructors will not
be called when the fragment is re-instantiated; instead, arguments can be
supplied by the caller with setArguments(Bundle) and later retrieved by the
Fragment with getArguments().

More information:
http://developer.android.com/reference/android/app/Fragment.html#Fragment()

WifiManagerLeak

Summary: WifiManager Leak

Priority: 6 / 10
Severity: Fatal
Category: Correctness

On versions prior to Android N (24), initializing the WifiManager via
Context#getSystemService can cause a memory leak if the context is not the
application context. Change context.getSystemService(...) to
context.getApplicationContext().getSystemService(...).

WifiManagerPotentialLeak

Summary: WifiManager Potential Leak

Priority: 6 / 10
Severity: Warning
Category: Correctness

On versions prior to Android N (24), initializing the WifiManager via
Context#getSystemService can cause a memory leak if the context is not the
application context.

In many cases, it's not obvious from the code where the Context is coming from
(e.g. it might be a parameter to a method, or a field initialized from various
method calls.) It's possible that the context being passed in is the
application context, but to be on the safe side, you should consider changing
context.getSystemService(...) to
context.getApplicationContext().getSystemService(...).

WrongCall

Summary: Using wrong draw/layout method

Priority: 6 / 10
Severity: Fatal
Category: Correctness

Custom views typically need to call measure() on their children, not
onMeasure. Ditto for onDraw, onLayout, etc.

WrongManifestParent

Summary: Wrong manifest parent

Priority: 6 / 10
Severity: Fatal
Category: Correctness

The <uses-library> element should be defined as a direct child of the
<application> tag, not the <manifest> tag or an <activity> tag. Similarly, a
<uses-sdk> tag must be declared at the root level, and so on. This check looks
for incorrect declaration locations in the manifest, and complains if an
element is found in the wrong place.

More information:
http://developer.android.com/guide/topics/manifest/manifest-intro.html

WrongRegion

Summary: Suspicious Language/Region Combination

Priority: 6 / 10
Severity: Warning
Category: Correctness

Android uses the letter codes ISO 639-1 for languages, and the letter codes
ISO 3166-1 for the region codes. In many cases, the language code and the
country where the language is spoken is the same, but it is also often not the
case. For example, while 'se' refers to Sweden, where Swedish is spoken, the
language code for Swedish is not se (which refers to the Northern Sami
language), the language code is sv. And similarly the region code for sv is El
Salvador.

This lint check looks for suspicious language and region combinations, to help
catch cases where you've accidentally used the wrong language or region code.
Lint knows about the most common regions where a language is spoken, and if a
folder combination is not one of these, it is flagged as suspicious.

Note however that it may not be an error: you can theoretically have speakers
of any language in any region and want to target that with your resources, so
this check is aimed at tracking down likely mistakes, not to enforce a
specific set of region and language combinations.

WrongThread

Summary: Wrong Thread

Priority: 6 / 10
Severity: Error
Category: Correctness

Ensures that a method which expects to be called on a specific thread, is
actually called from that thread. For example, calls on methods in widgets
should always be made on the UI thread.

More information:
http://developer.android.com/guide/components/processes-and-threads.html#Threads

AppCompatResource

Summary: Menu namespace

Priority: 5 / 10
Severity: Error
Category: Correctness

When using the appcompat library, menu resources should refer to the
showAsAction in the app: namespace, not the android: namespace.

Similarly, when not using the appcompat library, you should be using the
android:showAsAction attribute.

AppLinksAutoVerifyError

Summary: App Links Auto Verification Failure

Priority: 5 / 10
Severity: Error
Category: Correctness
NOTE: This issue is disabled by default!
You can enable it by adding --enable AppLinksAutoVerifyError

Ensures that app links are correctly set and associated with website.

More information:
https://g.co/appindexing/applinks

AppLinksAutoVerifyWarning

Summary: Potential App Links Auto Verification Failure

Priority: 5 / 10
Severity: Warning
Category: Correctness
NOTE: This issue is disabled by default!
You can enable it by adding --enable AppLinksAutoVerifyWarning

Ensures that app links are correctly set and associated with website.

More information:
https://g.co/appindexing/applinks

BatteryLife

Summary: Battery Life Issues

Priority: 5 / 10
Severity: Warning
Category: Correctness

This issue flags code that either

  • negatively affects battery life, or
  • uses APIs that have recently changed behavior to prevent background tasks
    from consuming memory and battery excessively.

Generally, you should be using JobScheduler or GcmNetworkManager instead.

For more details on how to update your code, please
seehttp://developer.android.com/preview/features/background-optimization.html

More information:
http://developer.android.com/preview/features/background-optimization.html

DuplicateActivity

Summary: Activity registered more than once

Priority: 5 / 10
Severity: Fatal
Category: Correctness

An activity should only be registered once in the manifest. If it is
accidentally registered more than once, then subtle errors can occur, since
attribute declarations from the two elements are not merged, so you may
accidentally remove previous declarations.

DuplicateUsesFeature

Summary: Feature declared more than once

Priority: 5 / 10
Severity: Warning
Category: Correctness

A given feature should only be declared once in the manifest.

FullBackupContent

Summary: Valid Full Backup Content File

Priority: 5 / 10
Severity: Fatal
Category: Correctness

Ensures that a <full-backup-content> file, which is pointed to by a
android:fullBackupContent attribute in the manifest file, is valid

More information:
http://android-developers.blogspot.com/2015/07/auto-backup-for-apps-made-simple.html

IncludeLayoutParam

Summary: Ignored layout params on include

Priority: 5 / 10
Severity: Error
Category: Correctness

Layout parameters specified on an <include> tag will only be used if you also
override layout_width and layout_height on the <include> tag; otherwise they
will be ignored.

More information:
http://stackoverflow.com/questions/2631614/does-android-xml-layouts-include-tag-really-work

InflateParams

Summary: Layout Inflation without a Parent

Priority: 5 / 10
Severity: Warning
Category: Correctness

When inflating a layout, avoid passing in null as the parent view, since
otherwise any layout parameters on the root of the inflated layout will be
ignored.

More information:
http://www.doubleencore.com/2013/05/layout-inflation-as-intended

LogTagMismatch

Summary: Mismatched Log Tags

Priority: 5 / 10
Severity: Error
Category: Correctness

When guarding a Log.v(tag, ...) call with Log.isLoggable(tag), the tag passed
to both calls should be the same. Similarly, the level passed in to
Log.isLoggable should typically match the type of Log call, e.g. if checking
level Log.DEBUG, the corresponding Log call should be Log.d, not Log.i.

LongLogTag

Summary: Too Long Log Tags

Priority: 5 / 10
Severity: Error
Category: Correctness

Log tags are only allowed to be at most 23 tag characters long.

ManifestOrder

Summary: Incorrect order of elements in manifest

Priority: 5 / 10
Severity: Warning
Category: Correctness

The <application> tag should appear after the elements which declare which
version you need, which features you need, which libraries you need, and so
on. In the past there have been subtle bugs (such as themes not getting
applied correctly) when the <application> tag appears before some of these
other elements, so it's best to order your manifest in the logical dependency
order.

ManifestTypo

Summary: Typos in manifest tags

Priority: 5 / 10
Severity: Fatal
Category: Correctness

This check looks through the manifest, and if it finds any tags that look like
likely misspellings, they are flagged.

MissingId

Summary: Fragments should specify an id or tag

Priority: 5 / 10
Severity: Warning
Category: Correctness

If you do not specify an android:id or an android:tag attribute on a
<fragment> element, then if the activity is restarted (for example for an
orientation rotation) you may lose state. From the fragment documentation:

"Each fragment requires a unique identifier that the system can use to restore
the fragment if the activity is restarted (and which you can use to capture
the fragment to perform transactions, such as remove it).

  • Supply the android:id attribute with a unique ID.
  • Supply the android:tag attribute with a unique string.
    If you provide neither of the previous two, the system uses the ID of the
    container view.

More information:
http://developer.android.com/guide/components/fragments.html

NetworkSecurityConfig

Summary: Valid Network Security Config File

Priority: 5 / 10
Severity: Fatal
Category: Correctness

Ensures that a <network-security-config> file, which is pointed to by an
android:networkSecurityConfig attribute in the manifest file, is valid

More information:
https://developer.android.com/preview/features/security-config.html

NfcTechWhitespace

Summary: Whitespace in NFC tech lists

Priority: 5 / 10
Severity: Fatal
Category: Correctness

In a <tech-list>, there can be whitespace around the <tech> elements,but not
inside them. This is because the code which reads in the tech list is
currently very strict and will include the whitespace as part of the name.

In other words, use <tech>name</tech>, not <tech> name </tech>.

More information:
https://code.google.com/p/android/issues/detail?id=65351

ProtectedPermissions

Summary: Using system app permission

Priority: 5 / 10
Severity: Error
Category: Correctness

Permissions with the protection level signature or signatureOrSystem are only
granted to system apps. If an app is a regular non-system app, it will never
be able to use these permissions.

SQLiteString

Summary: Using STRING instead of TEXT

Priority: 5 / 10
Severity: Warning
Category: Correctness

In SQLite, any column can store any data type; the declared type for a column
is more of a hint as to what the data should be cast to when stored.

There are many ways to store a string. TEXT, VARCHAR, CHARACTER and CLOB are
string types, but STRING is not. Columns defined as STRING are actually
numeric.

If you try to store a value in a numeric column, SQLite will try to cast it to
a float or an integer before storing. If it can't, it will just store it as a
string.

This can lead to some subtle bugs. For example, when SQLite encounters a
string like 1234567e1234, it will parse it as a float, but the result will be
out of range for floating point numbers, so Inf will be stored! Similarly,
strings that look like integers will lose leading zeroes.

To fix this, you can change your schema to use a TEXT type instead.

More information:
https://www.sqlite.org/datatype3.html

StateListReachable

Summary: Unreachable state in a <selector>

Priority: 5 / 10
Severity: Warning
Category: Correctness

In a selector, only the last child in the state list should omit a state
qualifier. If not, all subsequent items in the list will be ignored since the
given item will match all.

