FindBugs Bug Detector Report
The following document contains the results of FindBugs
FindBugs Version is 3.0.1
Threshold is medium
Effort is min
Summary
Classes |
Bugs |
Errors |
Missing Classes |
403 |
63 |
0 |
0 |
org.apache.maven.DefaultMaven
Bug |
Category |
Details |
Line |
Priority |
Exceptional return value of java.io.File.mkdirs() ignored in org.apache.maven.DefaultMaven.validateLocalRepository(MavenExecutionRequest) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
360 |
Medium |
org.apache.maven.artifact.handler.DefaultArtifactHandler
Bug |
Category |
Details |
Line |
Priority |
Unwritten field: org.apache.maven.artifact.handler.DefaultArtifactHandler.classifier |
CORRECTNESS |
UWF_UNWRITTEN_FIELD |
78 |
Medium |
org.apache.maven.artifact.metadata.AbstractArtifactMetadata
Bug |
Category |
Details |
Line |
Priority |
The class name org.apache.maven.artifact.metadata.AbstractArtifactMetadata shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.AbstractArtifactMetadata |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
34-35 |
High |
org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException
Bug |
Category |
Details |
Line |
Priority |
The class name org.apache.maven.artifact.metadata.ArtifactMetadataRetrievalException shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.ArtifactMetadataRetrievalException |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
36-57 |
High |
org.apache.maven.artifact.metadata.ArtifactMetadataSource
Bug |
Category |
Details |
Line |
Priority |
The class name org.apache.maven.artifact.metadata.ArtifactMetadataSource shadows the simple name of implemented interface org.apache.maven.repository.legacy.metadata.ArtifactMetadataSource |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_INTERFACE |
Not available |
Medium |
org.apache.maven.artifact.metadata.ResolutionGroup
Bug |
Category |
Details |
Line |
Priority |
The class name org.apache.maven.artifact.metadata.ResolutionGroup shadows the simple name of the superclass org.apache.maven.repository.legacy.metadata.ResolutionGroup |
BAD_PRACTICE |
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS |
40-47 |
High |
org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata
Bug |
Category |
Details |
Line |
Priority |
Exceptional return value of java.io.File.delete() ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
98 |
Medium |
Exceptional return value of java.io.File.mkdirs() ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
135 |
Medium |
Exceptional return value of java.io.File.setLastModified(long) ignored in org.apache.maven.artifact.repository.metadata.AbstractRepositoryMetadata.updateRepositoryMetadata(ArtifactRepository, ArtifactRepository) |
BAD_PRACTICE |
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE |
145 |
Medium |
org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException
Bug |
Category |
Details |
Line |
Priority |
Class org.apache.maven.artifact.repository.metadata.RepositoryMetadataDeploymentException is not derived from an Exception, even though it is named as such |
BAD_PRACTICE |
NM_CLASS_NOT_EXCEPTION |
32-39 |
Medium |
org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException
Bug |
Category |
Details |
Line |
Priority |
Class org.apache.maven.artifact.repository.metadata.RepositoryMetadataInstallationException is not derived from an Exception, even though it is named as such |
BAD_PRACTICE |
NM_CLASS_NOT_EXCEPTION |
32-39 |
Medium |
org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter
Bug |
Category |
Details |
Line |
Priority |
Potentially dangerous use of non-short-circuit logic in org.apache.maven.artifact.resolver.filter.IncludesArtifactFilter.include(Artifact) |
STYLE |
NS_DANGEROUS_NON_SHORT_CIRCUIT |
50 |
High |
org.apache.maven.execution.DefaultMavenExecutionRequest
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.execution.DefaultMavenExecutionRequest.getStartTime() may expose internal representation by returning DefaultMavenExecutionRequest.startTime |
MALICIOUS_CODE |
EI_EXPOSE_REP |
318 |
Medium |
