| Rule Id | Friendly Name | Ignorable | Description | Example? |
|---|---|---|---|---|
| SML001 | Avoid cross server joins | Avoid cross server joins | Yes | |
| SML002 | Best practice is to use two part naming | Best practice is to use two part naming | Yes | |
| SML003 | Dirty Reads cause consistency errors | Dirty Reads cause consistency errors | Yes | |
| SML004 | Dont Override the optimizer | Dont Override the optimizer | Yes | |
| SML005 | Avoid use of 'Select *' | Avoid use of 'Select *' | Yes | |
| SML006 | Avoid Explicit Conversion of Columnar data | Avoid Explicit Conversion of Columnar data | Yes | |
| SML007 | Avoid use of ordinal positions in ORDER BY Clauses | Avoid use of ordinal positions in ORDER BY Clauses | ||
| SML008 | Dont Change DateFormat | Dont Change DateFormat | Yes | |
| SML009 | Dont Change DateFirst | Dont Change DateFirst | Yes | |
| SML010 | ReadUnCommitted: Dirty reads can cause consistency errors | ReadUnCommitted: Dirty reads can cause consistency errors | Yes | |
| SML011 | Single character aliases are poor practice | Single character aliases are poor practice | Yes | |
| SML012 | Missing Column specifications on insert | Missing Column specifications on insert | Yes | |
| SML013 | CONCAT_NULL_YIELDS_NULL should be on | CONCAT_NULL_YIELDS_NULL should be on | Yes | |
| SML014 | ANSI_NULLS should be On | ANSI_NULLS should be On | Yes | |
| SML015 | ANSI_PADDING should be On | ANSI_PADDING should be On | Yes | |
| SML016 | ANSI_WARNINGS should be On | ANSI_WARNINGS should be On | Yes | |
| SML017 | ARITHABORT should be On | ARITHABORT should be On | Yes | |
| SML018 | NUMERIC_ROUNDABORT should be Off | NUMERIC_ROUNDABORT should be Off | Yes | |
| SML019 | QUOTED_IDENTIFIER should be ON | QUOTED_IDENTIFIER should be ON | Yes | |
| SML020 | FORCEPLAN should be OFF | FORCEPLAN should be OFF | Yes | |
| SML021 | Use 2 part naming in EXECUTE statements | Use 2 part naming in EXECUTE statements | Yes | |
| SML022 | Identity value should be agnostic | Identity value should be agnostic | Yes | |
| SML023 | Avoid single line comments | Avoid single line comments | ||
| SML024 | Use two part naming | Use two part naming | Yes | |
| SML025 | RANGE windows are much slower then ROWS (Explicit use) | RANGE windows are much slower then ROWS (Explicit use) | Yes | |
| SML026 | RANGE windows are much slower then ROWS (Implicit use) | RANGE windows are much slower then ROWS (Implicit use) | Yes | |
| SML027 | Create table statements should specify schema | Create table statements should specify schema | Yes | |
| SML028 | Ordering in a view does not guarantee result set ordering | Ordering in a view does not guarantee result set ordering | Yes | |
| SML029 | Cursors default to writable. Specify FAST_FORWARD | Cursors default to writable. Specify FAST_FORWARD | Yes | |
| SML030 | Include SET NOCOUNT ON inside stored procedures | Include SET NOCOUNT ON inside stored procedures | Yes | |
| SML031 | EXISTS/NOT EXISTS can be more performant than COUNT(*) | EXISTS/NOT EXISTS can be more performant than COUNT(*) | ||
| SML032 | Ordering in a derived table does not guarantee result set ordering | Ordering in a derived table does not guarantee result set ordering | ||
| SML033 | Single character variable names are poor practice | Single character variable names are poor practice | Yes | |
| SML034 | Expression used with TOP should be wrapped in parenthises | Expression used with TOP should be wrapped in parenthises | Yes | |
| SML035 | TOP(100) percent is ignored by the optimizer | TOP(100) percent is ignored by the optimizer | ||
| SML036 | Foreign Key Constraints should be named | Foreign Key Constraints should be named | ||
| SML037 | Check Constraints should be named | Check Constraints should be named | ||
| SML038 | Primary Key Constraints on temporary tables should not be named | Primary Key Constraints on temporary tables should not be named | Yes | |
| SML039 | Default Constraints on temporary tables should not be named | Default Constraints on temporary tables should not be named | Yes | |
| SML040 | Foreign Key Constraints on temporary tables should not be named | Foreign Key Constraints on temporary tables should not be named | Yes | |
| SML041 | Check Constraints on temporary tables should not be named | Check Constraints on temporary tables should not be named | ||
| SML042 | Use of SET ROWCOUNT is deprecated : use TOP | Use of SET ROWCOUNT is deprecated : use TOP | ||