UnknownIdInLayout

Summary: Reference to an id that is not in the current layout

Priority: 5 / 10
Severity: Warning
Category: Correctness

The @+id/ syntax refers to an existing id, or creates a new one if it has not
already been defined elsewhere. However, this means that if you have a typo in
your reference, or if the referred view no longer exists, you do not get a
warning since the id will be created on demand.

This is sometimes intentional, for example where you are referring to a view
which is provided in a different layout via an include. However, it is usually
an accident where you have a typo or you have renamed a view without updating
all the references to it.

UnlocalizedSms

Summary: SMS phone number missing country code

Priority: 5 / 10
Severity: Warning
Category: Correctness

SMS destination numbers must start with a country code or the application code
must ensure that the SMS is only sent when the user is in the same country as
the receiver.

ValidRestrictions

Summary: Invalid Restrictions Descriptor

Priority: 5 / 10
Severity: Fatal
Category: Correctness

Ensures that an applications restrictions XML file is properly formed

More information:
https://developer.android.com/reference/android/content/RestrictionsManager.html

VectorDrawableCompat

Summary: Using VectorDrawableCompat

Priority: 5 / 10
Severity: Error
Category: Correctness

To use VectorDrawableCompat, you need to make two modifications to your
project. First, set android.defaultConfig.vectorDrawables.useSupportLibrary =
true in your build.gradle file, and second, use app:srcCompat instead of
android:src to refer to vector drawables.

More information:
http://chris.banes.me/2016/02/25/appcompat-vector/#enabling-the-flag

VectorRaster

Summary: Vector Image Generation

Priority: 5 / 10
Severity: Warning
Category: Correctness

Vector icons require API 21, but when using Android Gradle plugin 1.4 or
higher, vectors placed in the drawable folder are automatically moved to
drawable-dpi-v21 and a bitmap image is generated each drawable-dpi folder
instead, for backwards compatibility (provided minSdkVersion is less than
21.).

However, there are some limitations to this vector image generation, and this
lint check flags elements and attributes that are not fully supported. You
should manually check whether the generated output is acceptable for those
older devices.

GradleDependency

Summary: Obsolete Gradle Dependency

Priority: 4 / 10
Severity: Warning
Category: Correctness

This detector looks for usages of libraries where the version you are using is
not the current stable release. Using older versions is fine, and there are
cases where you deliberately want to stick with an older version. However, you
may simply not be aware that a more recent version is available, and that is
what this lint check helps find.

GradleDynamicVersion

Summary: Gradle Dynamic Version

Priority: 4 / 10
Severity: Warning
Category: Correctness

Using + in dependencies lets you automatically pick up the latest available
version rather than a specific, named version. However, this is not
recommended; your builds are not repeatable; you may have tested with a
slightly different version than what the build server used. (Using a dynamic
version as the major version number is more problematic than using it in the
minor version position.)

GradleIdeError

Summary: Gradle IDE Support Issues

Priority: 4 / 10
Severity: Error
Category: Correctness

Gradle is highly flexible, and there are things you can do in Gradle files
which can make it hard or impossible for IDEs to properly handle the project.
This lint check looks for constructs that potentially break IDE support.

GradleOverrides

Summary: Value overridden by Gradle build script

Priority: 4 / 10
Severity: Warning
Category: Correctness

The value of (for example) minSdkVersion is only used if it is not specified
in the build.gradle build scripts. When specified in the Gradle build scripts,
the manifest value is ignored and can be misleading, so should be removed to
avoid ambiguity.

GradlePath

Summary: Gradle Path Issues

Priority: 4 / 10
Severity: Warning
Category: Correctness

Gradle build scripts are meant to be cross platform, so file paths use
Unix-style path separators (a forward slash) rather than Windows path
separators (a backslash). Similarly, to keep projects portable and repeatable,
avoid using absolute paths on the system; keep files within the project
instead. To share code between projects, consider creating an android-library
and an AAR dependency

GridLayout

Summary: GridLayout validation

Priority: 4 / 10
Severity: Fatal
Category: Correctness

Declaring a layout_row or layout_column that falls outside the declared size
of a GridLayout's rowCount or columnCount is usually an unintentional error.

InOrMmUsage

Summary: Using mm or in dimensions

Priority: 4 / 10
Severity: Warning
Category: Correctness

Avoid using mm (millimeters) or in (inches) as the unit for dimensions.

While it should work in principle, unfortunately many devices do not report
the correct true physical density, which means that the dimension calculations
won't work correctly. You are better off using dp (and for font sizes, sp.)

NewerVersionAvailable

Summary: Newer Library Versions Available

Priority: 4 / 10
Severity: Warning
Category: Correctness
NOTE: This issue is disabled by default!
You can enable it by adding --enable NewerVersionAvailable

This detector checks with a central repository to see if there are newer
versions available for the dependencies used by this project. This is similar
to the GradleDependency check, which checks for newer versions available in
the Android SDK tools and libraries, but this works with any MavenCentral
dependency, and connects to the library every time, which makes it more
flexible but also much slower.

ObjectAnimatorBinding

Summary: Incorrect ObjectAnimator Property

Priority: 4 / 10
Severity: Error
Category: Correctness

This check cross references properties referenced by String from
ObjectAnimator and PropertyValuesHolder method calls and ensures that the
corresponding setter methods exist and have the right signatures.

RequiredSize

Summary: Missing layout_width or layout_height attributes

Priority: 4 / 10
Severity: Error
Category: Correctness

All views must specify an explicit layout_width and layout_height attribute.
There is a runtime check for this, so if you fail to specify a size, an
exception is thrown at runtime.

It's possible to specify these widths via styles as well. GridLayout, as a
special case, does not require you to specify a size.

RestrictedApi

Summary: Restricted API

Priority: 4 / 10
Severity: Error
Category: Correctness

This API has been flagged with a restriction that has not been met.

Examples of API restrictions:

  • Method can only be invoked by a subclass
  • Method can only be accessed from within the same library (defined by the
    Gradle library group id)
    .* Method can only be accessed from tests.
    .
    You can add your own API restrictions with the @RestrictTo annotation.

VisibleForTests

Summary: Visible Only For Tests

Priority: 4 / 10
Severity: Warning
Category: Correctness

With the @VisibleForTesting annotation you can specify an otherwise= attribute
which specifies the intended visibility if the method had not been made more
widely visible for the tests.

This check looks for accesses from production code (e.g. not tests) where the
access would not have been allowed with the intended production visibility.

WrongCase

Summary: Wrong case for view tag

Priority: 4 / 10
Severity: Fatal
Category: Correctness

Most layout tags, such as <Button>, refer to actual view classes and are
therefore capitalized. However, there are exceptions such as <fragment> and
<include>. This lint check looks for incorrect capitalizations.

More information:
http://developer.android.com/guide/components/fragments.html

ExtraText

Summary: Extraneous text in resource files

Priority: 3 / 10
Severity: Warning
Category: Correctness

Layout resource files should only contain elements and attributes. Any XML
text content found in the file is likely accidental (and potentially dangerous
if the text resembles XML and the developer believes the text to be
functional)

InnerclassSeparator

Summary: Inner classes should use $ rather than .

Priority: 3 / 10
Severity: Warning
Category: Correctness

When you reference an inner class in a manifest file, you must use '$' instead
of '.' as the separator character, i.e. Outer$Inner instead of Outer.Inner.

(If you get this warning for a class which is not actually an inner class,
it's because you are using uppercase characters in your package name, which is
not conventional.)

LocalSuppress

Summary: @SuppressLint on invalid element

Priority: 3 / 10
Severity: Error
Category: Correctness

The @SuppressAnnotation is used to suppress Lint warnings in Java files.
However, while many lint checks analyzes the Java source code, where they can
find annotations on (for example) local variables, some checks are analyzing
the .class files. And in class files, annotations only appear on classes,
fields and methods. Annotations placed on local variables disappear. If you
attempt to suppress a lint error for a class-file based lint check, the
suppress annotation not work. You must move the annotation out to the
surrounding method.

ParcelClassLoader

Summary: Default Parcel Class Loader

Priority: 3 / 10
Severity: Warning
Category: Correctness

The documentation for Parcel#readParcelable(ClassLoader) (and its variations)
says that you can pass in null to pick up the default class loader. However,
that ClassLoader is a system class loader and is not able to find classes in
your own application.

If you are writing your own classes into the Parcel (not just SDK classes like
String and so on), then you should supply a ClassLoader for your application
instead; a simple way to obtain one is to just call
getClass().getClassLoader() from your own class.

More information:
http://developer.android.com/reference/android/os/Parcel.html

ParcelCreator

Summary: Missing Parcelable CREATOR field

Priority: 3 / 10
Severity: Error
Category: Correctness

According to the Parcelable interface documentation, "Classes implementing the
Parcelable interface must also have a static field called CREATOR, which is an
object implementing the Parcelable.Creator interface."

More information:
http://developer.android.com/reference/android/os/Parcelable.html

PermissionImpliesUnsupportedHardware

Summary: Permission Implies Unsupported Hardware

Priority: 3 / 10
Severity: Warning
Category: Correctness

The <uses-permission> element should not require a permission that implies an
unsupported TV hardware feature. Google Play assumes that certain hardware
related permissions indicate that the underlying hardware features are
required by default. To fix the issue, consider declaring the corresponding
uses-feature element with required="false" attribute.

More information:
http://developer.android.com/guide/topics/manifest/uses-feature-element.html#permissions

PrivateResource

Summary: Using private resources

Priority: 3 / 10
Severity: Warning
Category: Correctness

Private resources should not be referenced; the may not be present everywhere,
and even where they are they may disappear without notice.

To fix this, copy the resource into your own project instead.

ProguardSplit

Summary: Proguard.cfg file contains generic Android rules

Priority: 3 / 10
Severity: Warning
Category: Correctness

Earlier versions of the Android tools bundled a single proguard.cfg file
containing a ProGuard configuration file suitable for Android shrinking and
obfuscation. However, that version was copied into new projects, which means
that it does not continue to get updated as we improve the default ProGuard
rules for Android.

