Maven Core - FindBugs Bug Detector Report

FindBugs Bug Detector Report

The following document contains the results of FindBugs Report

FindBugs Version is 2.0.1

Threshold is medium

Effort is min

Summary

Classes	Bugs	Errors	Missing Classes
347	65	0	0

Files

Class	Bugs
org.apache.maven.DefaultMaven	1
org.apache.maven.artifact.handler.DefaultArtifactHandler	1
org.apache.maven.artifact.metadata.AbstractArtifactMetadata	1
org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException	1
org.apache.maven.artifact.metadata.ArtifactMetadataSource	1
org.apache.maven.artifact.metadata.ResolutionGroup	1
org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata	3
org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException	1
org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException	1
org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter	1
org.apache.maven.execution.DefaultMavenExecutionRequest	2
org.apache.maven.execution.SettingsAdapter	1
org.apache.maven.lifecycle.DefaultLifecycles	1
org.apache.maven.lifecycle.internal.BuildLogItem$DependencyLogEntry	1
org.apache.maven.lifecycle.internal.ConcurrentBuildLogger	1
org.apache.maven.lifecycle.internal.LifecycleStarter	1
org.apache.maven.lifecycle.internal.LifecycleWeaveBuilder	1
org.apache.maven.lifecycle.internal.MojoDescriptorCreator	2
org.apache.maven.lifecycle.internal.ThreadLockedArtifact	1
org.apache.maven.lifecycle.internal.ThreadOutputMuxer	4
org.apache.maven.lifecycle.internal.ThreadOutputMuxer$ThreadBoundPrintStream	1
org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping	2
org.apache.maven.lifecycle.mapping.Lifecycle	1
org.apache.maven.plugin.DefaultBuildPluginManager	6
org.apache.maven.plugin.PluginParameterExpressionEvaluator	2
org.apache.maven.plugin.internal.DefaultMavenPluginManager	8
org.apache.maven.plugin.internal.DefaultPluginManager	1
org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException	1
org.apache.maven.plugin.version.PluginVersionResolutionException	1
org.apache.maven.project.DefaultProjectBuildingHelper	1
org.apache.maven.project.DefaultProjectBuildingRequest	2
org.apache.maven.project.MavenProject	1
org.apache.maven.project.ProjectModelResolver	1
org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord	1
org.apache.maven.repository.ArtifactTransferEvent	2
org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader	4

org.apache.maven.DefaultMaven

Bug	Category	Details	Line	Priority
exceptional return value of java.io.File.mkdirs() ignored in org.apache.maven.DefaultMaven.validateLocalRepository(MavenExecutionRequest)	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	501	Medium

org.apache.maven.artifact.handler.DefaultArtifactHandler

Bug	Category	Details	Line	Priority
Unwritten field: org.apache.maven.artifact.handler.DefaultArtifactHandler.classifier	CORRECTNESS	UWF_UNWRITTEN_FIELD	78	Medium

org.apache.maven.artifact.metadata.AbstractArtifactMetadata

Bug	Category	Details	Line	Priority
The class name org.apache.maven.artifact.metadata.AbstractArtifactMetadata shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.AbstractArtifactMetadata	BAD_PRACTICE	NM_SAME_SIMPLE_NAME_AS_SUPERCLASS	31-32	High

org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException

Bug	Category	Details	Line	Priority
The class name org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.ArtifactMetadataRetrievalException	BAD_PRACTICE	NM_SAME_SIMPLE_NAME_AS_SUPERCLASS	33-54	High

org.apache.maven.artifact.metadata.ArtifactMetadataSource

Bug	Category	Details	Line	Priority
The class name org.apache.maven.artifact.metadata.ArtifactMetadataSource shadows the simple name of implemented interface org.apache.maven.repository.legacy.metadata.ArtifactMetadataSource	BAD_PRACTICE	NM_SAME_SIMPLE_NAME_AS_INTERFACE	Not available	Medium

