SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.6

Threshold is medium

Effort is max

Summary

Classes	Bugs	Errors	Missing Classes
11	65	0	3

Files

Class	Bugs
com.github.hazendaz.maven.htmlcompressor_maven_plugin.HelpMojo	1
com.tunyk.mvn.plugins.htmlcompressor.FileTool	10
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressor	4
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo	41
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressor	4
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo	5

com.github.hazendaz.maven.htmlcompressor_maven_plugin.HelpMojo

Bug	Category	Details	Line	Priority
The use of DocumentBuilder.parse(...) (DocumentBuilder) is vulnerable to XML External Entity attacks	SECURITY	XXE_DOCUMENT	77	Medium

com.tunyk.mvn.plugins.htmlcompressor.FileTool

Bug	Category	Details	Line	Priority
Exception thrown in class com.tunyk.mvn.plugins.htmlcompressor.FileTool at new com.tunyk.mvn.plugins.htmlcompressor.FileTool(String, String[], boolean) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks.	BAD_PRACTICE	CT_CONSTRUCTOR_THROW	70	Medium
com.tunyk.mvn.plugins.htmlcompressor.FileTool.getFileExtensions() may expose internal representation by returning FileTool.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP	227	Medium
new com.tunyk.mvn.plugins.htmlcompressor.FileTool(String, String[], boolean) may expose internal representation by storing an externally mutable object into FileTool.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP2	71	Medium
com.tunyk.mvn.plugins.htmlcompressor.FileTool.setFileExtensions(String[]) may expose internal representation by storing an externally mutable object into FileTool.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP2	237	Medium
Possible null pointer dereference in com.tunyk.mvn.plugins.htmlcompressor.FileTool.writeFiles(Map, String) due to return value of called method	STYLE	NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE	119	Medium
Possible null pointer dereference in com.tunyk.mvn.plugins.htmlcompressor.FileTool.writeToJsonFile(Map, String, String) due to return value of called method	STYLE	NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE	154	Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input	SECURITY	PATH_TRAVERSAL_IN	217	Medium
Constructor new com.tunyk.mvn.plugins.htmlcompressor.FileTool(String, String[], boolean) makes call to non-final method	CORRECTNESS	PCOA_PARTIALLY_CONSTRUCTED_OBJECT_ACCESS	70	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.FileTool.getFiles() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	94	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.FileTool.setRootDirPath(String) passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	218	Medium

com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressor

Bug	Category	Details	Line	Priority
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressor.getFileExtensions() may expose internal representation by returning HtmlCompressor.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP	133	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressor.getHtmlCompressor() may expose internal representation by returning HtmlCompressor.htmlCompressor	MALICIOUS_CODE	EI_EXPOSE_REP	266	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressor.setFileExtensions(String[]) may expose internal representation by storing an externally mutable object into HtmlCompressor.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP2	143	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressor.setHtmlCompressor(HtmlCompressor) may expose internal representation by storing an externally mutable object into HtmlCompressor.htmlCompressor	MALICIOUS_CODE	EI_EXPOSE_REP2	276	Medium