In the new version of the tools, we have split the ProGuard configuration into
two halves:

  • A simple configuration file containing only project-specific flags, in your
    project
  • A generic configuration file containing the recommended set of ProGuard
    options for Android projects. This generic file lives in the SDK install
    directory which means that it gets updated along with the tools.

In order for this to work, the proguard.config property in the
project.properties file now refers to a path, so you can reference both the
generic file as well as your own (and any additional files too).

To migrate your project to the new setup, create a new proguard-project.txt
file in your project containing any project specific ProGuard flags as well as
any customizations you have made, then update your project.properties file to
contain:
proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-projec
.txt

ShiftFlags

Summary: Dangerous Flag Constant Declaration

Priority: 3 / 10
Severity: Warning
Category: Correctness

When defining multiple constants for use in flags, the recommended style is to
use the form 1 << 2, 1 << 3, 1 << 4 and so on to ensure that the constants are
unique and non-overlapping.

SpUsage

Summary: Using dp instead of sp for text sizes

Priority: 3 / 10
Severity: Warning
Category: Correctness

When setting text sizes, you should normally use sp, or "scale-independent
pixels". This is like the dp unit, but it is also scaled by the user's font
size preference. It is recommend you use this unit when specifying font sizes,
so they will be adjusted for both the screen density and the user's
preference.

There are cases where you might need to use dp; typically this happens when
the text is in a container with a specific dp-size. This will prevent the text
from spilling outside the container. Note however that this means that the
user's font size settings are not respected, so consider adjusting the layout
itself to be more flexible.

More information:
http://developer.android.com/training/multiscreen/screendensities.html

SwitchIntDef

Summary: Missing @IntDef in Switch

Priority: 3 / 10
Severity: Warning
Category: Correctness

This check warns if a switch statement does not explicitly include all the
values declared by the typedef @IntDef declaration.

UniqueConstants

Summary: Overlapping Enumeration Constants

Priority: 3 / 10
Severity: Error
Category: Correctness

The @IntDef annotation allows you to create a light-weight "enum" or type
definition. However, it's possible to accidentally specify the same value for
two or more of the values, which can lead to hard-to-detect bugs. This check
looks for this scenario and flags any repeated constants.

In some cases, the repeated constant is intentional (for example, renaming a
constant to a more intuitive name, and leaving the old name in place for
compatibility purposes.) In that case, simply suppress this check by adding a
@SuppressLint("UniqueConstants") annotation.

AccidentalOctal

Summary: Accidental Octal

Priority: 2 / 10
Severity: Error
Category: Correctness

In Groovy, an integer literal that starts with a leading 0 will be interpreted
as an octal number. That is usually (always?) an accident and can lead to
subtle bugs, for example when used in the versionCode of an app.

Deprecated

Summary: Using deprecated resources

Priority: 2 / 10
Severity: Warning
Category: Correctness

Deprecated views, attributes and so on are deprecated because there is a
better way to do something. Do it that new way. You've been warned.

MangledCRLF

Summary: Mangled file line endings

Priority: 2 / 10
Severity: Error
Category: Correctness
NOTE: This issue is disabled by default!
You can enable it by adding --enable MangledCRLF

On Windows, line endings are typically recorded as carriage return plus
newline: \r\n.

This detector looks for invalid line endings with repeated carriage return
characters (without newlines). Previous versions of the ADT plugin could
accidentally introduce these into the file, and when editing the file, the
editor could produce confusing visual artifacts.

More information:
https://bugs.eclipse.org/bugs/show_bug.cgi?id=375421

MissingVersion

Summary: Missing application name/version

Priority: 2 / 10
Severity: Warning
Category: Correctness

You should define the version information for your application.
android:versionCode: An integer value that represents the version of the
application code, relative to other versions.

android:versionName: A string value that represents the release version of the
application code, as it should be shown to users.

More information:
http://developer.android.com/tools/publishing/versioning.html#appversioning

Orientation

Summary: Missing explicit orientation

Priority: 2 / 10
Severity: Error
Category: Correctness

The default orientation of a LinearLayout is horizontal. It's pretty easy to
believe that the layout is vertical, add multiple children to it, and wonder
why only the first child is visible (when the subsequent children are off
screen to the right). This lint rule helps pinpoint this issue by warning
whenever a LinearLayout is used with an implicit orientation and multiple
children.

It also checks for empty LinearLayouts without an orientation attribute that
also defines an id attribute. This catches the scenarios where children will
be added to the LinearLayout dynamically.

PxUsage

Summary: Using 'px' dimension

Priority: 2 / 10
Severity: Warning
Category: Correctness

For performance reasons and to keep the code simpler, the Android system uses
pixels as the standard unit for expressing dimension or coordinate values.
That means that the dimensions of a view are always expressed in the code
using pixels, but always based on the current screen density. For instance, if
myView.getWidth() returns 10, the view is 10 pixels wide on the current
screen, but on a device with a higher density screen, the value returned might
be 15. If you use pixel values in your application code to work with bitmaps
that are not pre-scaled for the current screen density, you might need to
scale the pixel values that you use in your code to match the un-scaled bitmap
source.

More information:
http://developer.android.com/guide/practices/screens_support.html#screen-independence

SupportAnnotationUsage

Summary: Incorrect support annotation usage

Priority: 2 / 10
Severity: Error
Category: Correctness

This lint check makes sure that the support annotations (such as @IntDef and
@ColorInt) are used correctly. For example, it's an error to specify an
@IntRange where the from value is higher than the to value.

Correctness:Messages

StringFormatInvalid

Summary: Invalid format string

Priority: 9 / 10
Severity: Error
Category: Correctness:Messages

If a string contains a '%' character, then the string may be a formatting
string which will be passed to String.format from Java code to replace each
'%' occurrence with specific values.

This lint warning checks for two related problems:
(1) Formatting strings that are invalid, meaning that String.format will throw
exceptions at runtime when attempting to use the format string.
(2) Strings containing '%' that are not formatting strings getting passed to a
String.format call. In this case the '%' will need to be escaped as '%%'.

NOTE: Not all Strings which look like formatting strings are intended for use
by String.format; for example, they may contain date formats intended for
android.text.format.Time#format(). Lint cannot always figure out that a String
is a date format, so you may get false warnings in those scenarios. See the
suppress help topic for information on how to suppress errors in that case.

StringFormatMatches

Summary: String.format string doesn't match the XML format string

Priority: 9 / 10
Severity: Error
Category: Correctness:Messages

This lint check ensures the following:
(1) If there are multiple translations of the format string, then all
translations use the same type for the same numbered arguments
(2) The usage of the format string in Java is consistent with the format
string, meaning that the parameter types passed to String.format matches those
in the format string.

MissingQuantity

Summary: Missing quantity translation

Priority: 8 / 10
Severity: Error
Category: Correctness:Messages

Different languages have different rules for grammatical agreement with
quantity. In English, for example, the quantity 1 is a special case. We write
"1 book", but for any other quantity we'd write "n books". This distinction
between singular and plural is very common, but other languages make finer
distinctions.

This lint check looks at each translation of a <plural> and makes sure that
all the quantity strings considered by the given language are provided by this
translation.

For example, an English translation must provide a string for quantity="one".
Similarly, a Czech translation must provide a string for quantity="few".

More information:
http://developer.android.com/guide/topics/resources/string-resource.html#Plurals

MissingTranslation

Summary: Incomplete translation

Priority: 8 / 10
Severity: Fatal
Category: Correctness:Messages

If an application has more than one locale, then all the strings declared in
one language should also be translated in all other languages.

If the string should not be translated, you can add the attribute
translatable="false" on the <string> element, or you can define all your
non-translatable strings in a resource file called donottranslate.xml. Or, you
can ignore the issue with a tools:ignore="MissingTranslation" attribute.

By default this detector allows regions of a language to just provide a subset
of the strings and fall back to the standard language strings. You can require
all regions to provide a full translation by setting the environment variable
ANDROID_LINT_COMPLETE_REGIONS.

You can tell lint (and other tools) which language is the default language in
your res/values/ folder by specifying tools:locale="languageCode" for the root
<resources> element in your resource file. (The tools prefix refers to the
namespace declaration http://schemas.android.com/tools.)

Typos

Summary: Spelling error

Priority: 7 / 10
Severity: Warning
Category: Correctness:Messages

This check looks through the string definitions, and if it finds any words
that look like likely misspellings, they are flagged.

ExtraTranslation

Summary: Extra translation

Priority: 6 / 10
Severity: Fatal
Category: Correctness:Messages

If a string appears in a specific language translation file, but there is no
corresponding string in the default locale, then this string is probably
unused. (It's technically possible that your application is only intended to
run in a specific locale, but it's still a good idea to provide a fallback.).

Note that these strings can lead to crashes if the string is looked up on any
locale not providing a translation, so it's important to clean them up.

ImpliedQuantity

Summary: Implied Quantities

Priority: 5 / 10
Severity: Error
Category: Correctness:Messages

Plural strings should generally include a %s or %d formatting argument. In
locales like English, the one quantity only applies to a single value, 1, but
that's not true everywhere. For example, in Slovene, the one quantity will
apply to 1, 101, 201, 301, and so on. Similarly, there are locales where
multiple values match the zero and two quantities.

In these locales, it is usually an error to have a message which does not
include a formatting argument (such as '%d'), since it will not be clear from
the grammar what quantity the quantity string is describing.

More information:
http://developer.android.com/guide/topics/resources/string-resource.html#Plurals

PluralsCandidate

Summary: Potential Plurals

Priority: 5 / 10
Severity: Warning
Category: Correctness:Messages

This lint check looks for potential errors in internationalization where you
have translated a message which involves a quantity and it looks like other
parts of the string may need grammatical changes.

For example, rather than something like this:
<string name="try_again">Try again in %d seconds.</string>
you should be using a plural:
<plurals name="try_again">
<item quantity="one">Try again in %d second</item>
<item quantity="other">Try again in %d seconds</item>
</plurals>
This will ensure that in other languages the right set of translations are
provided for the different quantity classes.

(This check depends on some heuristics, so it may not accurately determine
whether a string really should be a quantity. You can use tools:ignore to
filter out false positives.

