Fork me on GitHub
built with maven developed using built on cloudbees

FindBugs Bug Detector Report

The following document contains the results of FindBugs Report

FindBugs Version is 2.0.2

Threshold is medium

Effort is min

Summary

Classes Bugs Errors Missing Classes
200 11 0 0

Files

Class Bugs
org.owasp.dependencycheck.Engine 3
org.owasp.dependencycheck.analyzer.ArchiveAnalyzer 1
org.owasp.dependencycheck.analyzer.AssemblyAnalyzer 1
org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer 2
org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer 1
org.owasp.dependencycheck.data.update.task.DownloadTask 2

org.owasp.dependencycheck.Engine

Bug Category Details Line Priority
org.owasp.dependencycheck.Engine is Serializable; consider declaring a serialVersionUID BAD_PRACTICE SE_NO_SERIALVERSIONID 77-533 Medium
The field org.owasp.dependencycheck.Engine.analyzers is transient but isn't set by deserialization BAD_PRACTICE SE_TRANSIENT_FIELD_NOT_RESTORED Not available Medium
The field org.owasp.dependencycheck.Engine.fileTypeAnalyzers is transient but isn't set by deserialization BAD_PRACTICE SE_TRANSIENT_FIELD_NOT_RESTORED Not available Medium

org.owasp.dependencycheck.analyzer.ArchiveAnalyzer

Bug Category Details Line Priority
Redundant nullcheck of org.owasp.dependencycheck.analyzer.ArchiveAnalyzer.tempFileLocation, which is known to be non-null in org.owasp.dependencycheck.analyzer.ArchiveAnalyzer.close() STYLE RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE 189 Medium

org.owasp.dependencycheck.analyzer.AssemblyAnalyzer

Bug Category Details Line Priority
org.owasp.dependencycheck.analyzer.AssemblyAnalyzer.initializeFileTypeAnalyzer() discards result of readLine after checking if it is nonnull STYLE RV_DONT_JUST_NULL_CHECK_READLINE 239 Medium

org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer

Bug Category Details Line Priority
Possible null pointer dereference of currentVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) STYLE NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE 179 Medium
Possible null pointer dereference of nextVersion on branch that might be infeasible in org.owasp.dependencycheck.analyzer.FalsePositiveAnalyzer.removeSpuriousCPE(Dependency) STYLE NP_NULL_ON_SOME_PATH_MIGHT_BE_INFEASIBLE 179 Medium

org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer

Bug Category Details Line Priority
Found reliance on default encoding in org.owasp.dependencycheck.analyzer.JavaScriptAnalyzer.analyzeFileType(Dependency, Engine): new java.io.FileReader(File) I18N DM_DEFAULT_ENCODING 115 High

org.owasp.dependencycheck.data.update.task.DownloadTask

Bug Category Details Line Priority
org.owasp.dependencycheck.data.update.task.DownloadTask.extractGzip(File) may fail to clean up java.io.OutputStream on checked exception EXPERIMENTAL OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE 279 Medium
exceptional return value of java.io.File.delete() ignored in org.owasp.dependencycheck.data.update.task.DownloadTask.extractGzip(File) BAD_PRACTICE RV_RETURN_VALUE_IGNORED_BAD_PRACTICE 266 Medium