The following document contains the results of SpotBugs
SpotBugs Version is 4.3.0
Threshold is medium
Effort is default
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 18 | 4 | 0 | 0 |
| Class | Bugs |
|---|---|
| org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator | 2 |
| org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSignatureVerifier | 1 |
| org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner | 1 |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| new org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator(String, BouncyCastleGpgKeyPassphrasePrompt) may expose internal representation by storing an externally mutable object into BouncyCastleGpgKeyLocator.passphrasePrompt | MALICIOUS_CODE | EI_EXPOSE_REP2 | 170 | Medium |
| Redundant nullcheck of secretKey, which is known to be non-null in org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgKeyLocator.findSecretKeyForKeyBoxPublicKey(PGPPublicKey, Path) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 518 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of keyId, which is known to be non-null in org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSignatureVerifier.verify(byte[], byte[]) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 176 | Medium |
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| Redundant nullcheck of gpgKey, which is known to be non-null in org.eclipse.jgit.gpg.bc.internal.BouncyCastleGpgSigner.canLocateSigningKey(String, PersonIdent, CredentialsProvider, GpgConfig) | STYLE | RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE | 99 | Medium |