More information:
http://developer.android.com/guide/topics/resources/string-resource.html#Plurals

StringFormatCount

Summary: Formatting argument types incomplete or inconsistent

Priority: 5 / 10
Severity: Warning
Category: Correctness:Messages

When a formatted string takes arguments, it usually needs to reference the
same arguments in all translations (or all arguments if there are no
translations.

There are cases where this is not the case, so this issue is a warning rather
than an error by default. However, this usually happens when a language is not
translated or updated correctly.

UnusedQuantity

Summary: Unused quantity translations

Priority: 3 / 10
Severity: Warning
Category: Correctness:Messages

Android defines a number of different quantity strings, such as zero, one, few
and many. However, many languages do not distinguish grammatically between all
these different quantities.

This lint check looks at the quantity strings defined for each translation and
flags any quantity strings that are unused (because the language does not make
that quantity distinction, and Android will therefore not look it up.).

For example, in Chinese, only the other quantity is used, so even if you
provide translations for zero and one, these strings will not be returned when
getQuantityString() is called, even with 0 or 1.

More information:
http://developer.android.com/guide/topics/resources/string-resource.html#Plurals

Security

AddJavascriptInterface

Summary: addJavascriptInterface Called

Priority: 9 / 10
Severity: Warning
Category: Security

For applications built for API levels below 17, WebView#addJavascriptInterface
presents a security hazard as JavaScript on the target web page has the
ability to use reflection to access the injected object's public fields and
thus manipulate the host application in unintended ways.

More information:
https://labs.mwrinfosecurity.com/blog/2013/09/24/webview-addjavascriptinterface-remote-code-execution/

GetInstance

Summary: Cipher.getInstance with ECB

Priority: 9 / 10
Severity: Warning
Category: Security

Cipher#getInstance should not be called with ECB as the cipher mode or without
setting the cipher mode because the default mode on android is ECB, which is
insecure.

SecureRandom

Summary: Using a fixed seed with SecureRandom

Priority: 9 / 10
Severity: Warning
Category: Security

Specifying a fixed seed will cause the instance to return a predictable
sequence of numbers. This may be useful for testing but it is not appropriate
for secure use.

More information:
http://developer.android.com/reference/java/security/SecureRandom.html

TrulyRandom

Summary: Weak RNG

Priority: 9 / 10
Severity: Warning
Category: Security

Key generation, signing, encryption, and random number generation may not
receive cryptographically strong values due to improper initialization of the
underlying PRNG on Android 4.3 and below.

If your application relies on cryptographically secure random number
generation you should apply the workaround described in
https://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.htm
.

This lint rule is mostly informational; it does not accurately detect whether
cryptographically secure RNG is required, or whether the workaround has
already been applied. After reading the blog entry and updating your code if
necessary, you can disable this lint issue.

More information:
https://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html

VulnerableCordovaVersion

Summary: Vulnerable Cordova Version

Priority: 9 / 10
Severity: Warning
Category: Security

The version of Cordova used in the app is vulnerable to security issues.
Please update to the latest Apache Cordova version.

More information:
https://cordova.apache.org/announcements/2015/11/20/security.html

ExportedPreferenceActivity

Summary: PreferenceActivity should not be exported

Priority: 8 / 10
Severity: Warning
Category: Security

Fragment injection gives anyone who can send your PreferenceActivity an intent
the ability to load any fragment, with any arguments, in your process.

More information:
http://securityintelligence.com/new-vulnerability-android-framework-fragment-injection

JavascriptInterface

Summary: Missing @JavascriptInterface on methods

Priority: 8 / 10
Severity: Error
Category: Security

As of API 17, you must annotate methods in objects registered with the
addJavascriptInterface method with a @JavascriptInterface annotation.

More information:
http://developer.android.com/reference/android/webkit/WebView.html#addJavascriptInterface(java.lang.Object, java.lang.String)

PackageManagerGetSignatures

Summary: Potential Multiple Certificate Exploit

Priority: 8 / 10
Severity: Information
Category: Security

Improper validation of app signatures could lead to issues where a malicious
app submits itself to the Play Store with both its real certificate and a fake
certificate and gains access to functionality or information it shouldn't have
due to another application only checking for the fake certificate and ignoring
the rest. Please make sure to validate all signatures returned by this
method.

More information:
https://bluebox.com/technical/android-fake-id-vulnerability/

PackagedPrivateKey

Summary: Packaged private key

Priority: 8 / 10
Severity: Fatal
Category: Security

In general, you should not package private key files inside your app.

GrantAllUris

Summary: Content provider shares everything

Priority: 7 / 10
Severity: Warning
Category: Security

The <grant-uri-permission> element allows specific paths to be shared. This
detector checks for a path URL of just '/' (everything), which is probably not
what you want; you should limit access to a subset.

AllowAllHostnameVerifier

Summary: Insecure HostnameVerifier

Priority: 6 / 10
Severity: Warning
Category: Security

This check looks for use of HostnameVerifier implementations whose verify
method always returns true (thus trusting any hostname) which could result in
insecure network traffic caused by trusting arbitrary hostnames in TLS/SSL
certificates presented by peers.

AuthLeak

Summary: Code might contain an auth leak

Priority: 6 / 10
Severity: Warning
Category: Security

Strings in java apps can be discovered by decompiling apps, this lint check
looks for code which looks like it may contain an url with a username and
password

BadHostnameVerifier

Summary: Insecure HostnameVerifier

Priority: 6 / 10
Severity: Warning
Category: Security

This check looks for implementations of HostnameVerifier whose verify method
always returns true (thus trusting any hostname) which could result in
insecure network traffic caused by trusting arbitrary hostnames in TLS/SSL
certificates presented by peers.

EasterEgg

Summary: Code contains easter egg

Priority: 6 / 10
Severity: Warning
Category: Security
NOTE: This issue is disabled by default!
You can enable it by adding --enable EasterEgg

An "easter egg" is code deliberately hidden in the code, both from potential
users and even from other developers. This lint check looks for code which
looks like it may be hidden from sight.

HardwareIds

Summary: Hardware Id Usage

Priority: 6 / 10
Severity: Warning
Category: Security

Using device identifiers is not recommended other than for high value fraud
prevention and advanced telephony use-cases. For advertising use-cases, use
AdvertisingIdClient$Info#getId and for analytics, use InstanceId#getId.

More information:
https://developer.android.com/training/articles/user-data-ids.html

SSLCertificateSocketFactoryCreateSocket

Summary: Insecure call to SSLCertificateSocketFactory.createSocket()

Priority: 6 / 10
Severity: Warning
Category: Security

When SSLCertificateSocketFactory.createSocket() is called with an InetAddress
as the first parameter, TLS/SSL hostname verification is not performed, which
could result in insecure network traffic caused by trusting arbitrary
hostnames in TLS/SSL certificates presented by peers. In this case, developers
must ensure that the InetAddress is explicitly verified against the
certificate through other means, such as by calling
`SSLCertificateSocketFactory.getDefaultHostnameVerifier() to get a
HostnameVerifier and calling HostnameVerifier.verify().

SSLCertificateSocketFactoryGetInsecure

Summary: Call to SSLCertificateSocketFactory.getInsecure()

Priority: 6 / 10
Severity: Warning
Category: Security

The SSLCertificateSocketFactory.getInsecure() method returns an
SSLSocketFactory with all TLS/SSL security checks disabled, which could result
in insecure network traffic caused by trusting arbitrary TLS/SSL certificates
presented by peers. This method should be avoided unless needed for a special
circumstance such as debugging. Instead,
SSLCertificateSocketFactory.getDefault() should be used.

SetJavaScriptEnabled

Summary: Using setJavaScriptEnabled

Priority: 6 / 10
Severity: Warning
Category: Security

Your code should not invoke setJavaScriptEnabled if you are not sure that your
app really requires JavaScript support.

More information:
http://developer.android.com/guide/practices/security.html

SetWorldReadable

Summary: File.setReadable() used to make file world-readable

Priority: 6 / 10
Severity: Warning
Category: Security

Setting files world-readable is very dangerous, and likely to cause security
holes in applications. It is strongly discouraged; instead, applications
should use more formal mechanisms for interactions such as ContentProvider,
BroadcastReceiver, and Service.

SetWorldWritable

Summary: File.setWritable() used to make file world-writable

Priority: 6 / 10
Severity: Warning
Category: Security

Setting files world-writable is very dangerous, and likely to cause security
holes in applications. It is strongly discouraged; instead, applications
should use more formal mechanisms for interactions such as ContentProvider,
BroadcastReceiver, and Service.

TrustAllX509TrustManager

Summary: Insecure TLS/SSL trust manager

Priority: 6 / 10
Severity: Warning
Category: Security

This check looks for X509TrustManager implementations whose checkServerTrusted
or checkClientTrusted methods do nothing (thus trusting any certificate chain)
which could result in insecure network traffic caused by trusting arbitrary
TLS/SSL certificates presented by peers.

UnprotectedSMSBroadcastReceiver

Summary: Unprotected SMS BroadcastReceiver

Priority: 6 / 10
Severity: Warning
Category: Security

BroadcastReceivers that declare an intent-filter for SMS_DELIVER or
SMS_RECEIVED must ensure that the caller has the BROADCAST_SMS permission,
otherwise it is possible for malicious actors to spoof intents.

UnsafeProtectedBroadcastReceiver

Summary: Unsafe Protected BroadcastReceiver

Priority: 6 / 10
Severity: Warning
Category: Security

BroadcastReceivers that declare an intent-filter for a protected-broadcast
action string must check that the received intent's action string matches the
expected value, otherwise it is possible for malicious actors to spoof
intents.

UseCheckPermission

Summary: Using the result of check permission calls

Priority: 6 / 10
Severity: Warning
Category: Security

You normally want to use the result of checking a permission; these methods
return whether the permission is held; they do not throw an error if the
permission is not granted. Code which does not do anything with the return
value probably meant to be calling the enforce methods instead, e.g. rather
than Context#checkCallingPermission it should call
Context#enforceCallingPermission.

