Click here to lend your support to: yuicompressor-maven-plugin and make a donation at www.pledgie.com !
Build with Maven 2
CC-GNU LGPLSpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.9.8
Threshold is medium
Effort is max
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 15 | 53 | 0 | 0 |
Files
com.github.hazendaz.maven.yuicompressor_maven_plugin.HelpMojo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Instance field com.github.hazendaz.maven.yuicompressor_maven_plugin.HelpMojo.goal likely could be defined as static | CORRECTNESS | SPP_FIELD_COULD_BE_STATIC | Not available | Medium |
| The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks | SECURITY | XXE_DOCUMENT | 77 | Medium |
net.alchim31.maven.yuicompressor.Aggregation
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| net.alchim31.maven.yuicompressor.Aggregation.setIncludes(String[]) may expose internal representation by storing an externally mutable object into Aggregation.includes | MALICIOUS_CODE | EI_EXPOSE_REP2 | 97 | Medium |
| Exceptional return value of java.io.File.mkdirs() ignored in net.alchim31.maven.yuicompressor.Aggregation.run(Collection, BuildContext, Set) | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 165 | Medium |
| Unwritten field: net.alchim31.maven.yuicompressor.Aggregation.excludes | CORRECTNESS | UWF_UNWRITTEN_FIELD | 320 | Medium |
net.alchim31.maven.yuicompressor.AggregationTestCase
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.AggregationTestCase.testAutoExcludeWildcards() builds a list from one element using Arrays.asList rather than Collections.singletonList | CORRECTNESS | LUI_USE_SINGLETON_LIST | 346 | Medium |
| Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.test2to1() | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 148 | Medium |
| Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.testAbsolutePathFromOutside() | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 305 | Medium |
| Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.testAutoExcludeWildcards() | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 341 | Medium |
| Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.AggregationTestCase.testNoDuplicateAggregation() | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 185 | Medium |
net.alchim31.maven.yuicompressor.BasicRhinoShell
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) accesses list or array with constant index | CORRECTNESS | CLI_CONSTANT_LIST_INDEX | 277 | Medium |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) accesses list or array with constant index | CORRECTNESS | CLI_CONSTANT_LIST_INDEX | 278 | Medium |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) accesses list or array with constant index | CORRECTNESS | CLI_CONSTANT_LIST_INDEX | 279 | Medium |
| Unconstrained method net.alchim31.maven.yuicompressor.BasicRhinoShell.readFile(String) converts checked exception to unchecked | STYLE | EXS_EXCEPTION_SOFTENING_NO_CONSTRAINTS | 295 | High |
| Unconstrained method net.alchim31.maven.yuicompressor.BasicRhinoShell.readFile(String) converts checked exception to unchecked | STYLE | EXS_EXCEPTION_SOFTENING_NO_CONSTRAINTS | 297 | High |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShell.processOptions(Context, String[]) makes literal string comparisons passing the literal as an argument | STYLE | LSC_LITERAL_STRING_COMPARISON | 169 | High |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShell.exec(String[], ErrorReporter) creates array using constants | PERFORMANCE | SACM_STATIC_ARRAY_CREATED_IN_METHOD | 125 | Medium |
| Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance | CORRECTNESS | SLF4J_FORMAT_SHOULD_BE_CONST | 247 | High |
| Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance | CORRECTNESS | SLF4J_FORMAT_SHOULD_BE_CONST | 388 | High |
| Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance | CORRECTNESS | SLF4J_FORMAT_SHOULD_BE_CONST | 394 | High |
| Format should be constant. Use placeholder to reduce the needless cost of parameter construction. see http://www.slf4j.org/faq.html#logging_performance | CORRECTNESS | SLF4J_FORMAT_SHOULD_BE_CONST | 408 | High |
| To make log readable, log format () should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 241 | Medium |
| To make log readable, log format () should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 249 | Medium |
| To make log readable, log format ({}) should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 384 | Medium |
| To make log readable, log format () should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 389 | Medium |
| To make log readable, log format () should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 401 | Medium |
| To make log readable, log format () should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 409 | Medium |