| SML043 | Potential SQL Injection Issue | Potential SQL Injection Issue | Yes | |
| SML044 | Dont override the optimizer ( FORCESCAN ) | Dont override the optimizer ( FORCESCAN ) | Yes | |
| SML045 | Dont override the optimizer ( Index Hint) | Dont override the optimizer ( Index Hint) | Yes | |
| SML046 | "= Null" Comparison | "= Null" Comparison | Yes | |
| SML047 | Use of deprecated data type | Use of deprecated data type | Yes |
| Rule Id | Friendly Name | Ignorable | Description | Example? |
|---|---|---|---|---|
| SRD0001 | Missing natural key | Table does not have a natural key. | ||
| SRD0002 | Missing primary key | Table does not have a primary key. | Yes | |
| SRD0003 | Avoid wide primary keys | Primary Keys should avoid using GUIDS or wide VARCHAR columns. | ||
| SRD0004 | Index on Foreign Key | Columns on both sides of a foreign key should be indexed. | Yes | |
| SRD0005 | Avoid long CHAR types | Yes | Avoid the (n)char column type except for short static length data. | |
| SRD0006 | Avoid SELECT * | Yes | Avoid using SELECT *. | Yes |
| SRD0009 | Non-transactional body | Wrap multiple action statements within a transaction. | Yes | |
| SRD0011 | Equality Compare With NULL Rule | Equality and inequality comparisons involving a NULL constant found. Use IS NULL or IS NOT NULL. | Yes | |
| SRD0012 | Unused variable | Variable declared but never referenced or assigned. | Yes | |
| SRD0013 | Expected error handeling | Wrap multiple action statements within a try catch. | Yes | |
| SRD0014 | TOP without an ORDER BY | TOP clause used in a query without an ORDER BY clause. | Yes | |
| SRD0015 | Implicit column list | Always use a column list in INSERT statements. | Yes | |
| SRD0016 | Unused input parameter | Yes | Input parameter never used. Consider removing the parameter or using it. | Yes |
| SRD0017 | Avoid Deletes Without Where Rule | Yes | DELETE statement without row limiting conditions. | |
| SRD0018 | Unbounded UPDATE | Yes | UPDATE statement without row limiting conditions. | |
| SRD0019 | Avoid joining tables with views | Yes | Avoid joining tables with views. | |
| SRD0020 | Incomplete or missing JOIN predicate | The query has issues with the join clause. It is either missing a backing foreign key or the join is missing one or more columns. | ||
| SRD0021 | Consider EXISTS Instead Of In Rule | Yes | Consider using EXISTS instead of IN when used with a subquery. | |
| SRD0024 | Avoid EXEC or EXECUTE | Yes | Avoid EXEC and EXECUTE with string literals. Use parameterized sp_executesql instead. | Yes |
| SRD0025 | Avoid ORDER BY with numbers | Yes | Avoid using column numbers in ORDER BY clause. | |
| SRD0026 | Unspecified type length | Do not use these data types (VARCHAR, NVARCHAR, CHAR, NCHAR) without specifying length. | ||
| SRD0027 | Unspecified precision or scale | Do not use DECIMAL or NUMERIC data types without specifying precision and scale. | ||
| SRD0028 | Consider Column Prefix Rule | Yes | Consider prefixing column names with table name or table alias. | |
| SRD0030 | Avoid Use of HINTS | Yes | Avoid using Hints to force a particular behavior. | Yes |
| SRD0031 | Avoid using CHARINDEX | Yes | Avoid using CHARINDEX function in WHERE clauses. | |
| SRD0032 | Avoid use of OR in where clause | Yes | Try to avoid the OR operator in query where clauses if possible. (Sargable) | |
| SRD0033 | Avoid Cursors | Yes | Avoid using cursors. | |
| SRD0034 | Use of NOLOCK | Do not use the NOLOCK clause. | Yes | |
| SRD0035 | Forced delay | Do not use WAITFOR DELAY/TIME statement in stored procedures, functions, and triggers. | ||
| SRD0036 | Do not use SET ROWCOUNT | Yes | Do not use SET ROWCOUNT to restrict the number of rows. | |
| SRD0038 | Alias Tables Rule | Yes | Consider aliasing all table sources in the query. | |
| SRD0039 | Object not schema qualified | Use fully qualified object names in SELECT, UPDATE, DELETE, MERGE and EXECUTE statements. [schema].[name]. | Yes | |
| SRD0041 | Avoid SELECT INTO temp or table variables | Yes | Avoid use of the SELECT INTO syntax. | |
| SRD0043 | Possible side-effects implicit cast | The arguments of the function '{0}' are not of the same datatype. | ||
| SRD0044 | Error handling requires SA permissions | The RAISERROR statement with severity above 18 requires the WITH LOG clause. | ||
| SRD0045 | Excessive indexes on table | Excessive number of indexes on table found on table. | ||