UsingHttp

Summary: Using HTTP instead of HTTPS

Priority: 6 / 10
Severity: Warning
Category: Security

The Gradle Wrapper is available both via HTTP and HTTPS. HTTPS is more secure
since it protects against man-in-the-middle attacks etc. Older projects
created in Android Studio used HTTP but we now default to HTTPS and recommend
upgrading existing projects.

WrongConstant

Summary: Incorrect constant

Priority: 6 / 10
Severity: Error
Category: Security

Ensures that when parameter in a method only allows a specific set of
constants, calls obey those rules.

ExportedContentProvider

Summary: Content provider does not require permission

Priority: 5 / 10
Severity: Warning
Category: Security

Content providers are exported by default and any application on the system
can potentially use them to read and write data. If the content provider
provides access to sensitive data, it should be protected by specifying
export=false in the manifest or by protecting it with a permission that can be
granted to other applications.

ExportedReceiver

Summary: Receiver does not require permission

Priority: 5 / 10
Severity: Warning
Category: Security

Exported receivers (receivers which either set exported=true or contain an
intent-filter and do not specify exported=false) should define a permission
that an entity must have in order to launch the receiver or bind to it.
Without this, any application can use this receiver.

ExportedService

Summary: Exported service does not require permission

Priority: 5 / 10
Severity: Warning
Category: Security

Exported services (services which either set exported=true or contain an
intent-filter and do not specify exported=false) should define a permission
that an entity must have in order to launch the service or bind to it. Without
this, any application can use this service.

HardcodedDebugMode

Summary: Hardcoded value of android:debuggable in the manifest

Priority: 5 / 10
Severity: Fatal
Category: Security

It's best to leave out the android:debuggable attribute from the manifest. If
you do, then the tools will automatically insert android:debuggable=true when
building an APK to debug on an emulator or device. And when you perform a
release build, such as Exporting APK, it will automatically set it to false.

If on the other hand you specify a specific value in the manifest file, then
the tools will always use it. This can lead to accidentally publishing your
app with debug information.

InvalidPermission

Summary: Invalid Permission Attribute

Priority: 5 / 10
Severity: Error
Category: Security

Not all elements support the permission attribute. If a permission is set on
an invalid element, it is a no-op and ignored. Ensure that this permission
attribute was set on the correct element to protect the correct component.

SignatureOrSystemPermissions

Summary: signatureOrSystem permissions declared

Priority: 5 / 10
Severity: Warning
Category: Security

The signature protection level should probably be sufficient for most needs
and works regardless of where applications are installed. The
signatureOrSystem level is used for certain situations where multiple vendors
have applications built into a system image and need to share specific
features explicitly because they are being built together.

UnsafeDynamicallyLoadedCode

Summary: load used to dynamically load code

Priority: 4 / 10
Severity: Warning
Category: Security

Dynamically loading code from locations other than the application's library
directory or the Android platform's built-in library directories is dangerous,
as there is an increased risk that the code could have been tampered with.
Applications should use loadLibrary when possible, which provides increased
assurance that libraries are loaded from one of these safer locations.
Application developers should use the features of their development
environment to place application native libraries into the lib directory of
their compiled APKs.

UnsafeNativeCodeLocation

Summary: Native code outside library directory

Priority: 4 / 10
Severity: Warning
Category: Security

In general, application native code should only be placed in the application's
library directory, not in other locations such as the res or assets
directories. Placing the code in the library directory provides increased
assurance that the code will not be tampered with after application
installation. Application developers should use the features of their
development environment to place application native libraries into the lib
directory of their compiled APKs. Embedding non-shared library native
executables into applications should be avoided when possible.

WorldReadableFiles

Summary: openFileOutput() or similar call passing MODE_WORLD_READABLE

Priority: 4 / 10
Severity: Warning
Category: Security

There are cases where it is appropriate for an application to write world
readable files, but these should be reviewed carefully to ensure that they
contain no private data that is leaked to other applications.

WorldWriteableFiles

Summary: openFileOutput() or similar call passing MODE_WORLD_WRITEABLE

Priority: 4 / 10
Severity: Warning
Category: Security

There are cases where it is appropriate for an application to write world
writeable files, but these should be reviewed carefully to ensure that they
contain no private data, and that if the file is modified by a malicious
application it does not trick or compromise your application.

AllowBackup

Summary: AllowBackup/FullBackupContent Problems

Priority: 3 / 10
Severity: Warning
Category: Security

The allowBackup attribute determines if an application's data can be backed up
and restored. It is documented at
http://developer.android.com/reference/android/R.attr.html#allowBackup

By default, this flag is set to true. When this flag is set to true,
application data can be backed up and restored by the user using adb backup
and adb restore.

This may have security consequences for an application. adb backup allows
users who have enabled USB debugging to copy application data off of the
device. Once backed up, all application data can be read by the user. adb
restore allows creation of application data from a source specified by the
user. Following a restore, applications should not assume that the data, file
permissions, and directory permissions were created by the application
itself.

Setting allowBackup="false" opts an application out of both backup and
restore.

To fix this warning, decide whether your application should support backup,
and explicitly set android:allowBackup=(true|false)".

If not set to false, and if targeting API 23 or later, lint will also warn
that you should set android:fullBackupContent to configure auto backup.

More information:
https://developer.android.com/training/backup/autosyncapi.html
http://developer.android.com/reference/android/R.attr.html#allowBackup

Performance

DrawAllocation

Summary: Memory allocations within drawing code

Priority: 9 / 10
Severity: Warning
Category: Performance

You should avoid allocating objects during a drawing or layout operation.
These are called frequently, so a smooth UI can be interrupted by garbage
collection pauses caused by the object allocations.

The way this is generally handled is to allocate the needed objects up front
and to reuse them for each drawing operation.

Some methods allocate memory on your behalf (such as Bitmap.create), and these
should be handled in the same way.

Wakelock

Summary: Incorrect WakeLock usage

Priority: 9 / 10
Severity: Warning
Category: Performance

Failing to release a wakelock properly can keep the Android device in a high
power mode, which reduces battery life. There are several causes of this, such
as releasing the wake lock in onDestroy() instead of in onPause(), failing to
call release() in all possible code paths after an acquire(), and so on.

NOTE: If you are using the lock just to keep the screen on, you should
strongly consider using FLAG_KEEP_SCREEN_ON instead. This window flag will be
correctly managed by the platform as the user moves between applications and
doesn't require a special permission. See
http://developer.android.com/reference/android/view/WindowManager.LayoutParams
html#FLAG_KEEP_SCREEN_ON.

Recycle

Summary: Missing recycle() calls

Priority: 7 / 10
Severity: Warning
Category: Performance

Many resources, such as TypedArrays, VelocityTrackers, etc., should be
recycled (with a recycle() call) after use. This lint check looks for missing
recycle() calls.

ObsoleteLayoutParam

Summary: Obsolete layout params

Priority: 6 / 10
Severity: Warning
Category: Performance

The given layout_param is not defined for the given layout, meaning it has no
effect. This usually happens when you change the parent layout or move view
code around without updating the layout params. This will cause useless
attribute processing at runtime, and is misleading for others reading the
layout so the parameter should be removed.

ObsoleteSdkInt

Summary: Obsolete SDK_INT Version Check

Priority: 6 / 10
Severity: Warning
Category: Performance

This check flags version checks that are not necessary, because the
minSdkVersion (or surrounding known API level) is already at least as high as
the version checked for.

StaticFieldLeak

Summary: Static Field Leaks

Priority: 6 / 10
Severity: Warning
Category: Performance

A static field will leak contexts.

UseCompoundDrawables

Summary: Node can be replaced by a TextView with compound drawables

Priority: 6 / 10
Severity: Warning
Category: Performance

A LinearLayout which contains an ImageView and a TextView can be more
efficiently handled as a compound drawable (a single TextView, using the
drawableTop, drawableLeft, drawableRight and/or drawableBottom attributes to
draw one or more images adjacent to the text).

If the two widgets are offset from each other with margins, this can be
replaced with a drawablePadding attribute.

There's a lint quickfix to perform this conversion in the Eclipse plugin.

ViewTag

Summary: Tagged object leaks

Priority: 6 / 10
Severity: Warning
Category: Performance

Prior to Android 4.0, the implementation of View.setTag(int, Object) would
store the objects in a static map, where the values were strongly referenced.
This means that if the object contains any references pointing back to the
context, the context (which points to pretty much everything else) will leak.
If you pass a view, the view provides a reference to the context that created
it. Similarly, view holders typically contain a view, and cursors are
sometimes also associated with views.

WearableBindListener

Summary: Usage of Android Wear BIND_LISTENER is deprecated

Priority: 6 / 10
Severity: Fatal
Category: Performance

BIND_LISTENER receives all Android Wear events whether the application needs
them or not. This can be inefficient and cause applications to wake up
unnecessarily. With Google Play Services 8.2.0 or later it is recommended to
use a more efficient combination of manifest listeners and api-based live
listeners filtered by action, path and/or path prefix.

More information:
http://tools.android.com/tech-docs/bind-listener

LogConditional

Summary: Unconditional Logging Calls

Priority: 5 / 10
Severity: Warning
Category: Performance
NOTE: This issue is disabled by default!
You can enable it by adding --enable LogConditional

The BuildConfig class (available in Tools 17) provides a constant, "DEBUG",
which indicates whether the code is being built in release mode or in debug
mode. In release mode, you typically want to strip out all the logging calls.
Since the compiler will automatically remove all code which is inside a "if
(false)" check, surrounding your logging calls with a check for
BuildConfig.DEBUG is a good idea.

If you really intend for the logging to be present in release mode, you can
suppress this warning with a @SuppressLint annotation for the intentional
logging calls.

ViewHolder

Summary: View Holder Candidates

Priority: 5 / 10
Severity: Warning
Category: Performance

When implementing a view Adapter, you should avoid unconditionally inflating a
new layout; if an available item is passed in for reuse, you should try to use
that one instead. This helps make for example ListView scrolling much
smoother.