org.apache.maven.artifact.metadata.ResolutionGroup

Bug	Category	Details	Line	Priority
The class name org.apache.maven.artifact.metadata.ResolutionGroup shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.ResolutionGroup	BAD_PRACTICE	NM_SAME_SIMPLE_NAME_AS_SUPERCLASS	37-44	High

org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata

Bug	Category	Details	Line	Priority
exceptional return value of java.io.File.delete() ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository)	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	94	Medium
exceptional return value of java.io.File.mkdirs() ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository)	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	140	Medium
exceptional return value of java.io.File.setLastModified(long) ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository)	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	154	Medium

org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException

Bug	Category	Details	Line	Priority
Class org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException is not derived from an Exception, even though it is named as such	BAD_PRACTICE	NM_CLASS_NOT_EXCEPTION	32-39	Medium

org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException

Bug	Category	Details	Line	Priority
Class org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException is not derived from an Exception, even though it is named as such	BAD_PRACTICE	NM_CLASS_NOT_EXCEPTION	32-39	Medium

org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter

Bug	Category	Details	Line	Priority
Potentially dangerous use of non-short-circuit logic in org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter.include(Artifact)	STYLE	NS_DANGEROUS_NON_SHORT_CIRCUIT	50	High

org.apache.maven.execution.DefaultMavenExecutionRequest

Bug	Category	Details	Line	Priority
org.apache.maven.execution.DefaultMavenExecutionRequest.getStartTime() may expose internal representation by returning DefaultMavenExecutionRequest.startTime	MALICIOUS_CODE	EI_EXPOSE_REP	274	Medium
org.apache.maven.execution.DefaultMavenExecutionRequest.setStartTime(Date) may expose internal representation by storing an externally mutable object into DefaultMavenExecutionRequest.startTime	MALICIOUS_CODE	EI_EXPOSE_REP2	414	Medium

org.apache.maven.execution.SettingsAdapter

Bug	Category	Details	Line	Priority
Class org.apache.maven.execution.SettingsAdapter defines non-transient non-serializable instance field runtimeInfo	BAD_PRACTICE	SE_BAD_FIELD	Not available	Medium

org.apache.maven.lifecycle.DefaultLifecycles

Bug	Category	Details	Line	Priority
org.apache.maven.lifecycle.DefaultLifecycles.STANDARD_LIFECYCLES should be package protected	MALICIOUS_CODE	MS_PKGPROTECT	46	Medium

org.apache.maven.lifecycle.internal.BuildLogItem$DependencyLogEntry

Bug	Category	Details	Line	Priority
Should org.apache.maven.lifecycle.internal.BuildLogItem$DependencyLogEntry be a _static_ inner class?	PERFORMANCE	SIC_INNER_SHOULD_BE_STATIC	163-216	Medium

org.apache.maven.lifecycle.internal.ConcurrentBuildLogger

Bug	Category	Details	Line	Priority
org.apache.maven.lifecycle.internal.ConcurrentBuildLogger.toGraph() makes inefficient use of keySet iterator instead of entrySet iterator	PERFORMANCE	WMI_WRONG_MAP_ITERATOR	106	Medium

org.apache.maven.lifecycle.internal.LifecycleStarter

Bug	Category	Details	Line	Priority
Exception is caught when Exception is not thrown in org.apache.maven.lifecycle.internal.LifecycleStarter.execute(MavenSession)	STYLE	REC_CATCH_EXCEPTION	165	Medium

org.apache.maven.lifecycle.internal.LifecycleWeaveBuilder

Bug	Category	Details	Line	Priority
org.apache.maven.lifecycle.internal.LifecycleWeaveBuilder.build(ProjectBuildList, ReactorContext, List, MavenSession, ExecutorService, ReactorBuildStatus) makes inefficient use of keySet iterator instead of entrySet iterator	PERFORMANCE	WMI_WRONG_MAP_ITERATOR	145	Medium

