SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.9.3
Threshold is medium
Effort is max
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 9 | 4 | 0 | 1 |
Files
com.github.hazendaz.maven.directory_maven_plugin.HelpMojo
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks | SECURITY | XXE_DOCUMENT | 77 | Medium |
org.commonjava.maven.plugins.execroot.HighestBasedirGoal
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Method org.commonjava.maven.plugins.execroot.HighestBasedirGoal.findDirectory() performs algorithmic operations on the result of a toString() call | CORRECTNESS | ITU_INAPPROPRIATE_TOSTRING_USE | 70 | Medium |
| Method org.commonjava.maven.plugins.execroot.HighestBasedirGoal.findDirectory() appears to call the same method on the same object redundantly | PERFORMANCE | PRMC_POSSIBLY_REDUNDANT_METHOD_CALLS | 79 | Medium |
org.commonjava.maven.plugins.execroot.HighestBasedirGoal$PathComparator
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| org.commonjava.maven.plugins.execroot.HighestBasedirGoal$PathComparator implements Comparator but not Serializable | BAD_PRACTICE | SE_COMPARATOR_SHOULD_BE_SERIALIZABLE | 43-49 | Medium |