More information:
http://developer.android.com/training/improving-layouts/smooth-scrolling.html#ViewHolder

AnimatorKeep

Summary: Missing @Keep for Animated Properties

Priority: 4 / 10
Severity: Warning
Category: Performance

When you use property animators, properties can be accessed via reflection.
Those methods should be annotated with @Keep to ensure that during release
builds, the methods are not potentially treated as unused and removed, or
treated as internal only and get renamed to something shorter.

This check will also flag other potential reflection problems it encounters,
such as a missing property, wrong argument types, etc.

DuplicateDivider

Summary: Unnecessary Divider Copy

Priority: 4 / 10
Severity: Warning
Category: Performance

Older versions of the RecyclerView library did not include a divider
decorator, but one was provided as a sample in the support demos. This divider
class has been widely copy/pasted into various projects.

In recent versions of the support library, the divider decorator is now
included, so you can replace custom copies with the "built-in" version,
android.support.v7.widget.DividerItemDecoration.

FieldGetter

Summary: Using getter instead of field

Priority: 4 / 10
Severity: Warning
Category: Performance
NOTE: This issue is disabled by default!
You can enable it by adding --enable FieldGetter

Accessing a field within the class that defines a getter for that field is at
least 3 times faster than calling the getter. For simple getters that do
nothing other than return the field, you might want to just reference the
local field directly instead.

NOTE: As of Android 2.3 (Gingerbread), this optimization is performed
automatically by Dalvik, so there is no need to change your code; this is only
relevant if you are targeting older versions of Android.

More information:
http://developer.android.com/guide/practices/design/performance.html#internal_get_set

HandlerLeak

Summary: Handler reference leaks

Priority: 4 / 10
Severity: Warning
Category: Performance

Since this Handler is declared as an inner class, it may prevent the outer
class from being garbage collected. If the Handler is using a Looper or
MessageQueue for a thread other than the main thread, then there is no issue.
If the Handler is using the Looper or MessageQueue of the main thread, you
need to fix your Handler declaration, as follows: Declare the Handler as a
static class; In the outer class, instantiate a WeakReference to the outer
class and pass this object to your Handler when you instantiate the Handler;
Make all references to members of the outer class using the WeakReference
object.

MergeRootFrame

Summary: FrameLayout can be replaced with <merge> tag

Priority: 4 / 10
Severity: Warning
Category: Performance

If a <FrameLayout> is the root of a layout and does not provide background or
padding etc, it can often be replaced with a <merge> tag which is slightly
more efficient. Note that this depends on context, so make sure you understand
how the <merge> tag works before proceeding.

More information:
http://android-developers.blogspot.com/2009/03/android-layout-tricks-3-optimize-by.html

UseOfBundledGooglePlayServices

Summary: Use of bundled version of Google Play services

Priority: 4 / 10
Severity: Warning
Category: Performance

Google Play services SDK's can be selectively included, which enables a
smaller APK size. Consider declaring dependencies on individual Google Play
services SDK's. If you are using Firebase API's
(http://firebase.google.com/docs/android/setup), Android Studio's Tools \u2192
Firebase assistant window can automatically add just the dependencies needed
for each feature.

More information:
http://developers.google.com/android/guides/setup#split

UseSparseArrays

Summary: HashMap can be replaced with SparseArray

Priority: 4 / 10
Severity: Warning
Category: Performance

For maps where the keys are of type integer, it's typically more efficient to
use the Android SparseArray API. This check identifies scenarios where you
might want to consider using SparseArray instead of HashMap for better
performance.

This is particularly useful when the value types are primitives like ints,
where you can use SparseIntArray and avoid auto-boxing the values from int to
Integer.

If you need to construct a HashMap because you need to call an API outside of
your control which requires a Map, you can suppress this warning using for
example the @SuppressLint annotation.

UseValueOf

Summary: Should use valueOf instead of new

Priority: 4 / 10
Severity: Warning
Category: Performance

You should not call the constructor for wrapper classes directly, such asnew Integer(42). Instead, call the valueOf factory method, such as
Integer.valueOf(42). This will typically use less memory because common
integers such as 0 and 1 will share a single instance.

DisableBaselineAlignment

Summary: Missing baselineAligned attribute

Priority: 3 / 10
Severity: Warning
Category: Performance

When a LinearLayout is used to distribute the space proportionally between
nested layouts, the baseline alignment property should be turned off to make
the layout computation faster.

FloatMath

Summary: Using FloatMath instead of Math

Priority: 3 / 10
Severity: Warning
Category: Performance

In older versions of Android, using android.util.FloatMath was recommended for
performance reasons when operating on floats. However, on modern hardware
doubles are just as fast as float (though they take more memory), and in
recent versions of Android, FloatMath is actually slower than using
java.lang.Math due to the way the JIT optimizes java.lang.Math. Therefore, you
should use Math instead of FloatMath if you are only targeting Froyo and
above.

More information:
http://developer.android.com/guide/practices/design/performance.html#avoidfloat

InefficientWeight

Summary: Inefficient layout weight

Priority: 3 / 10
Severity: Warning
Category: Performance

When only a single widget in a LinearLayout defines a weight, it is more
efficient to assign a width/height of 0dp to it since it will absorb all the
remaining space anyway. With a declared width/height of 0dp it does not have
to measure its own size first.

NestedWeights

Summary: Nested layout weights

Priority: 3 / 10
Severity: Warning
Category: Performance

Layout weights require a widget to be measured twice. When a LinearLayout with
non-zero weights is nested inside another LinearLayout with non-zero weights,
then the number of measurements increase exponentially.

Overdraw

Summary: Overdraw: Painting regions more than once

Priority: 3 / 10
Severity: Warning
Category: Performance

If you set a background drawable on a root view, then you should use a custom
theme where the theme background is null. Otherwise, the theme background will
be painted first, only to have your custom background completely cover it;
this is called "overdraw".

NOTE: This detector relies on figuring out which layouts are associated with
which activities based on scanning the Java code, and it's currently doing
that using an inexact pattern matching algorithm. Therefore, it can
incorrectly conclude which activity the layout is associated with and then
wrongly complain that a background-theme is hidden.

If you want your custom background on multiple pages, then you should consider
making a custom theme with your custom background and just using that theme
instead of a root element background.

Of course it's possible that your custom drawable is translucent and you want
it to be mixed with the background. However, you will get better performance
if you pre-mix the background with your drawable and use that resulting image
or color as a custom theme background instead.

UnusedResources

Summary: Unused resources

Priority: 3 / 10
Severity: Warning
Category: Performance

Unused resources make applications larger and slow down builds.

UselessLeaf

Summary: Useless leaf layout

Priority: 2 / 10
Severity: Warning
Category: Performance

A layout that has no children or no background can often be removed (since it
is invisible) for a flatter and more efficient layout hierarchy.

UselessParent

Summary: Useless parent layout

Priority: 2 / 10
Severity: Warning
Category: Performance

A layout with children that has no siblings, is not a scrollview or a root
layout, and does not have a background, can be removed and have its children
moved directly into the parent for a flatter and more efficient layout
hierarchy.

TooDeepLayout

Summary: Layout hierarchy is too deep

Priority: 1 / 10
Severity: Warning
Category: Performance

Layouts with too much nesting is bad for performance. Consider using a flatter
layout (such as RelativeLayout or GridLayout).The default maximum depth is 10
but can be configured with the environment variable ANDROID_LINT_MAX_DEPTH.

TooManyViews

Summary: Layout has too many views

Priority: 1 / 10
Severity: Warning
Category: Performance

Using too many views in a single layout is bad for performance. Consider using
compound drawables or other tricks for reducing the number of views in this
layout.

The maximum view count defaults to 80 but can be configured with the
environment variable ANDROID_LINT_MAX_VIEW_COUNT.

UnusedIds

Summary: Unused id

Priority: 1 / 10
Severity: Warning
Category: Performance
NOTE: This issue is disabled by default!
You can enable it by adding --enable UnusedIds

This resource id definition appears not to be needed since it is not
referenced from anywhere. Having id definitions, even if unused, is not
necessarily a bad idea since they make working on layouts and menus easier, so
there is not a strong reason to delete these.

UnusedNamespace

Summary: Unused namespace

Priority: 1 / 10
Severity: Warning
Category: Performance

Unused namespace declarations take up space and require processing that is not
necessary

Usability:Typography

AllCaps

Summary: Combining textAllCaps and markup

Priority: 8 / 10
Severity: Warning
Category: Usability:Typography

The textAllCaps text transform will end up calling toString on the
CharSequence, which has the net effect of removing any markup such as <b>.
This check looks for usages of strings containing markup that also specify
textAllCaps=true.

TypographyDashes

Summary: Hyphen can be replaced with dash

Priority: 5 / 10
Severity: Warning
Category: Usability:Typography

The "n dash" (–, –) and the "m dash" (—, —) characters are used
for ranges (n dash) and breaks (m dash). Using these instead of plain hyphens
can make text easier to read and your application will look more polished.

More information:
http://en.wikipedia.org/wiki/Dash

TypographyEllipsis

Summary: Ellipsis string can be replaced with ellipsis character

Priority: 5 / 10
Severity: Warning
Category: Usability:Typography

You can replace the string "..." with a dedicated ellipsis character, ellipsis
character (…, …). This can help make the text more readable.

More information:
http://en.wikipedia.org/wiki/Ellipsis

TypographyFractions

Summary: Fraction string can be replaced with fraction character

Priority: 5 / 10
Severity: Warning
Category: Usability:Typography

You can replace certain strings, such as 1/2, and 1/4, with dedicated
characters for these, such as ½ (½) and ¼ (¼). This can help make
the text more readable.

More information:
http://en.wikipedia.org/wiki/Number_Forms

TypographyQuotes

Summary: Straight quotes can be replaced with curvy quotes

Priority: 5 / 10
Severity: Warning
Category: Usability:Typography
NOTE: This issue is disabled by default!
You can enable it by adding --enable TypographyQuotes

Straight single quotes and double quotes, when used as a pair, can be replaced
by "curvy quotes" (or directional quotes). This can make the text more
readable.

Note that you should never use grave accents and apostrophes to quote, `like
this'.

