github-mirrors/DependencyCheck
1
0
Fork 0
mirror of https://github.com/ysoftdevs/DependencyCheck.git synced 2026-05-01 04:34:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

version 1.1.2 of project documentation

Browse Source
This commit is contained in:
Jeremy Long
2014-03-03 19:32:36 -05:00
parent 9f9ed6f1da
commit 9a00756d3f
982 changed files with 42586 additions and 30816 deletions
Download Patch File Download Diff File Expand all files Collapse all files

229
dependency-check-core/findbugs.html
View File

@@ -1,27 +1,27 @@
<!DOCTYPE html>
<!--
| Generated by Apache Maven Doxia at 2014-01-30
| Rendered using Apache Maven Fluido Skin 1.3.0
| Generated by Apache Maven Doxia at 2014-03-03
| Rendered using Apache Maven Fluido Skin 1.3.1
-->
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="Date-Revision-yyyymmdd" content="20140130" />
<meta name="Date-Revision-yyyymmdd" content="20140303" />
<meta http-equiv="Content-Language" content="en" />
<title>dependency-check-core - FindBugs Bug Detector Report</title>
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.0.min.css" />
<link rel="stylesheet" href="./css/apache-maven-fluido-1.3.1.min.css" />
<link rel="stylesheet" href="./css/site.css" />
<link rel="stylesheet" href="./css/print.css" media="print" />
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.0.min.js"></script>
<script type="text/javascript" src="./js/apache-maven-fluido-1.3.1.min.js"></script>
<style type="text/css">#bannerLeft { margin-top:50px !important }</style>
</head>
</head>
<body class="topBarDisabled">
@@ -54,21 +54,23 @@
<li class="">
<a href="../../../../../../../../../../../../c:/Users/jeremy/Documents/NetBeansProjects/DependencyCheck/target/site/1.1.1/#" title="">
<a href="../../../../../../../../../../../../c:/Users/jeremy/Documents/NetBeansProjects/DependencyCheck/target/site/1.1.2/#" title="">
</a>
</li>
<li class="divider ">/</li>
<span class="divider">/</span>
</li>
<li class="">
<a href="../index.html" title="dependency-check">
dependency-check</a>
</li>
<li class="divider ">/</li>
<li class="">FindBugs Bug Detector Report</li>
<span class="divider">/</span>
</li>
<li class="active ">FindBugs Bug Detector Report</li>
<li id="publishDate" class="pull-right">Last Published: 2014-01-30</li> <li class="divider pull-right">|</li>
<li id="projectVersion" class="pull-right">Version: 1.1.1</li>
<li id="publishDate" class="pull-right"><span class="divider">|</span> Last Published: 2014-03-03</li>
<li id="projectVersion" class="pull-right">
Version: 1.1.2
</li>
</ul>
</div>
@@ -81,112 +83,112 @@
<ul class="nav nav-list">
<li class="nav-header">Project Documentation</li>
<li>
<a href="project-info.html" title="Project Information">
<i class="icon-chevron-right"></i>
Project Information</a>
</li>
<li>
<a href="project-reports.html" title="Project Reports">
<i class="icon-chevron-down"></i>
Project Reports</a>
<ul class="nav nav-list">
<li>
<a href="apidocs/index.html" title="JavaDocs">
<i class="none"></i>
JavaDocs</a>
</li>
<li>
<a href="dependency-updates-report.html" title="Dependency Updates Report">
<i class="none"></i>
Dependency Updates Report</a>
</li>
<li>
<a href="plugin-updates-report.html" title="Plugin Updates Report">
<i class="none"></i>
Plugin Updates Report</a>
</li>
<li>
<a href="xref-test/index.html" title="Test Source Xref">
<i class="none"></i>
Test Source Xref</a>
</li>
<li>
<a href="xref/index.html" title="Source Xref">
<i class="none"></i>
Source Xref</a>
</li>
<li>
<a href="cobertura/index.html" title="Cobertura Test Coverage">
<i class="none"></i>
Cobertura Test Coverage</a>
</li>
<li>
<a href="surefire-report.html" title="Surefire Report">
<i class="none"></i>
Surefire Report</a>
</li>
<li>
<a href="failsafe-report.html" title="Failsafe Report">
<i class="none"></i>
Failsafe Report</a>
</li>
<li>
<a href="taglist.html" title="Tag List">
<i class="none"></i>
Tag List</a>
</li>
<li>
<a href="checkstyle.html" title="Checkstyle">
<i class="none"></i>
Checkstyle</a>
</li>
<li>
<a href="cpd.html" title="CPD Report">
<i class="none"></i>
CPD Report</a>
</li>
<li>
<a href="pmd.html" title="PMD Report">
<i class="none"></i>
PMD Report</a>
</li>
<li class="active">
<a href="#"><i class="none"></i>FindBugs Report</a>
</li>
<li>
<a href="javancss.html" title="JavaNCSS Report">
<i class="none"></i>
JavaNCSS Report</a>
@@ -197,10 +199,16 @@
<hr class="divider" />
<hr />
<div id="poweredBy">
<div class="clear"></div>
<script type="text/javascript" src="https://apis.google.com/js/plusone.js"></script>
<div class="g-plusone" data-href="https://github.com/jeremylong/DependencyCheck.git/dependency-check-core" data-size="tall" ></div>
<div class="clear"></div>
<div class="clear"></div>
@@ -212,10 +220,17 @@
</div>
