commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Bodewig <>
Subject [compress] SANDBOX-246 remaining Findbugs issues
Date Thu, 05 Feb 2009 13:15:34 GMT
Since Sebb's original report the code base has changed quite a bit so
I reran findbugs.

I've fixed most of them, still open are:

* JarArchiveEntry certificates and manifestAttributes is never written
  to, so they are useless.

  I'm unsure of the class' purpose and simply left things as they are,
  assuming setters will be provided one day.

* ZipOutputStream contains some proteted static final byte[]

  This means any subclass could modify them.  Findbugs suggests to
  make the package private.  Ant couldn't do that because of backwards
  incompatibility, but a sandbox component can.  Should we?

* ArchiveStreamFactory should do something when it fails to read
  enough bytes for the signature, but what?

  Given the original TODO comment, I stayed away from a decision.

* CpioArchiveEntry#setMode first performs some work to check the mode
  just passed in, creates an IllegalArgumentException if it is unknown
  and then forgets to throw it.

  If I change the code to actually throw the exception,
  testCpioUnarchive fails.  Obviously the code supports more modes
  than it thinks.

  Remove the checks?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message