org.apache.maven.lifecycle.internal.MojoDescriptorCreator

Bug	Category	Details	Line	Priority
Possible null pointer dereference of plugin in org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject)	CORRECTNESS	NP_NULL_ON_SOME_PATH	228	Medium
org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject) concatenates strings using + in a loop	PERFORMANCE	SBSC_USE_STRINGBUFFER_CONCATENATION	174	Medium

org.apache.maven.lifecycle.internal.ThreadLockedArtifact

Bug	Category	Details	Line	Priority
org.apache.maven.lifecycle.internal.ThreadLockedArtifact defines compareTo(Object) and uses Object.equals()	BAD_PRACTICE	EQ_COMPARETO_USE_OBJECT_EQUALS	41	Medium

org.apache.maven.lifecycle.internal.ThreadOutputMuxer

Bug	Category	Details	Line	Priority
Found reliance on default encoding in new org.apache.maven.lifecycle.internal.ThreadOutputMuxer(ProjectBuildList, PrintStream): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	54	High
Found reliance on default encoding in new org.apache.maven.lifecycle.internal.ThreadOutputMuxer(ProjectBuildList, PrintStream): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	144	High
Naked notify in org.apache.maven.lifecycle.internal.ThreadOutputMuxer.setThisModuleComplete(ProjectSegment)	MT_CORRECTNESS	NN_NAKED_NOTIFY	195	Medium
new org.apache.maven.lifecycle.internal.ThreadOutputMuxer(ProjectBuildList, PrintStream) invokes Thread.start()	MT_CORRECTNESS	SC_START_IN_CTOR	150	Medium

org.apache.maven.lifecycle.internal.ThreadOutputMuxer$ThreadBoundPrintStream

Bug	Category	Details	Line	Priority
Found reliance on default encoding in new org.apache.maven.lifecycle.internal.ThreadOutputMuxer$ThreadBoundPrintStream(ThreadOutputMuxer, PrintStream): new org.apache.maven.lifecycle.internal.ThreadOutputMuxer$ThreadBoundPrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	211	High

org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping

Bug	Category	Details	Line	Priority
Unwritten field: org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping.lifecycles	CORRECTNESS	UWF_UNWRITTEN_FIELD	46	Medium
Unwritten field: org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping.phases	CORRECTNESS	UWF_UNWRITTEN_FIELD	103	Medium

org.apache.maven.lifecycle.mapping.Lifecycle

Bug	Category	Details	Line	Priority
Unused field: org.apache.maven.lifecycle.mapping.Lifecycle.optionalMojos	PERFORMANCE	UUF_UNUSED_FIELD	Not available	Medium

org.apache.maven.plugin.DefaultBuildPluginManager

Bug	Category	Details	Line	Priority
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	130	High
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	142	High
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	154	High
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	125	High
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	137	High
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	149	High

org.apache.maven.plugin.PluginParameterExpressionEvaluator

Bug	Category	Details	Line	Priority
Load of known null value in org.apache.maven.plugin.PluginParameterExpressionEvaluator.evaluate(String, Class)	STYLE	NP_LOAD_OF_KNOWN_NULL_VALUE	379	Medium
Nullcheck of session at line 111 of value previously dereferenced in new org.apache.maven.plugin.PluginParameterExpressionEvaluator(MavenSession, MojoExecution)	CORRECTNESS	RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE	95	Medium

org.apache.maven.plugin.internal.DefaultMavenPluginManager

Bug	Category	Details	Line	Priority
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	478	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	489	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	473	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	483	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	618	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): java.io.ByteArrayOutputStream.toString()	I18N	DM_DEFAULT_ENCODING	628	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	613	High
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): new java.io.PrintStream(OutputStream)	I18N	DM_DEFAULT_ENCODING	623	High

