SpotBugs Report

Project Information

Project: report_accumulator (spotbugsMain)

SpotBugs version: 4.5.0

Code analyzed:



Metrics

806 lines of code analyzed, in 28 classes, in 1 packages.

Metric Total Density*
High Priority Warnings 2 2.48
Medium Priority Warnings 36 44.67
Total Warnings 38 47.15

(* Defects per Thousand lines of non-commenting source statements)



Contents

Summary

Warning Type Number
Bad practice Warnings 12
Internationalization Warnings 2
Malicious code vulnerability Warnings 15
Dodgy code Warnings 9
Total 38

Warnings

Click on a warning row to see full context information.

Bad practice Warnings

Code Warning
SnVI edu.odu.cs.zeil.report_accumulator.ReportAccumulatorPlugin$_apply_closure1 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.ReportStats$_perform_closure1 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure1 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure1$_closure6 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure2 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure3 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure3$_closure7 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure4 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8$_closure10 is Serializable; consider declaring a serialVersionUID
SnVI edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8$_closure9 is Serializable; consider declaring a serialVersionUID

Internationalization Warnings

Code Warning
Dm Found reliance on default encoding in edu.odu.cs.zeil.report_accumulator.Accumulator.scanForStatistics(File, ReportScanner): new java.io.FileWriter(File)
Dm Found reliance on default encoding in edu.odu.cs.zeil.report_accumulator.Accumulator.scanForStatistics(File, ReportScanner): new java.io.InputStreamReader(InputStream)

Malicious code vulnerability Warnings

Code Warning
EI edu.odu.cs.zeil.report_accumulator.JacocoBranchCoverageScanner.extractStatistics() may expose internal representation by returning JacocoBranchCoverageScanner.statistics
EI edu.odu.cs.zeil.report_accumulator.ReportAccumulatorPlugin.getMetaClass() may expose internal representation by returning ReportAccumulatorPlugin.metaClass
EI edu.odu.cs.zeil.report_accumulator.ReportStats.getMetaClass() may expose internal representation by returning ReportStats.metaClass
EI edu.odu.cs.zeil.report_accumulator.StatsAccumulator.getMetaClass() may expose internal representation by returning StatsAccumulator.metaClass
EI2 edu.odu.cs.zeil.report_accumulator.ReportAccumulatorPlugin.setMetaClass(MetaClass) may expose internal representation by storing an externally mutable object into ReportAccumulatorPlugin.metaClass
EI2 edu.odu.cs.zeil.report_accumulator.ReportStats.setMetaClass(MetaClass) may expose internal representation by storing an externally mutable object into ReportStats.metaClass
EI2 edu.odu.cs.zeil.report_accumulator.StatsAccumulator.setMetaClass(MetaClass) may expose internal representation by storing an externally mutable object into StatsAccumulator.metaClass
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure2(Object, Object, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure2.project
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure3(Object, Object, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure3.project
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure3$_closure7(Object, Object, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure3$_closure7.project
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5(Object, Object, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure5.project
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8(Object, Object, Reference, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure5$_closure8.project
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8(Object, Object, Reference, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure5$_closure8.remotePath
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8$_closure10(Object, Object, Reference, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure5$_closure8$_closure10.project
EI2 new edu.odu.cs.zeil.report_accumulator.StatsAccumulator$_apply_closure5$_closure8$_closure10(Object, Object, Reference, Reference) may expose internal representation by storing an externally mutable object into StatsAccumulator$_apply_closure5$_closure8$_closure10.remotePath

Dodgy code Warnings

Code Warning
DLS Dead store to parent in edu.odu.cs.zeil.report_accumulator.JacocoBranchCoverageScanner$1.visitFile(Path, BasicFileAttributes)
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.Accumulator.accumulateStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.CheckstyleScanner.extractStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.FindBugsScanner.extractStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.JUnitScanner.extractStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.JUnitScanner.extractStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.JUnitScanner.extractStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.PMDScanner.extractStatistics() due to return value of called method
NP Possible null pointer dereference in edu.odu.cs.zeil.report_accumulator.SpotBugsScanner.extractStatistics() due to return value of called method

Details

DLS_DEAD_LOCAL_STORE: Dead store to local variable

This instruction assigns a value to a local variable, but the value is not read or used in any subsequent instruction. Often, this indicates an error, because the value computed is never used.

Note that Sun's javac compiler often generates dead stores for final local variables. Because SpotBugs is a bytecode-based tool, there is no easy way to eliminate these false positives.

DM_DEFAULT_ENCODING: Reliance on default encoding

Found a call to a method which will perform a byte to String (or String to byte) conversion, and will assume that the default platform encoding is suitable. This will cause the application behaviour to vary between platforms. Use an alternative API and specify a charset name or Charset object explicitly.

EI_EXPOSE_REP: May expose internal representation by returning reference to mutable object

Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Returning a new copy of the object is better approach in many situations.

EI_EXPOSE_REP2: May expose internal representation by incorporating reference to mutable object

This code stores a reference to an externally mutable object into the internal representation of the object.  If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different. Storing a copy of the object is better approach in many situations.

NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE: Possible null pointer dereference due to return value of called method

The return value from a method is dereferenced without a null check, and the return value of that method is one that should generally be checked for null. This may lead to a NullPointerException when the code is executed.

SE_NO_SERIALVERSIONID: Class is Serializable, but doesn't define serialVersionUID

This class implements the Serializable interface, but does not define a serialVersionUID field.  A change as simple as adding a reference to a .class object will add synthetic fields to the class, which will unfortunately change the implicit serialVersionUID (e.g., adding a reference to String.class will generate a static field class$java$lang$String). Also, different source code to bytecode compilers may use different naming conventions for synthetic variables generated for references to class objects or inner classes. To ensure interoperability of Serializable across versions, consider adding an explicit serialVersionUID.