| To make log readable, log format () should contain non-sign character. | BAD_PRACTICE | SLF4J_SIGN_ONLY_FORMAT | 413 | Medium |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShell.processSource(Context, String) passes constant String of length 1 to character overridden method | PERFORMANCE | UCPM_USE_CHARACTER_PARAMETERIZED_METHOD | 373 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.load(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 341-345 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.print(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 239-250 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.print(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 239-250 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.print(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 239-250 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.version(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 318-323 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.version(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 318-323 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 276-281 | Medium |
| Static or private method net.alchim31.maven.yuicompressor.BasicRhinoShell.warn(Context, Scriptable, Object[], Function) has unused parameters | STYLE | UP_UNUSED_PARAMETER | 276-281 | Medium |
net.alchim31.maven.yuicompressor.BasicRhinoShellTest
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.BasicRhinoShellTest.testQuitSetsFlag() declares RuntimeException in throws clause | STYLE | DRE_DECLARED_RUNTIME_EXCEPTION | 128-134 | Medium |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShellTest.testQuitSetsFlag() uses AccessibleObject.setAccessible to modify accessibility of classes | CORRECTNESS | RFI_SET_ACCESSIBLE | 132 | Medium |
| Method net.alchim31.maven.yuicompressor.BasicRhinoShellTest.testProcessOptionsVersion() creates array using constants | PERFORMANCE | SACM_STATIC_ARRAY_CREATED_IN_METHOD | 97 | Medium |
net.alchim31.maven.yuicompressor.ErrorReporter4Mojo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new net.alchim31.maven.yuicompressor.ErrorReporter4Mojo(Log, boolean, BuildContext) may expose internal representation by storing an externally mutable object into ErrorReporter4Mojo.buildContext | MALICIOUS_CODE | EI_EXPOSE_REP2 | 68 | Medium |
net.alchim31.maven.yuicompressor.JSLintChecker
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Exception thrown in class net.alchim31.maven.yuicompressor.JSLintChecker at new net.alchim31.maven.yuicompressor.JSLintChecker() will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. | BAD_PRACTICE | CT_CONSTRUCTOR_THROW | 47 | Medium |
net.alchim31.maven.yuicompressor.JSLintCheckerTest
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.JSLintCheckerTest.testConstructorCreatesTempFile() uses AccessibleObject.setAccessible to modify accessibility of classes | CORRECTNESS | RFI_SET_ACCESSIBLE | 89 | Medium |
| Exceptional return value of java.io.File.delete() ignored in net.alchim31.maven.yuicompressor.JSLintCheckerTest.tearDown() | BAD_PRACTICE | RV_RETURN_VALUE_IGNORED_BAD_PRACTICE | 65 | Medium |
net.alchim31.maven.yuicompressor.JSLintMojo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.JSLintMojo.processFile(SourceFile) appears to call the same method on the same object redundantly | PERFORMANCE | PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS | 54 | Medium |
net.alchim31.maven.yuicompressor.MojoSupport
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.MojoSupport.processDir(File, File, List, boolean) appears to call the same method on the same object redundantly | PERFORMANCE | PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS | 263 | Medium |
net.alchim31.maven.yuicompressor.SourceFile
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| This method new net.alchim31.maven.yuicompressor.SourceFile(File, File, String, boolean) parses a String that is a field | STYLE | STT_STRING_PARSING_A_FIELD | 61 | Medium |
| This method new net.alchim31.maven.yuicompressor.SourceFile(File, File, String, boolean) parses a String that is a field | STYLE | STT_STRING_PARSING_A_FIELD | 63 | Medium |
| This method new net.alchim31.maven.yuicompressor.SourceFile(File, File, String, boolean) parses a String that is a field | STYLE | STT_STRING_PARSING_A_FIELD | 64 | Medium |
net.alchim31.maven.yuicompressor.YuiCompressorMojo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method net.alchim31.maven.yuicompressor.YuiCompressorMojo.processFile(SourceFile) appears to call the same method on the same object redundantly | PERFORMANCE | PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS | 242 | Medium |
| Instance field net.alchim31.maven.yuicompressor.YuiCompressorMojo.encoding likely could be defined as static | CORRECTNESS | SPP_FIELD_COULD_BE_STATIC | Not available | Medium |
| Instance field net.alchim31.maven.yuicompressor.YuiCompressorMojo.level likely could be defined as static | CORRECTNESS | SPP_FIELD_COULD_BE_STATIC | Not available | Medium |
| Instance field net.alchim31.maven.yuicompressor.YuiCompressorMojo.linebreakpos likely could be defined as static | CORRECTNESS | SPP_FIELD_COULD_BE_STATIC | Not available | Medium |