| SRD0046 | Use of approximate data type | Do not use the real or float data types for parameters or columns as they are approximate value data types. | ||
| SRD0047 | Ambiguous column name across design | Yes | Avoid using columns that match other columns by name, but are different in type or size. | |
| SRD0050 | Expression reducible to constaint | Yes | The comparison expression always evaluates to TRUE or FALSE. | Yes |
| SRD0051 | Do Not Use Deprecated Types Rule | Yes | Don't use deprecated TEXT, NTEXT and IMAGE data types. | Yes |
| SRD0052 | Duplicate/Overlapping Index | Index has exact duplicate or borderline overlapping index. | ||
| SRD0053 | Explicit collation other | Yes | Object has different collation than the rest of the database. Try to avoid using a different collation unless by design. | |
| SRD0055 | Object level option override | The object was created with invalid options. | ||
| SRD0056 | Unsafe identity retrieval | Yes | Use OUTPUT or SCOPE_IDENTITY() instead of @@IDENTITY. | |
| SRD0057 | Do Not Mix DML With DDL Rule | Yes | Do not mix DML with DDL statements. Group DDL statements at the beginning of procedures followed by DML statements. | |
| SRD0058 | Ordinal parameters used | Always use parameter names when calling stored procedures. | ||
| SRD0060 | Permission change in stored procedure | The procedure grants itself permissions. Possible missing GO command. | Yes | |
| SRD0061 | Invalid database configured options | The database is configured with invalid options. | ||
| SRD0062 | Implicit collation | Create SQL Server temporary tables with the correct collation or use database default as the tempdb having a different collation than the database can cause issues and or data instability. | ||
| SRD0063 | Avoid wrapping SQL in IF statement | Yes | Do not use IF statements containing queries in stored procedures. | Yes |
| SRD0064 | Consider Caching Get Date To Variable | Yes | Cache multiple calls to GETDATE or SYSDATETIME into a variable. | |
| SRD0065 | Avoid NOT FOR REPLICATION | Avoid 'NOT FOR REPLICATION' unless this is the desired behavior and replication is in use. | ||
| SRD0066 | BEGIN and END symbols inside conditional statements. | Yes | Use BEGIN and END symbols inside conditional statements. | Yes |
| SRD0067 | Use capitalized keywords for enhanced readability. | Use capitalized keywords for enhanced readability. | Yes | |
| SRD0068 | Terminate statements with semicolon. | Yes | Query statements should finish with a semicolon - ';'. | Yes |
| SRD0069 | Xact_Abort On | Yes | Use SET XACT_ABORT ON in stored procedures with explicit transactions. | Yes |
| SRD0071 | CASE without ELSE | Yes | CASE expression should include an ELSE clause. | Yes |
| SRD0072 | Variable self-assignment | Yes | Variable should not be assigned to itself. | Yes |
| SRD0073 | Repeated NOT operator | Yes | Repeated NOT operators found. Simplify the expression. | Yes |
| SRD0074 | Weak hashing algorithm | Yes | Avoid weak hashing algorithms (MD2, MD4, MD5, SHA, SHA1). Use SHA2_256 or SHA2_512. | Yes |
| SRD0075 | Hard-coded credentials | Yes | Avoid hard-coded credentials. Use secure configuration instead. | Yes |
| SRD0076 | Identical expressions on both sides | Yes | Identical expressions on both sides of a comparison operator. | Yes |
| SRD0077 | FETCH variable count mismatch | Yes | FETCH variable count does not match cursor column count. | Yes |
| SRD0078 | Single-character alias | Yes | Single-character aliases are poor practice. | Yes |
| Rule Id | Friendly Name | Ignorable | Description | Example? |
|---|---|---|---|---|
| SRN0001 | UDF with System prefix | Yes | Avoid 'fn_' prefix when naming functions. | |
| SRN0002 | Procedure name may conflict system name | Yes | Avoid 'sp_' prefix when naming stored procedures. | |
| SRN0006 | Use of default schema | Two part naming on objects is required. | Yes | |
| SRN0007 | Name standard | General naming rules. | Yes |
| Rule Id | Friendly Name | Ignorable | Description | Example? |
|---|---|---|---|---|
| SRP0001 | Nested Views | Views should not use other views as a data source. | ||
| SRP0002 | Unanchored string pattern | Yes | Try to avoid using patterns that start with '%' when using the LIKE keyword if possible. (Sargable) | |
| SRP0003 | Aggregate of unique set | Yes | Avoid using DISTINCT keyword inside of aggregate functions. | |
| SRP0004 | Noisy trigger | Yes | Avoid returning results in triggers. | |
| SRP0005 | Noisy trigger | Yes | SET NOCOUNT ON is recommended to be enabled in stored procedures and triggers. | Yes |