org.apache.maven.execution.DefaultMavenExecutionRequest.setStartTime(Date) may expose internal representation by storing an externally mutable object into DefaultMavenExecutionRequest.startTime |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
475 |
Medium |
org.apache.maven.execution.SettingsAdapter
Bug |
Category |
Details |
Line |
Priority |
Class org.apache.maven.execution.SettingsAdapter defines non-transient non-serializable instance field runtimeInfo |
BAD_PRACTICE |
SE_BAD_FIELD |
Not available |
Medium |
org.apache.maven.lifecycle.DefaultLifecycles
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.lifecycle.DefaultLifecycles.STANDARD_LIFECYCLES is a mutable array |
MALICIOUS_CODE |
MS_MUTABLE_ARRAY |
46 |
High |
org.apache.maven.lifecycle.internal.LifecycleDependencyResolver
Bug |
Category |
Details |
Line |
Priority |
Load of known null value in org.apache.maven.lifecycle.internal.LifecycleDependencyResolver.resolveProjectDependencies(MavenProject, Collection, Collection, MavenSession, boolean, Set) |
STYLE |
NP_LOAD_OF_KNOWN_NULL_VALUE |
154 |
Medium |
org.apache.maven.lifecycle.internal.LifecycleModuleBuilder
Bug |
Category |
Details |
Line |
Priority |
Unread field: org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.projectExecutionListeners |
PERFORMANCE |
URF_UNREAD_FIELD |
74 |
Medium |
org.apache.maven.lifecycle.internal.LifecycleStarter
Bug |
Category |
Details |
Line |
Priority |
Exception is caught when Exception is not thrown in org.apache.maven.lifecycle.internal.LifecycleStarter.execute(MavenSession) |
STYLE |
REC_CATCH_EXCEPTION |
131 |
Medium |
org.apache.maven.lifecycle.internal.MojoDescriptorCreator
Bug |
Category |
Details |
Line |
Priority |
Possible null pointer dereference of goal in org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject) |
CORRECTNESS |
NP_NULL_ON_SOME_PATH |
223 |
Medium |
Possible null pointer dereference of plugin in org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject) |
CORRECTNESS |
NP_NULL_ON_SOME_PATH |
234 |
Medium |
org.apache.maven.lifecycle.internal.MojoDescriptorCreator.getMojoDescriptor(String, MavenSession, MavenProject) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
174 |
Medium |
Useless condition: it's known that numTokens <= 2 at this point |
STYLE |
UC_USELESS_CONDITION |
193 |
Medium |
org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer
Bug |
Category |
Details |
Line |
Priority |
Found reliance on default encoding in new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer(ProjectBuildList, PrintStream): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
57 |
High |
Naked notify in org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer.setThisModuleComplete(ProjectSegment) |
MT_CORRECTNESS |
NN_NAKED_NOTIFY |
198 |
Medium |
new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer(ProjectBuildList, PrintStream) invokes Thread.start() |
MT_CORRECTNESS |
SC_START_IN_CTOR |
153 |
Medium |
org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer$ThreadBoundPrintStream
Bug |
Category |
Details |
Line |
Priority |
Found reliance on default encoding in new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer$ThreadBoundPrintStream(ThreadOutputMuxer, PrintStream): new org.apache.maven.lifecycle.internal.builder.multithreaded.ThreadOutputMuxer$ThreadBoundPrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
214 |
High |
org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping
Bug |
Category |
Details |
Line |
Priority |
Unwritten field: org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping.lifecycles |
CORRECTNESS |
UWF_UNWRITTEN_FIELD |
49 |
Medium |
Unwritten field: org.apache.maven.lifecycle.mapping.DefaultLifecycleMapping.phases |
CORRECTNESS |
UWF_UNWRITTEN_FIELD |
106 |
Medium |
org.apache.maven.lifecycle.mapping.Lifecycle
Bug |
Category |
Details |
Line |
Priority |
Unused field: org.apache.maven.lifecycle.mapping.Lifecycle.optionalMojos |
PERFORMANCE |
UUF_UNUSED_FIELD |
Not available |
Medium |
org.apache.maven.plugin.DefaultBuildPluginManager
Bug |
Category |