(Also note that you should not use curvy quotes for code fragments.)

More information:
http://en.wikipedia.org/wiki/Quotation_mark

TypographyOther

Summary: Other typographical problems

Priority: 3 / 10
Severity: Warning
Category: Usability:Typography

This check looks for miscellaneous typographical problems and offers
replacement sequences that will make the text easier to read and your
application more polished.

Usability:Icons

IconNoDpi

Summary: Icon appears in both -nodpi and dpi folders

Priority: 7 / 10
Severity: Warning
Category: Usability:Icons

Bitmaps that appear in drawable-nodpi folders will not be scaled by the
Android framework. If a drawable resource of the same name appears both in a
-nodpi folder as well as a dpi folder such as drawable-hdpi, then the behavior
is ambiguous and probably not intentional. Delete one or the other, or use
different names for the icons.

IconXmlAndPng

Summary: Icon is specified both as .xml file and as a bitmap

Priority: 7 / 10
Severity: Warning
Category: Usability:Icons

If a drawable resource appears as an .xml file in the drawable/ folder, it's
usually not intentional for it to also appear as a bitmap using the same name;
generally you expect the drawable XML file to define states and each state has
a corresponding drawable bitmap.

IconColors

Summary: Icon colors do not follow the recommended visual style

Priority: 6 / 10
Severity: Warning
Category: Usability:Icons

Notification icons and Action Bar icons should only white and shades of gray.
See the Android Design Guide for more details. Note that the way Lint decides
whether an icon is an action bar icon or a notification icon is based on the
filename prefix: ic_menu_ for action bar icons, ic_stat_ for notification
icons etc. These correspond to the naming conventions documented in
http://developer.android.com/guide/practices/ui_guidelines/icon_design.html

More information:
http://developer.android.com/design/style/iconography.html

IconLauncherShape

Summary: The launcher icon shape should use a distinct silhouette

Priority: 6 / 10
Severity: Warning
Category: Usability:Icons

According to the Android Design Guide
(http://developer.android.com/design/style/iconography.html) your launcher
icons should "use a distinct silhouette", a "three-dimensional, front view,
with a slight perspective as if viewed from above, so that users perceive some
depth."

The unique silhouette implies that your launcher icon should not be a filled
square.

More information:
http://developer.android.com/design/style/iconography.html

GifUsage

Summary: Using .gif format for bitmaps is discouraged

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

The .gif file format is discouraged. Consider using .png (preferred) or .jpg
(acceptable) instead.

More information:
http://developer.android.com/guide/topics/resources/drawable-resource.html#Bitmap

IconDipSize

Summary: Icon density-independent size validation

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

Checks the all icons which are provided in multiple densities, all compute to
roughly the same density-independent pixel (dip) size. This catches errors
where images are either placed in the wrong folder, or icons are changed to
new sizes but some folders are forgotten.

IconDuplicatesConfig

Summary: Identical bitmaps across various configurations

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

If an icon is provided under different configuration parameters such as
drawable-hdpi or -v11, they should typically be different. This detector
catches cases where the same icon is provided in different configuration
folder which is usually not intentional.

IconExpectedSize

Summary: Icon has incorrect size

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons
NOTE: This issue is disabled by default!
You can enable it by adding --enable IconExpectedSize

There are predefined sizes (for each density) for launcher icons. You should
follow these conventions to make sure your icons fit in with the overall look
of the platform.

More information:
http://developer.android.com/design/style/iconography.html

IconLocation

Summary: Image defined in density-independent drawable folder

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

The res/drawable folder is intended for density-independent graphics such as
shapes defined in XML. For bitmaps, move it to drawable-mdpi and consider
providing higher and lower resolution versions in drawable-ldpi, drawable-hdpi
and drawable-xhdpi. If the icon really is density independent (for example a
solid color) you can place it in drawable-nodpi.

More information:
http://developer.android.com/guide/practices/screens_support.html

IconMixedNinePatch

Summary: Clashing PNG and 9-PNG files

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

If you accidentally name two separate resources file.png and file.9.png, the
image file and the nine patch file will both map to the same drawable
resource, @drawable/file, which is probably not what was intended.

MipmapIcons

Summary: Use Mipmap Launcher Icons

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

Launcher icons should be provided in the mipmap resource directory. This is
the same as the drawable resource directory, except resources in the mipmap
directory will not get stripped out when creating density-specific APKs.

In certain cases, the Launcher app may use a higher resolution asset (than
would normally be computed for the device) to display large app shortcuts. If
drawables for densities other than the device's resolution have been stripped
out, then the app shortcut could appear blurry.

To fix this, move your launcher icons from drawable-dpi to mipmap-dpi and
change references from @drawable/ and R.drawable to @mipmap/ and R.mipmap.
In Android Studio this lint warning has a quickfix to perform this
automatically.

MissingApplicationIcon

Summary: Missing application icon

Priority: 5 / 10
Severity: Warning
Category: Usability:Icons

You should set an icon for the application as whole because there is no
default. This attribute must be set as a reference to a drawable resource
containing the image (for example @drawable/icon).

More information:
http://developer.android.com/tools/publishing/preparing.html#publishing-configure

IconDensities

Summary: Icon densities validation

Priority: 4 / 10
Severity: Warning
Category: Usability:Icons

Icons will look best if a custom version is provided for each of the major
screen density classes (low, medium, high, extra high). This lint check
identifies icons which do not have complete coverage across the densities.

Low density is not really used much anymore, so this check ignores the ldpi
density. To force lint to include it, set the environment variable
ANDROID_LINT_INCLUDE_LDPI=true. For more information on current density usage,
see http://developer.android.com/resources/dashboard/screens.html

More information:
http://developer.android.com/guide/practices/screens_support.html

IconDuplicates

Summary: Duplicated icons under different names

Priority: 3 / 10
Severity: Warning
Category: Usability:Icons

If an icon is repeated under different names, you can consolidate and just use
one of the icons and delete the others to make your application smaller.
However, duplicated icons usually are not intentional and can sometimes point
to icons that were accidentally overwritten or accidentally not updated.

IconExtension

Summary: Icon format does not match the file extension

Priority: 3 / 10
Severity: Warning
Category: Usability:Icons

Ensures that icons have the correct file extension (e.g. a .png file is really
in the PNG format and not for example a GIF file named .png.)

IconMissingDensityFolder

Summary: Missing density folder

Priority: 3 / 10
Severity: Warning
Category: Usability:Icons

Icons will look best if a custom version is provided for each of the major
screen density classes (low, medium, high, extra-high, extra-extra-high). This
lint check identifies folders which are missing, such as drawable-hdpi.

Low density is not really used much anymore, so this check ignores the ldpi
density. To force lint to include it, set the environment variable
ANDROID_LINT_INCLUDE_LDPI=true. For more information on current density usage,
see http://developer.android.com/resources/dashboard/screens.html

More information:
http://developer.android.com/guide/practices/screens_support.html

Usability

ButtonOrder

Summary: Button order

Priority: 8 / 10
Severity: Warning
Category: Usability

According to the Android Design Guide,

"Action buttons are typically Cancel and/or OK, with OK indicating the
preferred or most likely action. However, if the options consist of specific
actions such as Close or Wait rather than a confirmation or cancellation of
the action described in the content, then all the buttons should be active
verbs. As a rule, the dismissive action of a dialog is always on the left
whereas the affirmative actions are on the right."

This check looks for button bars and buttons which look like cancel buttons,
and makes sure that these are on the left.

More information:
http://developer.android.com/design/building-blocks/dialogs.html

SelectableText

Summary: Dynamic text should probably be selectable

Priority: 7 / 10
Severity: Warning
Category: Usability
NOTE: This issue is disabled by default!
You can enable it by adding --enable SelectableText

If a <TextView> is used to display data, the user might want to copy that data
and paste it elsewhere. To allow this, the <TextView> should specify
android:textIsSelectable="true".

This lint check looks for TextViews which are likely to be displaying data:
views whose text is set dynamically. This value will be ignored on platforms
older than API 11, so it is okay to set it regardless of your minSdkVersion.

BackButton

Summary: Back button

Priority: 6 / 10
Severity: Warning
Category: Usability
NOTE: This issue is disabled by default!
You can enable it by adding --enable BackButton

According to the Android Design Guide,

"Other platforms use an explicit back button with label to allow the user to
navigate up the application's hierarchy. Instead, Android uses the main action
bar's app icon for hierarchical navigation and the navigation bar's back
button for temporal navigation."
This check is not very sophisticated (it just looks for buttons with the label
"Back"), so it is disabled by default to not trigger on common scenarios like
pairs of Back/Next buttons to paginate through screens.

More information:
http://developer.android.com/design/patterns/pure-android.html

ButtonStyle

Summary: Button should be borderless

Priority: 5 / 10
Severity: Warning
Category: Usability

Button bars typically use a borderless style for the buttons. Set the
style="?android:attr/buttonBarButtonStyle" attribute on each of the buttons,
and set style="?android:attr/buttonBarStyle" on the parent layout

More information:
http://developer.android.com/design/building-blocks/buttons.html

GoogleAppIndexingApiWarning

Summary: Missing support for Firebase App Indexing Api

Priority: 5 / 10
Severity: Warning
Category: Usability
NOTE: This issue is disabled by default!
You can enable it by adding --enable GoogleAppIndexingApiWarning

Adds URLs to get your app into the Google index, to get installs and traffic
to your app from Google Search.

More information:
https://g.co/AppIndexing/AndroidStudio

GoogleAppIndexingUrlError

Summary: URL not supported by app for Firebase App Indexing

Priority: 5 / 10
Severity: Error
Category: Usability

Ensure the URL is supported by your app, to get installs and traffic to your
app from Google Search.

More information:
https://g.co/AppIndexing/AndroidStudio

GoogleAppIndexingWarning

Summary: Missing support for Firebase App Indexing

Priority: 5 / 10
Severity: Warning
Category: Usability

Adds URLs to get your app into the Google index, to get installs and traffic
to your app from Google Search.

