SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.9.3

Threshold is medium

Effort is max

Summary

Classes	Bugs	Errors	Missing Classes
12	44	0	1

Files

Class	Bugs
com.github.hazendaz.maven.yuicompressor_maven_plugin.HelpMojo	1
net.alchim31.maven.yuicompressor.Aggregation	3
net.alchim31.maven.yuicompressor.AggregationTestCase	5
net.alchim31.maven.yuicompressor.BasicRhinoShell	27
net.alchim31.maven.yuicompressor.ErrorReporter4Mojo	1
net.alchim31.maven.yuicompressor.JSLintChecker	1
net.alchim31.maven.yuicompressor.JSLintMojo	1
net.alchim31.maven.yuicompressor.MojoSupport	1
net.alchim31.maven.yuicompressor.SourceFile	3
net.alchim31.maven.yuicompressor.YuiCompressorMojo	1

com.github.hazendaz.maven.yuicompressor_maven_plugin.HelpMojo

Bug	Category	Details	Line	Priority
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks	SECURITY	XXE_DOCUMENT	77	Medium

net.alchim31.maven.yuicompressor.Aggregation

Bug	Category	Details	Line	Priority
net.alchim31.maven.yuicompressor.Aggregation.setIncludes(String[]) may expose internal representation by storing an externally mutable object into Aggregation.includes	MALICIOUS_CODE	EI_EXPOSE_REP2	97	Medium
Exceptional return value of java.io.File.mkdirs() ignored in net.alchim31.maven.yuicompressor.Aggregation.run(Collection, BuildContext, Set)	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	165	Medium
Unwritten field: net.alchim31.maven.yuicompressor.Aggregation.excludes	CORRECTNESS	UWF_UNWRITTEN_FIELD	320	Medium

net.alchim31.maven.yuicompressor.AggregationTestCase

Bug	Category	Details	Line	Priority
Method net.alchim31.maven.yuicompressor.AggregationTestCase.testAutoExcludeWildcards() builds a list from one element using Arrays.asList rather than Collections.singletonList	CORRECTNESS	LUI_USE_SINGLETON_LIST	321	Medium
Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.test2to1()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	123	Medium
Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.testAbsolutePathFromOutside()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	280	Medium
Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.testAutoExcludeWildcards()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	316	Medium
Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.testNoDuplicateAggregation()	BAD_PRACTICE	RV_RETURN_VALUE_IGNORED_BAD_PRACTICE	160	Medium

net.alchim31.maven.yuicompressor.BasicRhinoShell

Bug	Category	Details	Line	Priority
Method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) accesses list or array with constant index	CORRECTNESS	CLI_CONSTANT_LIST_INDEX	277	Medium
Method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) accesses list or array with constant index	CORRECTNESS	CLI_CONSTANT_LIST_INDEX	278	Medium
Method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) accesses list or array with constant index	CORRECTNESS	CLI_CONSTANT_LIST_INDEX	279	Medium
Unconstrained method net.alchim31.maven.yuicompressor.BasicRhinoShell.readFile(String) converts checked exception to unchecked	STYLE	EXS_EXCEPTION_SOFTENING_NO_CONSTRAINTS	295	High
Unconstrained method net.alchim31.maven.yuicompressor.BasicRhinoShell.readFile(String) converts checked exception to unchecked	STYLE	EXS_EXCEPTION_SOFTENING_NO_CONSTRAINTS	297	High
Method net.alchim31.maven.yuicompressor.BasicRhinoShell.processOptions(Context, String[]) makes literal string comparisons passing the literal as an argument	STYLE	LSC_LITERAL_STRING_COMPARISON	169	High
Method net.alchim31.maven.yuicompressor.BasicRhinoShell.exec(String[], ErrorReporter) creates array using constants	PERFORMANCE	SACM_STATIC_ARRAY_CREATED_IN_METHOD	125	Medium
Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance	CORRECTNESS	SLF4J_FORMAT_SHOULD_BE_CONST	247	High
Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance	CORRECTNESS	SLF4J_FORMAT_SHOULD_BE_CONST	388	High
Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance	CORRECTNESS	SLF4J_FORMAT_SHOULD_BE_CONST	394	High
Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance	CORRECTNESS	SLF4J_FORMAT_SHOULD_BE_CONST	408	High
To make log readable, log format () should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	241	Medium
To make log readable, log format () should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	249	Medium
To make log readable, log format ({}) should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	384	Medium
To make log readable, log format () should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	389	Medium
To make log readable, log format () should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	401	Medium
To make log readable, log format () should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	409	Medium
To make log readable, log format () should contain non-sign character.	BAD_PRACTICE	SLF4J_SIGN_ONLY_FORMAT	413	Medium
Method net.alchim31.maven.yuicompressor.BasicRhinoShell.processSource(Context, String) passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	373	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.load(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	341-345	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.print(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	239-250	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.print(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	239-250	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.print(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	239-250	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.version(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	318-323	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.version(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	318-323	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	276-281	Medium
Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) has unused parameters	STYLE	UP_UNUSED_PARAMETER	276-281	Medium

net.alchim31.maven.yuicompressor.ErrorReporter4Mojo

Bug	Category	Details	Line	Priority
new net.alchim31.maven.yuicompressor.ErrorReporter4Mojo(Log, boolean, BuildContext) may expose internal representation by storing an externally mutable object into ErrorReporter4Mojo.buildContext	MALICIOUS_CODE	EI_EXPOSE_REP2	68	Medium

net.alchim31.maven.yuicompressor.JSLintChecker

Bug	Category	Details	Line	Priority
Exception thrown in class net.alchim31.maven.yuicompressor.JSLintChecker at new net.alchim31.maven.yuicompressor.JSLintChecker() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	47	Medium

net.alchim31.maven.yuicompressor.JSLintMojo

Bug	Category	Details	Line	Priority
Method net.alchim31.maven.yuicompressor.JSLintMojo.processFile(SourceFile) appears to call the same method on the same object redundantly	PERFORMANCE	PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS	54	Medium

net.alchim31.maven.yuicompressor.MojoSupport

Bug	Category	Details	Line	Priority
Method net.alchim31.maven.yuicompressor.MojoSupport.processDir(File, File, List, boolean) appears to call the same method on the same object redundantly	PERFORMANCE	PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS	263	Medium

net.alchim31.maven.yuicompressor.SourceFile

Bug	Category	Details	Line	Priority
This method new net.alchim31.maven.yuicompressor.SourceFile(File, File, String, boolean) parses a String that is a field	STYLE	STT_STRING_PARSING_A_FIELD	61	Medium
This method new net.alchim31.maven.yuicompressor.SourceFile(File, File, String, boolean) parses a String that is a field	STYLE	STT_STRING_PARSING_A_FIELD	63	Medium
This method new net.alchim31.maven.yuicompressor.SourceFile(File, File, String, boolean) parses a String that is a field	STYLE	STT_STRING_PARSING_A_FIELD	64	Medium

net.alchim31.maven.yuicompressor.YuiCompressorMojo

Bug	Category	Details	Line	Priority
Method net.alchim31.maven.yuicompressor.YuiCompressorMojo.processFile(SourceFile) appears to call the same method on the same object redundantly	PERFORMANCE	PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS	241	Medium