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy">
<img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" />
<div class="clear"></div>
<a href="http://maven.apache.org/" title="Maven" class="builtBy">
<img class="builtBy" alt="built with maven" src="http://jeremylong.github.io/DependencyCheck/images/logos/maven-feather.png" />
</a>
</div>
<a href="http://maven.apache.org/" title="IntelliJ" class="builtBy">
<img class="builtBy" alt="developed using" src="http://jeremylong.github.io/DependencyCheck/images/logos/logo_intellij_idea.png" width="170px" />
</a>
<a href="http://www.cloudbees.com/" title="Cloudbees" class="builtBy">
<img class="builtBy" alt="built on cloudbees" src="http://jeremylong.github.io/DependencyCheck/images/logos/Button-Built-on-CB-1.png" />
</a>
</div>
</div>
</div>
@@ -237,8 +252,8 @@
<th>Errors</th>
<th>Missing Classes</th></tr>
<tr class="b">
<td>201</td>
<td>10</td>
<td>205</td>
<td>7</td>
<td>0</td>
<td>0</td></tr></table></div>
<div class="section">
@@ -251,22 +266,16 @@
<td><a href="#org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer">org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer</a></td>
<td>2</td></tr>
<tr class="a">
<td><a href="#org.owasp.dependencycheck.analyzer.JarAnalyzer">org.owasp.dependencycheck.analyzer.JarAnalyzer</a></td>
<td>2</td></tr>
<tr class="b">
<td><a href="#org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer">org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer</a></td>
<td>1</td></tr>
<tr class="a">
<td><a href="#org.owasp.dependencycheck.data.nvdcve.CveDB">org.owasp.dependencycheck.data.nvdcve.CveDB</a></td>
<td>1</td></tr>
<tr class="b">
<td><a href="#org.owasp.dependencycheck.data.update.task.CallableDownloadTask">org.owasp.dependencycheck.data.update.task.CallableDownloadTask</a></td>
<td>1</td></tr>
<tr class="a">
<td><a href="#org.owasp.dependencycheck.utils.Downloader">org.owasp.dependencycheck.utils.Downloader</a></td>
<td><a href="#org.owasp.dependencycheck.utils.LogUtils">org.owasp.dependencycheck.utils.LogUtils</a></td>
<td>1</td></tr>
<tr class="b">
<td><a href="#org.owasp.dependencycheck.utils.LogUtils">org.owasp.dependencycheck.utils.LogUtils</a></td>
<td><a href="#org.owasp.dependencycheck.utils.URLConnectionFactory">org.owasp.dependencycheck.utils.URLConnectionFactory</a></td>
<td>1</td></tr></table></div><a name="org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer"></a>
<div class="section">
<h3>org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer<a name="org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer"></a></h3>
@@ -281,110 +290,74 @@
<td>Possible null pointer dereference of currentVersion in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency)</td>
<td>CORRECTNESS</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NULL_ON_SOME_PATH">NP_NULL_ON_SOME_PATH</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.html#163">163</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.html#164">164</a></td>
<td>Medium</td></tr>
<tr class="a">
<td>Possible null pointer dereference of nextVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency)</td>
<td>STYLE</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE">NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.html#163">163</a></td>
<td>Medium</td></tr></table></div><a name="org.owasp.dependencycheck.analyzer.JarAnalyzer"></a>
<div class="section">
<h3>org.owasp.dependencycheck.analyzer.JarAnalyzer<a name="org.owasp.dependencycheck.analyzer.JarAnalyzer"></a></h3>
<table border="0" class="table table-striped">
<tr class="b">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="a">
<td>Possible null pointer dereference of input in org.owasp.dependencycheck.analyzer.JarAnalyzer.extractPom(String, JarFile, Dependency) on exception path</td>
<td>CORRECTNESS</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#NP_NULL_ON_SOME_PATH_EXCEPTION">NP_NULL_ON_SOME_PATH_EXCEPTION</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/JarAnalyzer.html#396">396</a></td>
<td>Medium</td></tr>
<tr class="b">
<td>org.owasp.dependencycheck.analyzer.JarAnalyzer.extractPom(String, JarFile, Dependency) may fail to close stream</td>
<td>BAD_PRACTICE</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#OS_OPEN_STREAM">OS_OPEN_STREAM</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/JarAnalyzer.html#384">384</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/FalsePositiveAnalyzer.html#164">164</a></td>
<td>Medium</td></tr></table></div><a name="org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer"></a>
<div class="section">
<h3>org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer<a name="org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer"></a></h3>
<table border="0" class="table table-striped">