| SRP0006 | Use of inequality | Yes | Try to avoid using not equal operator (<>,!=) in the WHERE clause if possible. (Sargable) | |
| SRP0007 | Dangling cursor | Local cursor not closed. | ||
| SRP0008 | Unfreed cursor | Local cursor not explicitly deallocated. | ||
| SRP0009 | Filtering on calculated value | Yes | Avoid wrapping columns within a function in the WHERE clause. (Sargable) | Yes |
| SRP0010 | Function in data modification | Yes | Avoid the use of user defined functions with UPDATE/INSERT/DELETE statements. (Halloween Protection) | |
| SRP0011 | Non-member test in predicate | Yes | Avoid using the NOT IN predicate in a WHERE clause. (Sargable) | |
| SRP0012 | Un-indexed membership test | Yes | Consider indexing the columns referenced by IN predicates in order to avoid table scans. | |
| SRP0013 | Existence tested with JOIN | Yes | Consider replacing the OUTER JOIN with EXISTS. | Yes |
| SRP0014 | Table variable in JOIN | Yes | Avoid the use of table variables in join clauses. | |
| SRP0015 | Avoid Column Calculations | Yes | Avoid the use of calculations on columns in the where clause. (Sargable) | |
| SRP0016 | Equality test with mismatched types | Data types on both sides of an equality check should be the same in the where clause. (Sargable) | Yes | |
| SRP0017 | Update of Primary key | Yes | Avoid updating columns that are part of the primary key. (Halloween Protection) | |
| SRP0018 | High join count | Query uses a high number of joins. | ||
| SRP0020 | Missing Clustered index | Table does not have a clustered index. | Yes | |
| SRP0021 | Manipulated parameter value | Yes | Avoid modification of parameters in a stored procedure prior to use in a select query. | |
| SRP0022 | Procedure level recompile option | Yes | Consider using RECOMPILE query hint instead of the WITH RECOMPILE option. | Yes |
| SRP0023 | Enumerating for existence check | Yes | When checking for existence use EXISTS instead of COUNT | Yes |
| SRP0024 | Correlated subquery | Yes | Avoid the use of correlated subqueries except for very small tables. | |
| SRP0025 | SELECT * in EXISTS | Yes | Use SELECT 1 instead of SELECT * in EXISTS subqueries. | Yes |
| Rule Id | Friendly Name | Ignorable | Description | Example? |
|---|---|---|---|---|
| SR0001 Design | Avoid SELECT * in stored procedures, views, and table-valued functions | Avoid SELECT * in stored procedures, views, and table-valued functions | Yes | |
| SR0008 Design | Consider using SCOPE_IDENTITY instead of @@IDENTITY | Consider using SCOPE_IDENTITY instead of @@IDENTITY | Yes | |
| SR0009 Design | Avoid using types of variable length that are size 1 or 2 | Avoid using types of variable length that are size 1 or 2 | Yes | |
| SR0010 Design | Avoid using deprecated syntax when you join tables or views | Avoid using deprecated syntax when you join tables or views | Yes | |
| SR0013 Design | Output parameter (parameter) isn't populated in all code paths | Output parameter (parameter) isn't populated in all code paths | Yes | |
| SR0014 Design | Data loss might occur when casting from {Type1} to {Type2} | Data loss might occur when casting from {Type1} to {Type2} | Yes | |
| SR0011 Naming | Avoid using special characters in object names | Avoid using special characters in object names | Yes | |
| SR0012 Naming | Avoid using reserved words for type names | Avoid using reserved words for type names | Yes | |
| SR0016 Naming | Avoid using sp_ as a prefix for stored procedures | Avoid using sp_ as a prefix for stored procedures | Yes | |
| SR0004 Performance | Avoid using columns that don't have indexes as test expressions in IN predicates | Avoid using columns that don't have indexes as test expressions in IN predicates | Yes | |
| SR0005 Performance | Avoid using patterns that start with "%" in LIKE predicates | Avoid using patterns that start with "%" in LIKE predicates | Yes | |
| SR0006 Performance | Move a column reference to one side of a comparison operator to use a column index | Move a column reference to one side of a comparison operator to use a column index | Yes | |
| SR0007 Performance | Use ISNULL(column, default_value) on nullable columns in expressions | Use ISNULL(column, default_value) on nullable columns in expressions | Yes | |
| SR0015 Performance | Extract deterministic function calls from WHERE predicates | Extract deterministic function calls from WHERE predicates | Yes |
Generated by a tool