com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo

Bug	Category	Details	Line	Priority
Do not catch NullPointerException like in com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute()	STYLE	DCN_NULLPOINTER_EXCEPTION	387	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.getClosureExterns() may expose internal representation by returning HtmlCompressorMojo.closureExterns	MALICIOUS_CODE	EI_EXPOSE_REP	1214	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.getFileExt() may expose internal representation by returning HtmlCompressorMojo.fileExt	MALICIOUS_CODE	EI_EXPOSE_REP	489	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.getFileExtensions() may expose internal representation by returning HtmlCompressorMojo.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP	511	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.getPredefinedPreservePatterns() may expose internal representation by returning HtmlCompressorMojo.predefinedPreservePatterns	MALICIOUS_CODE	EI_EXPOSE_REP	1005	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.getPreservePatternFiles() may expose internal representation by returning HtmlCompressorMojo.preservePatternFiles	MALICIOUS_CODE	EI_EXPOSE_REP	1043	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.getPreservePatterns() may expose internal representation by returning HtmlCompressorMojo.preservePatterns	MALICIOUS_CODE	EI_EXPOSE_REP	1024	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.setClosureExterns(String[]) may expose internal representation by storing an externally mutable object into HtmlCompressorMojo.closureExterns	MALICIOUS_CODE	EI_EXPOSE_REP2	1224	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.setFileExt(String[]) may expose internal representation by storing an externally mutable object into HtmlCompressorMojo.fileExt	MALICIOUS_CODE	EI_EXPOSE_REP2	502	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.setFileExtensions(String[]) may expose internal representation by storing an externally mutable object into HtmlCompressorMojo.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP2	521	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.setPredefinedPreservePatterns(String[]) may expose internal representation by storing an externally mutable object into HtmlCompressorMojo.predefinedPreservePatterns	MALICIOUS_CODE	EI_EXPOSE_REP2	1015	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.setPreservePatternFiles(File[]) may expose internal representation by storing an externally mutable object into HtmlCompressorMojo.preservePatternFiles	MALICIOUS_CODE	EI_EXPOSE_REP2	1053	Medium
com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.setPreservePatterns(String[]) may expose internal representation by storing an externally mutable object into HtmlCompressorMojo.preservePatterns	MALICIOUS_CODE	EI_EXPOSE_REP2	1034	Medium
Class com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo defines fields that are used only as locals	CORRECTNESS	FCBL_FIELD_COULD_BE_LOCAL	Not available	Medium
Class com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo defines fields that are used only as locals	CORRECTNESS	FCBL_FIELD_COULD_BE_LOCAL	Not available	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() throws alternative exception from catch block without history	CORRECTNESS	LEST_LOST_EXCEPTION_STACK_TRACE	353	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() throws alternative exception from catch block without history	CORRECTNESS	LEST_LOST_EXCEPTION_STACK_TRACE	368	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() throws alternative exception from catch block without history	CORRECTNESS	LEST_LOST_EXCEPTION_STACK_TRACE	378	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() throws alternative exception from catch block without history	CORRECTNESS	LEST_LOST_EXCEPTION_STACK_TRACE	455	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() makes literal string comparisons passing the literal as an argument	STYLE	LSC_LITERAL_STRING_COMPARISON	309	High
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() makes literal string comparisons passing the literal as an argument	STYLE	LSC_LITERAL_STRING_COMPARISON	312	High
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() makes literal string comparisons passing the literal as an argument	STYLE	LSC_LITERAL_STRING_COMPARISON	323	High
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() makes literal string comparisons passing the literal as an argument	STYLE	LSC_LITERAL_STRING_COMPARISON	337	High
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() makes literal string comparisons passing the literal as an argument	STYLE	LSC_LITERAL_STRING_COMPARISON	340	High
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() creates Boxed primitive from primitive only to get primitive value	PERFORMANCE	NAB_NEEDLESS_BOX_TO_UNBOX	422	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() creates Boxed primitive from primitive only to get primitive value	PERFORMANCE	NAB_NEEDLESS_BOX_TO_UNBOX	423	Medium
Possible null pointer dereference in com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() due to return value of called method	STYLE	NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE	452	Medium
This API (java/io/File.<init>(Ljava/lang/String;)V) reads a file whose location might be specified by user input	SECURITY	PATH_TRAVERSAL_IN	264	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() does not presize the allocation of a collection	PERFORMANCE	PSC_PRESIZE_COLLECTIONS	318	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	430	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	431	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	432	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	433	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	435	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	437	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	439	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	441	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	442	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	446	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.HtmlCompressorMojo.execute() passes constant String of length 1 to character overridden method	PERFORMANCE	UCPM_USE_CHARACTER_PARAMETERIZED_METHOD	447	Medium

com.tunyk.mvn.plugins.htmlcompressor.XmlCompressor

Bug	Category	Details	Line	Priority
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressor.getFileExtensions() may expose internal representation by returning XmlCompressor.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP	93	Medium
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressor.getXmlCompressor() may expose internal representation by returning XmlCompressor.xmlCompressor	MALICIOUS_CODE	EI_EXPOSE_REP	169	Medium
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressor.setFileExtensions(String[]) may expose internal representation by storing an externally mutable object into XmlCompressor.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP2	103	Medium
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressor.setXmlCompressor(XmlCompressor) may expose internal representation by storing an externally mutable object into XmlCompressor.xmlCompressor	MALICIOUS_CODE	EI_EXPOSE_REP2	179	Medium

com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo

Bug	Category	Details	Line	Priority
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo.getFileExt() may expose internal representation by returning XmlCompressorMojo.fileExt	MALICIOUS_CODE	EI_EXPOSE_REP	127	Medium
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo.getFileExtensions() may expose internal representation by returning XmlCompressorMojo.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP	149	Medium
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo.setFileExt(String[]) may expose internal representation by storing an externally mutable object into XmlCompressorMojo.fileExt	MALICIOUS_CODE	EI_EXPOSE_REP2	140	Medium
com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo.setFileExtensions(String[]) may expose internal representation by storing an externally mutable object into XmlCompressorMojo.fileExtensions	MALICIOUS_CODE	EI_EXPOSE_REP2	159	Medium
Method com.tunyk.mvn.plugins.htmlcompressor.XmlCompressorMojo.execute() throws alternative exception from catch block without history	CORRECTNESS	LEST_LOST_EXCEPTION_STACK_TRACE	112	Medium