org.apache.maven.plugin.internal.DefaultPluginManager

Bug	Category	Details	Line	Priority
Exception is caught when Exception is not thrown in org.apache.maven.plugin.internal.DefaultPluginManager.getPluginDescriptorForPrefix(String)	STYLE	REC_CATCH_EXCEPTION	193	Medium

org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException

Bug	Category	Details	Line	Priority
org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException.format(LocalRepository, List) concatenates strings using + in a loop	PERFORMANCE	SBSC_USE_STRINGBUFFER_CONCATENATION	55	Medium

org.apache.maven.plugin.version.PluginVersionResolutionException

Bug	Category	Details	Line	Priority
org.apache.maven.plugin.version.PluginVersionResolutionException.format(LocalRepository, List) concatenates strings using + in a loop	PERFORMANCE	SBSC_USE_STRINGBUFFER_CONCATENATION	97	Medium

org.apache.maven.project.DefaultProjectBuildingHelper

Bug	Category	Details	Line	Priority
Load of known null value in org.apache.maven.project.DefaultProjectBuildingHelper.createProjectRealm(MavenProject, Model, ProjectBuildingRequest)	STYLE	NP_LOAD_OF_KNOWN_NULL_VALUE	245	Medium

org.apache.maven.project.DefaultProjectBuildingRequest

Bug	Category	Details	Line	Priority
org.apache.maven.project.DefaultProjectBuildingRequest.getBuildStartTime() may expose internal representation by returning DefaultProjectBuildingRequest.buildStartTime	MALICIOUS_CODE	EI_EXPOSE_REP	287	Medium
org.apache.maven.project.DefaultProjectBuildingRequest.setBuildStartTime(Date) may expose internal representation by storing an externally mutable object into DefaultProjectBuildingRequest.buildStartTime	MALICIOUS_CODE	EI_EXPOSE_REP2	292	Medium

org.apache.maven.project.MavenProject

Bug	Category	Details	Line	Priority
Redundant nullcheck of org.apache.maven.project.MavenProject.getBuild(), which is known to be non-null in org.apache.maven.project.MavenProject.getDefaultGoal()	STYLE	RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE	1775	Medium

org.apache.maven.project.ProjectModelResolver

Bug	Category	Details	Line	Priority
Unread field: org.apache.maven.project.ProjectModelResolver.context; should this field be static?	PERFORMANCE	SS_SHOULD_BE_STATIC	60	Medium

org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord

Bug	Category	Details	Line	Priority
Should org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord be a _static_ inner class?	PERFORMANCE	SIC_INNER_SHOULD_BE_STATIC	214-290	Medium

org.apache.maven.repository.ArtifactTransferEvent

Bug	Category	Details	Line	Priority
org.apache.maven.repository.ArtifactTransferEvent.getDataBuffer() may expose internal representation by returning ArtifactTransferEvent.dataBuffer	MALICIOUS_CODE	EI_EXPOSE_REP	218	Medium
org.apache.maven.repository.ArtifactTransferEvent.setDataBuffer(byte[]) may expose internal representation by storing an externally mutable object into ArtifactTransferEvent.dataBuffer	MALICIOUS_CODE	EI_EXPOSE_REP2	223	Medium

org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader

Bug	Category	Details	Line	Priority
Dead store to parsed in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parsePersistedToolchains(XmlPullParser, boolean)	STYLE	DLS_DEAD_LOCAL_STORE	594	High
Redundant nullcheck of toolchains, which is known to be non-null in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parsePersistedToolchains(XmlPullParser, boolean)	STYLE	RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE	600	Medium
Private method org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getBooleanValue(String, String, XmlPullParser) is never called	PERFORMANCE	UPM_UNCALLED_PRIVATE_METHOD	150	Medium
Private method org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getDateValue(String, String, XmlPullParser) is never called	PERFORMANCE	UPM_UNCALLED_PRIVATE_METHOD	238	Medium