<tr class="a">
<tr class="b">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="b">
<tr class="a">
<td>Found reliance on default encoding in org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer.analyze(Dependency, Engine): new java.io.FileReader(File)</td>
<td>I18N</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#DM_DEFAULT_ENCODING">DM_DEFAULT_ENCODING</a></td>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/JavaScriptAnalyzer.html#110">110</a></td>
<td>High</td></tr></table></div><a name="org.owasp.dependencycheck.data.nvdcve.CveDB"></a>
<div class="section">
<h3>org.owasp.dependencycheck.data.nvdcve.CveDB<a name="org.owasp.dependencycheck.data.nvdcve.CveDB"></a></h3>
<table border="0" class="table table-striped">
<tr class="a">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="b">
<td>org.owasp.dependencycheck.data.nvdcve.CveDB.getVendorProductList() may fail to close PreparedStatement</td>
<td>BAD_PRACTICE</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#ODR_OPEN_DATABASE_RESOURCE">ODR_OPEN_DATABASE_RESOURCE</a></td>
<td><a href="./xref/org/owasp/dependencycheck/data/nvdcve/CveDB.html#297">297</a></td>
<td>Medium</td></tr></table></div><a name="org.owasp.dependencycheck.data.update.task.CallableDownloadTask"></a>
<td><a href="./xref/org/owasp/dependencycheck/analyzer/JavaScriptAnalyzer.html#111">111</a></td>
<td>High</td></tr></table></div><a name="org.owasp.dependencycheck.data.update.task.CallableDownloadTask"></a>
<div class="section">
<h3>org.owasp.dependencycheck.data.update.task.CallableDownloadTask<a name="org.owasp.dependencycheck.data.update.task.CallableDownloadTask"></a></h3>
<table border="0" class="table table-striped">
<tr class="a">
<tr class="b">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="b">
<tr class="a">
<td>new org.owasp.dependencycheck.data.update.task.CallableDownloadTask(NvdCveInfo, ExecutorService, CveDB) might ignore java.io.IOException</td>
<td>BAD_PRACTICE</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#DE_MIGHT_IGNORE">DE_MIGHT_IGNORE</a></td>
<td><a href="./xref/org/owasp/dependencycheck/data/update/task/CallableDownloadTask.html#58">58</a></td>
<td>Medium</td></tr></table></div><a name="org.owasp.dependencycheck.utils.Downloader"></a>
<div class="section">
<h3>org.owasp.dependencycheck.utils.Downloader<a name="org.owasp.dependencycheck.utils.Downloader"></a></h3>
<table border="0" class="table table-striped">
<tr class="a">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="b">
<td>Redundant nullcheck of conn which is known to be null in org.owasp.dependencycheck.utils.Downloader.getConnection(URL)</td>
<td>STYLE</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE</a></td>
<td><a href="./xref/org/owasp/dependencycheck/utils/Downloader.html#211">211</a></td>
<td>Medium</td></tr></table></div><a name="org.owasp.dependencycheck.utils.LogUtils"></a>
<div class="section">
<h3>org.owasp.dependencycheck.utils.LogUtils<a name="org.owasp.dependencycheck.utils.LogUtils"></a></h3>
<table border="0" class="table table-striped">
<tr class="a">
<tr class="b">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="b">
<tr class="a">
<td>Changes to logger could be lost in org.owasp.dependencycheck.utils.LogUtils.prepareLogger(InputStream, String)</td>
<td>EXPERIMENTAL</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE">LG_LOST_LOGGER_DUE_TO_WEAK_REFERENCE</a></td>
<td><a href="./xref/org/owasp/dependencycheck/utils/LogUtils.html#58">58</a></td>
<td>High</td></tr></table></div>
<td>High</td></tr></table></div><a name="org.owasp.dependencycheck.utils.URLConnectionFactory"></a>
<div class="section">
<h3>org.owasp.dependencycheck.utils.URLConnectionFactory<a name="org.owasp.dependencycheck.utils.URLConnectionFactory"></a></h3>
<table border="0" class="table table-striped">
<tr class="b">
<th>Bug</th>
<th>Category</th>
<th>Details</th>
<th>Line</th>
<th>Priority</th></tr>
<tr class="a">
<td>Redundant nullcheck of conn which is known to be null in org.owasp.dependencycheck.utils.URLConnectionFactory.createHttpURLConnection(URL)</td>
<td>STYLE</td>
<td><a class="externalLink" href="http://findbugs.sourceforge.net/bugDescriptions.html#RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE">RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE</a></td>
<td><a href="./xref/org/owasp/dependencycheck/utils/URLConnectionFactory.html#83">83</a></td>
<td>Medium</td></tr></table></div>
</div>
</div>
</div>
@@ -393,15 +366,17 @@
<footer>
<div class="container-fluid">
<div class="row span12">Copyright &copy; 2012-2014
<div class="row-fluid">
<p >Copyright &copy; 2012&#x2013;2014
<a href="http://www.owasp.org">OWASP</a>.
All Rights Reserved.
All rights reserved.
</div>
</p>
</div>
</div>
</footer>
</body>
</body>
</html>