Fork me on GitHub
Built by Maven

SpotBugs Bug Detector Report

The following document contains the results of SpotBugs

SpotBugs Version is 4.8.6

Threshold is medium

Effort is default

Summary

Classes Bugs Errors Missing Classes
40 16 0 0

Files

Class Bugs
org.codehaus.gmavenplus.groovyworkarounds.DotGroovyFile 3
org.codehaus.gmavenplus.model.internal.Version 2
org.codehaus.gmavenplus.mojo.AbstractGroovyDocMojo 2
org.codehaus.gmavenplus.mojo.ConsoleMojo 1
org.codehaus.gmavenplus.mojo.ExecuteMojo 2
org.codehaus.gmavenplus.mojo.ShellMojo 1
org.codehaus.gmavenplus.util.ClassWrangler 4
org.codehaus.gmavenplus.util.NoExitSecurityManager 1

org.codehaus.gmavenplus.groovyworkarounds.DotGroovyFile

Bug Category Details Line Priority
org.codehaus.gmavenplus.groovyworkarounds.DotGroovyFile.getScriptExtensions() may expose internal representation by returning DotGroovyFile.scriptExtensions MALICIOUS_CODE EI_EXPOSE_REP 111 Medium
org.codehaus.gmavenplus.groovyworkarounds.DotGroovyFile.setScriptExtensions(Set) may expose internal representation by storing an externally mutable object into DotGroovyFile.scriptExtensions MALICIOUS_CODE EI_EXPOSE_REP2 121 Medium
org.codehaus.gmavenplus.groovyworkarounds.DotGroovyFile doesn't override java.io.File.equals(Object) STYLE EQ_DOESNT_OVERRIDE_EQUALS 1 Medium

org.codehaus.gmavenplus.model.internal.Version

Bug Category Details Line Priority
Exception thrown in class org.codehaus.gmavenplus.model.internal.Version at new org.codehaus.gmavenplus.model.internal.Version(int, int, int) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 83 Medium
Exception thrown in class org.codehaus.gmavenplus.model.internal.Version at new org.codehaus.gmavenplus.model.internal.Version(int, int, int, String) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 62 Medium

org.codehaus.gmavenplus.mojo.AbstractGroovyDocMojo

Bug Category Details Line Priority
Found reliance on default encoding in org.codehaus.gmavenplus.mojo.AbstractGroovyDocMojo.copyStylesheet(File): new java.io.InputStreamReader(InputStream) I18N DM_DEFAULT_ENCODING 541 High
Found reliance on default encoding in org.codehaus.gmavenplus.mojo.AbstractGroovyDocMojo.copyStylesheet(File): new java.io.OutputStreamWriter(OutputStream) I18N DM_DEFAULT_ENCODING 552 High

org.codehaus.gmavenplus.mojo.ConsoleMojo

Bug Category Details Line Priority
org.codehaus.gmavenplus.mojo.ConsoleMojo.setupConsole(Class, Class) makes inefficient use of keySet iterator instead of entrySet iterator PERFORMANCE WMI_WRONG_MAP_ITERATOR 185 Medium

org.codehaus.gmavenplus.mojo.ExecuteMojo

Bug Category Details Line Priority
Found reliance on default encoding in org.codehaus.gmavenplus.mojo.ExecuteMojo.executeScriptFromUrl(Class, Object, String): new java.io.InputStreamReader(InputStream) I18N DM_DEFAULT_ENCODING 280 High
org.codehaus.gmavenplus.mojo.ExecuteMojo.setupShell(Class) makes inefficient use of keySet iterator instead of entrySet iterator PERFORMANCE WMI_WRONG_MAP_ITERATOR 206 Medium

org.codehaus.gmavenplus.mojo.ShellMojo

Bug Category Details Line Priority
org.codehaus.gmavenplus.mojo.ShellMojo.setupShell(Class, Class, Class, Class, Class) makes inefficient use of keySet iterator instead of entrySet iterator PERFORMANCE WMI_WRONG_MAP_ITERATOR 163 Medium

org.codehaus.gmavenplus.util.ClassWrangler

Bug Category Details Line Priority
Exception thrown in class org.codehaus.gmavenplus.util.ClassWrangler at new org.codehaus.gmavenplus.util.ClassWrangler(List, ClassLoader, Log) will leave the constructor. The object under construction remains partially initialized and may be vulnerable to Finalizer attacks. BAD_PRACTICE CT_CONSTRUCTOR_THROW 73 Medium
org.codehaus.gmavenplus.util.ClassWrangler.createNewClassLoader(List, ClassLoader) creates a java.net.URLClassLoader classloader, which should be performed within a doPrivileged block MALICIOUS_CODE DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED 260 Medium
org.codehaus.gmavenplus.util.ClassWrangler.getClassLoader() may expose internal representation by returning ClassWrangler.classLoader MALICIOUS_CODE EI_EXPOSE_REP 242 Medium
Redundant nullcheck of groovyObjectClassPath, which is known to be non-null in org.codehaus.gmavenplus.util.ClassWrangler.getJarPath() STYLE RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE 292 Medium

org.codehaus.gmavenplus.util.NoExitSecurityManager

Bug Category Details Line Priority
The method 'org.codehaus.gmavenplus.util.NoExitSecurityManager.checkPermission(Permission)' performs security check by using 'SecurityManager.checkPermission(Permission)' method of Security Manager Class, but is overrideable. Declare the method final or private in order to resolve the issue. MALICIOUS_CODE VSC_VULNERABLE_SECURITY_CHECK_METHODS 58 Medium