When we try to delete contact by using  'if(Schema.sObjectType.Contact.isDeletable())' condition and then upload the package on checkmarx to test. It always give us issue while deleting the selected contact.

Public with sharing Class ContactDelete{
 Public ContactDelete(){
       if (Schema.sObjectType.Contact.isDeletable()){  
            List<Contact> conList = [select id,name from contact limit 1];
             delete conList
        }
    }
} 

Issue Comming : Query: CRUD Delete
This query looks for Delete operations that are performed without checking for isDeletable(). This may be a false positive if your code accesses only objects whose security is managed by your app and not the admin (for example OAuth states). It may also be a false positive if checks are performed outside of the dataflow (automatically in a visualforce inputfield tag or manually in a constructor), or if this is an enterprise object or other object whose permissions are not set by the admin.

L 6: delete conlist;

When we try to delete contact by using  'if(Schema.sObjectType.Contact.isDeletable())' condition and then upload the package on checkmarx to test. It always give us issue while deleting the selected contact.

Public with sharing Class ContactDelete{
 Public ContactDelete(){
       if (Schema.sObjectType.Contact.isDeletable()){  
            List<Contact> conList = [select id,name from contact limit 1];
             delete conList
        }
    }
} 

Issue Comming : Query: CRUD Delete
This query looks for Delete operations that are performed without checking for isDeletable(). This may be a false positive if your code accesses only objects whose security is managed by your app and not the admin (for example OAuth states). It may also be a false positive if checks are performed outside of the dataflow (automatically in a visualforce inputfield tag or manually in a constructor), or if this is an enterprise object or other object whose permissions are not set by the admin.

L 6: delete conlist;