Re: [eclipselink-users] Eclipselink 2.0.1 inject code detected byFindBug

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [eclipselink-users] Eclipselink 2.0.1 inject code detected byFindBugs

From: James Sutherland <jamesssss@xxxxxxxxx>
Date: Tue, 23 Mar 2010 11:21:07 -0700 (PDT)
Delivered-to: eclipselink-users@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/eclipselink-users>
List-help: <mailto:eclipselink-users-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/eclipselink-users>, <mailto:eclipselink-users-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/eclipselink-users>, <mailto:eclipselink-users-request@eclipse.org?subject=unsubscribe>

As well the other issues are only warnings, not errors, and they are
intentional and accounted for in the code.


Dave Brosius-2 wrote:
> 
> 
> There is already a patch on the site for this one:
> 
> Performance - Method invokes inefficient Number constructor; use static
> valueOf instead
> 
> 
> 
> ----- Original Message -----
> From: "José Arcángel Salazar Delgado"
> <arcangel.salazar@xxxxxxxxxxxxxxxxxx>
> Sent: Mon, March 8, 2010 0:41
> Subject:[eclipselink-users] Eclipselink 2.0.1 inject code detected
> byFindBugs
> 
> 
> Hi.
> 
> I'm using sonar with findbugs to check the sanity of the code. Findbugs
> encounter these errors in the code injected by eclipselink:
> 
> Performance - Method invokes inefficient Number constructor; use static
> valueOf instead
> 
> Bad practice - Comparison of String parameter using == or !=
> 
> Malicious code vulnerability - May expose internal representation by
> returning
> reference to mutable object
> 
> Malicious code vulnerability - May expose internal representation by
> incorporating reference to mutable object
> 
> Bad practice - Transient field that isn't set by deserialization.
> 
> Performance - Method invokes inefficient Boolean constructor; use
> Boolean.valueOf(...) instead
> 
> can this be corrected for the next release?
> 
> thanks for the time.
> 
> 


-----
http://wiki.eclipse.org/User:James.sutherland.oracle.com James Sutherland 
http://www.eclipse.org/eclipselink/
 EclipseLink ,  http://www.oracle.com/technology/products/ias/toplink/
TopLink 
Wiki:  http://wiki.eclipse.org/EclipseLink EclipseLink , 
http://wiki.oracle.com/page/TopLink TopLink 
Forums:  http://forums.oracle.com/forums/forum.jspa?forumID=48 TopLink , 
http://www.nabble.com/EclipseLink-f26430.html EclipseLink 
Book:  http://en.wikibooks.org/wiki/Java_Persistence Java Persistence 
-- 
View this message in context: http://old.nabble.com/Re%3A-Eclipselink-2.0.1-inject-code-detected--byFindBugs-tp27838667p28005090.html
Sent from the EclipseLink - Users mailing list archive at Nabble.com.

References:
- Re: [eclipselink-users] Eclipselink 2.0.1 inject code detected byFindBugs
  - From: Dave Brosius

Prev by Date: Re: [eclipselink-users] Error in Eclipselink with @ElementCollectionMap and @JoinColumn
Next by Date: [eclipselink-users] transactions in singleton EJBs - pulling NXA resources in GFV3
Previous by thread: Re: [eclipselink-users] Eclipselink 2.0.1 inject code detected byFindBugs
Next by thread: [eclipselink-users] Error in Eclipselink with @ElementCollection Map and @JoinColumn
Index(es):
- Date
- Thread

Breadcrumbs