Details |
Line |
Priority |
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString() |
I18N |
DM_DEFAULT_ENCODING |
169 |
High |
Found reliance on default encoding in org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo(MavenSession, MojoExecution): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
164 |
High |
Unread field: org.apache.maven.plugin.DefaultBuildPluginManager.mojoExecutionListeners |
PERFORMANCE |
URF_UNREAD_FIELD |
68 |
Medium |
org.apache.maven.plugin.internal.DefaultMavenPluginManager
Bug |
Category |
Details |
Line |
Priority |
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): java.io.ByteArrayOutputStream.toString() |
I18N |
DM_DEFAULT_ENCODING |
540 |
High |
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.getConfiguredMojo(Class, MavenSession, MojoExecution): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
534 |
High |
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): java.io.ByteArrayOutputStream.toString() |
I18N |
DM_DEFAULT_ENCODING |
681 |
High |
Found reliance on default encoding in org.apache.maven.plugin.internal.DefaultMavenPluginManager.populatePluginFields(Object, MojoDescriptor, ClassRealm, PlexusConfiguration, ExpressionEvaluator): new java.io.PrintStream(OutputStream) |
I18N |
DM_DEFAULT_ENCODING |
676 |
High |
Load of known null value in org.apache.maven.plugin.internal.DefaultMavenPluginManager.setupExtensionsRealm(MavenProject, Plugin, RepositorySystemSession) |
STYLE |
NP_LOAD_OF_KNOWN_NULL_VALUE |
848 |
Medium |
org.apache.maven.plugin.internal.DefaultPluginManager
Bug |
Category |
Details |
Line |
Priority |
Exception is caught when Exception is not thrown in org.apache.maven.plugin.internal.DefaultPluginManager.getPluginDescriptorForPrefix(String) |
STYLE |
REC_CATCH_EXCEPTION |
193 |
Medium |
org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.plugin.prefix.NoPluginFoundForPrefixException.format(LocalRepository, List) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
58 |
Medium |
org.apache.maven.plugin.version.PluginVersionResolutionException
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.plugin.version.PluginVersionResolutionException.format(LocalRepository, List) concatenates strings using + in a loop |
PERFORMANCE |
SBSC_USE_STRINGBUFFER_CONCATENATION |
100 |
Medium |
org.apache.maven.project.DefaultProjectBuilder
Bug |
Category |
Details |
Line |
Priority |
Nullcheck of DefaultProjectBuilder.repositorySystem at line 783 of value previously dereferenced in org.apache.maven.project.DefaultProjectBuilder.initProject(MavenProject, Map, boolean, ModelBuildingResult, Map, ProjectBuildingRequest) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
683 |
Medium |
org.apache.maven.project.DefaultProjectBuildingRequest
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.project.DefaultProjectBuildingRequest.getBuildStartTime() may expose internal representation by returning DefaultProjectBuildingRequest.buildStartTime |
MALICIOUS_CODE |
EI_EXPOSE_REP |
319 |
Medium |
org.apache.maven.project.DefaultProjectBuildingRequest.setBuildStartTime(Date) may expose internal representation by storing an externally mutable object into DefaultProjectBuildingRequest.buildStartTime |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
324 |
Medium |
org.apache.maven.project.MavenProject
Bug |
Category |
Details |
Line |
Priority |
Redundant nullcheck of org.apache.maven.project.MavenProject.getBuild(), which is known to be non-null in org.apache.maven.project.MavenProject.getDefaultGoal() |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
1123 |
Medium |
org.apache.maven.project.ProjectModelResolver
Bug |
Category |
Details |
Line |
Priority |
Unread field: org.apache.maven.project.ProjectModelResolver.context; should this field be static? |
PERFORMANCE |
SS_SHOULD_BE_STATIC |
67 |
Medium |
org.apache.maven.project.artifact.AttachedArtifact
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.project.artifact.AttachedArtifact doesn't override org.apache.maven.artifact.DefaultArtifact.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord
Bug |
Category |
Details |
Line |
Priority |
Should org.apache.maven.project.artifact.DefaultMavenMetadataCache$CacheRecord be a _static_ inner class? |
PERFORMANCE |
SIC_INNER_SHOULD_BE_STATIC |
223-299 |
Medium |
org.apache.maven.project.artifact.PluginArtifact
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.project.artifact.PluginArtifact doesn't override org.apache.maven.artifact.DefaultArtifact.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.apache.maven.project.artifact.ProjectArtifact
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.project.artifact.ProjectArtifact doesn't override org.apache.maven.artifact.DefaultArtifact.equals(Object) |
STYLE |
EQ_DOESNT_OVERRIDE_EQUALS |
1 |
Medium |
org.apache.maven.repository.ArtifactTransferEvent
Bug |
Category |
Details |
Line |
Priority |
org.apache.maven.repository.ArtifactTransferEvent.getDataBuffer() may expose internal representation by returning ArtifactTransferEvent.dataBuffer |
MALICIOUS_CODE |
EI_EXPOSE_REP |
215 |
Medium |
org.apache.maven.repository.ArtifactTransferEvent.setDataBuffer(byte[]) may expose internal representation by storing an externally mutable object into ArtifactTransferEvent.dataBuffer |
MALICIOUS_CODE |
EI_EXPOSE_REP2 |
220 |
Medium |
org.apache.maven.toolchain.DefaultToolchain
Bug |
Category |
Details |
Line |
Priority |
Redundant nullcheck of thisProvides, which is known to be non-null in org.apache.maven.toolchain.DefaultToolchain.equals(Object) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
148 |
Medium |
org.apache.maven.toolchain.building.ToolchainsBuildingException
Bug |
Category |
Details |
Line |
Priority |
Nullcheck of problems at line 49 of value previously dereferenced in new org.apache.maven.toolchain.building.ToolchainsBuildingException(List) |
CORRECTNESS |
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE |
46 |
Medium |
org.apache.maven.toolchain.merge.MavenToolchainMerger
Bug |
Category |
Details |
Line |
Priority |
Load of known null value in org.apache.maven.toolchain.merge.MavenToolchainMerger.mergeToolchainModelConfiguration(ToolchainModel, ToolchainModel) |
STYLE |
NP_LOAD_OF_KNOWN_NULL_VALUE |
88 |
Medium |
org.apache.maven.toolchain.model.ToolchainModel
Bug |
Category |
Details |
Line |
Priority |
Redundant nullcheck of org.apache.maven.toolchain.model.ToolchainModel.getProvides(), which is known to be non-null in org.apache.maven.toolchain.model.ToolchainModel.equals(Object) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
256 |
Medium |
org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader
Bug |
Category |
Details |
Line |
Priority |
Dead store to parsed in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parsePersistedToolchains(XmlPullParser, boolean) |
STYLE |
DLS_DEAD_LOCAL_STORE |
633 |
High |
Dead store to parsed in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parseTrackableBase(XmlPullParser, boolean) |
STYLE |
DLS_DEAD_LOCAL_STORE |
738 |
High |
Boxing/unboxing to parse a primitive org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getIntegerValue(String, String, XmlPullParser, boolean) |
PERFORMANCE |
DM_BOXED_PRIMITIVE_FOR_PARSING |
392 |
High |
Boxing/unboxing to parse a primitive org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getLongValue(String, String, XmlPullParser, boolean) |
PERFORMANCE |
DM_BOXED_PRIMITIVE_FOR_PARSING |
422 |
High |
Redundant nullcheck of toolchains, which is known to be non-null in org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.parsePersistedToolchains(XmlPullParser, boolean) |
STYLE |
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE |
639 |
Medium |
Private method org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getBooleanValue(String, String, XmlPullParser) is never called |
PERFORMANCE |
UPM_UNCALLED_PRIVATE_METHOD |
177 |
Medium |
Private method org.apache.maven.toolchain.model.io.xpp3.MavenToolchainsXpp3Reader.getDateValue(String, String, XmlPullParser) is never called |
PERFORMANCE |
UPM_UNCALLED_PRIVATE_METHOD |
265 |
Medium |