More information:
https://g.co/AppIndexing/AndroidStudio

MenuTitle

Summary: Missing menu title

Priority: 5 / 10
Severity: Error
Category: Usability

From the action bar documentation:
"It's important that you always define android:title for each menu item — even
if you don't declare that the title appear with the action item — for three
reasons:

  • If there's not enough room in the action bar for the action item, the menu
    item appears in the overflow menu and only the title appears.
  • Screen readers for sight-impaired users read the menu item's title.
  • If the action item appears with only the icon, a user can long-press the
    item to reveal a tool-tip that displays the action item's title.
    The android:icon is always optional, but recommended.

More information:
http://developer.android.com/guide/topics/ui/actionbar.html

TextFields

Summary: Missing inputType or hint

Priority: 5 / 10
Severity: Warning
Category: Usability

Providing an inputType attribute on a text field improves usability because
depending on the data to be input, optimized keyboards can be shown to the
user (such as just digits and parentheses for a phone number). Similarly,a
hint attribute displays a hint to the user for what is expected in the text
field.

The lint detector also looks at the id of the view, and if the id offers a
hint of the purpose of the field (for example, the id contains the phrase
phone or email), then lint will also ensure that the inputType contains the
corresponding type attributes.

If you really want to keep the text field generic, you can suppress this
warning by setting inputType="text".

NegativeMargin

Summary: Negative Margins

Priority: 4 / 10
Severity: Warning
Category: Usability
NOTE: This issue is disabled by default!
You can enable it by adding --enable NegativeMargin

Margin values should be positive. Negative values are generally a sign that
you are making assumptions about views surrounding the current one, or may be
tempted to turn off child clipping to allow a view to escape its parent.
Turning off child clipping to do this not only leads to poor graphical
performance, it also results in wrong touch event handling since touch events
are based strictly on a chain of parent-rect hit tests. Finally, making
assumptions about the size of strings can lead to localization problems.

SmallSp

Summary: Text size is too small

Priority: 4 / 10
Severity: Warning
Category: Usability

Avoid using sizes smaller than 12sp.

AlwaysShowAction

Summary: Usage of showAsAction=always

Priority: 3 / 10
Severity: Warning
Category: Usability

Using showAsAction="always" in menu XML, or MenuItem.SHOW_AS_ACTION_ALWAYS in
Java code is usually a deviation from the user interface style guide.Use
ifRoom or the corresponding MenuItem.SHOW_AS_ACTION_IF_ROOM instead.

If always is used sparingly there are usually no problems and behavior is
roughly equivalent to ifRoom but with preference over other ifRoom items.
Using it more than twice in the same menu is a bad idea.

This check looks for menu XML files that contain more than two always actions,
or some always actions and no ifRoom actions. In Java code, it looks for
projects that contain references to MenuItem.SHOW_AS_ACTION_ALWAYS and no
references to MenuItem.SHOW_AS_ACTION_IF_ROOM.

More information:
http://developer.android.com/design/patterns/actionbar.html

ViewConstructor

Summary: Missing View constructors for XML inflation

Priority: 3 / 10
Severity: Warning
Category: Usability

Some layout tools (such as the Android layout editor) need to find a
constructor with one of the following signatures:

  • View(Context context)
  • View(Context context, AttributeSet attrs)
  • View(Context context, AttributeSet attrs, int defStyle)

If your custom view needs to perform initialization which does not apply when
used in a layout editor, you can surround the given code with a check to see
if View#isInEditMode() is false, since that method will return false at
runtime but true within a user interface editor.

ButtonCase

Summary: Cancel/OK dialog button capitalization

Priority: 2 / 10
Severity: Warning
Category: Usability

The standard capitalization for OK/Cancel dialogs is "OK" and "Cancel". To
ensure that your dialogs use the standard strings, you can use the resource
strings @android:string/ok and @android:string/cancel.

Accessibility

ClickableViewAccessibility

Summary: Accessibility in Custom Views

Priority: 6 / 10
Severity: Warning
Category: Accessibility

If a View that overrides onTouchEvent or uses an OnTouchListener does not also
implement performClick and call it when clicks are detected, the View may not
handle accessibility actions properly. Logic handling the click actions should
ideally be placed in View#performClick as some accessibility services invoke
performClick when a click action should occur.

ContentDescription

Summary: Image without contentDescription

Priority: 3 / 10
Severity: Warning
Category: Accessibility

Non-textual widgets like ImageViews and ImageButtons should use the
contentDescription attribute to specify a textual description of the widget
such that screen readers and other accessibility tools can adequately describe
the user interface.

Note that elements in application screens that are purely decorative and do
not provide any content or enable a user action should not have accessibility
content descriptions. In this case, just suppress the lint warning with a
tools:ignore="ContentDescription" attribute.

Note that for text fields, you should not set both the hint and the
contentDescription attributes since the hint will never be shown. Just set the
hint. See
http://developer.android.com/guide/topics/ui/accessibility/checklist.html#spec
al-cases.

LabelFor

Summary: Missing labelFor attribute

Priority: 2 / 10
Severity: Warning
Category: Accessibility

Text fields should be labelled with a labelFor attribute, provided your
minSdkVersion is at least 17.

If your view is labeled but by a label in a different layout which includes
this one, just suppress this warning from lint.

Internationalization

ByteOrderMark

Summary: Byte order mark inside files

Priority: 8 / 10
Severity: Fatal
Category: Internationalization

Lint will flag any byte-order-mark (BOM) characters it finds in the middle of
a file. Since we expect files to be encoded with UTF-8 (see the EnforceUTF8
issue), the BOM characters are not necessary, and they are not handled
correctly by all tools. For example, if you have a BOM as part of a resource
name in one particular translation, that name will not be considered identical
to the base resource's name and the translation will not be used.

More information:
http://en.wikipedia.org/wiki/Byte_order_mark

SetTextI18n

Summary: TextView Internationalization

Priority: 6 / 10
Severity: Warning
Category: Internationalization

When calling TextView#setText

  • Never call Number#toString() to format numbers; it will not handle fraction
    separators and locale-specific digits properly. Consider using String#format
    with proper format specifications (%d or %f) instead.
  • Do not pass a string literal (e.g. "Hello") to display text. Hardcoded text
    can not be properly translated to other languages. Consider using Android
    resource strings instead.
  • Do not build messages by concatenating text chunks. Such messages can not be
    properly translated.

More information:
http://developer.android.com/guide/topics/resources/localization.html

EnforceUTF8

Summary: Encoding used in resource files is not UTF-8

Priority: 5 / 10
Severity: Fatal
Category: Internationalization

XML supports encoding in a wide variety of character sets. However, not all
tools handle the XML encoding attribute correctly, and nearly all Android apps
use UTF-8, so by using UTF-8 you can protect yourself against subtle bugs when
using non-ASCII characters.

In particular, the Android Gradle build system will merge resource XML files
assuming the resource files are using UTF-8 encoding.

HardcodedText

Summary: Hardcoded text

Priority: 5 / 10
Severity: Warning
Category: Internationalization

Hardcoding text attributes directly in layout files is bad for several
reasons:

  • When creating configuration variations (for example for landscape or
    portrait)you have to repeat the actual text (and keep it up to date when
    making changes)

  • The application cannot be translated to other languages by just adding new
    translations for existing string resources.

There are quickfixes to automatically extract this hardcoded string into a
resource lookup.

RelativeOverlap

Summary: Overlapping items in RelativeLayout

Priority: 3 / 10
Severity: Warning
Category: Internationalization

If relative layout has text or button items aligned to left and right sides
they can overlap each other due to localized text expansion unless they have
mutual constraints like toEndOf/toStartOf.

Internationalization:Bidirectional Text

RtlCompat

Summary: Right-to-left text compatibility issues

Priority: 6 / 10
Severity: Error
Category: Internationalization:Bidirectional Text

API 17 adds a textAlignment attribute to specify text alignment. However, if
you are supporting older versions than API 17, you must also specify a gravity
or layout_gravity attribute, since older platforms will ignore the
textAlignment attribute.

RtlSymmetry

Summary: Padding and margin symmetry

Priority: 6 / 10
Severity: Warning
Category: Internationalization:Bidirectional Text

If you specify padding or margin on the left side of a layout, you should
probably also specify padding on the right side (and vice versa) for
right-to-left layout symmetry.

RtlHardcoded

Summary: Using left/right instead of start/end attributes

Priority: 5 / 10
Severity: Warning
Category: Internationalization:Bidirectional Text

Using Gravity#LEFT and Gravity#RIGHT can lead to problems when a layout is
rendered in locales where text flows from right to left. Use Gravity#START and
Gravity#END instead. Similarly, in XML gravity and layout_gravity attributes,
use start rather than left.

For XML attributes such as paddingLeft and layout_marginLeft, use paddingStart
and layout_marginStart. NOTE: If your minSdkVersion is less than 17, you
should add both the older left/right attributes as well as the new start/right
attributes. On older platforms, where RTL is not supported and the start/right
attributes are unknown and therefore ignored, you need the older left/right
attributes. There is a separate lint check which catches that type of error.

(Note: For Gravity#LEFT and Gravity#START, you can use these constants even
when targeting older platforms, because the start bitmask is a superset of the
left bitmask. Therefore, you can use gravity="start" rather than
gravity="left|start".)

RtlEnabled

Summary: Using RTL attributes without enabling RTL support

Priority: 3 / 10
Severity: Warning
Category: Internationalization:Bidirectional Text

To enable right-to-left support, when running on API 17 and higher, you must
set the android:supportsRtl attribute in the manifest <application> element.

If you have started adding RTL attributes, but have not yet finished the
migration, you can set the attribute to false to satisfy this lint check.

最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 211,884评论 6 492
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 90,347评论 3 385
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 157,435评论 0 348
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 56,509评论 1 284
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 65,611评论 6 386
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 49,837评论 1 290
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 38,987评论 3 408
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 37,730评论 0 267
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,194评论 1 303
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 36,525评论 2 327
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 38,664评论 1 340
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 34,334评论 4 330
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 39,944评论 3 313
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 30,764评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 31,997评论 1 266
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 46,389评论 2 360
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 43,554评论 2 349

推荐阅读更多精彩内容