fix: pom.xml to reduce vulnerabilities #1185
ManuelBAnnotations
98 warnings
|
RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE:
src\main\java\health\ere\ps\model\config\UserConfigurations.java#L157
Redundant nullcheck of o, which is known to be non-null in health.ere.ps.model.config.UserConfigurations.properties()
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\erixa\PrescriptionTransferEntry.java#L63
health.ere.ps.model.erixa.PrescriptionTransferEntry.getBirthday() may expose internal representation by returning PrescriptionTransferEntry.birthday
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\erixa\PrescriptionTransferEntry.java#L166
health.ere.ps.model.erixa.PrescriptionTransferEntry.getCreationDateTime() may expose internal representation by returning PrescriptionTransferEntry.creationDateTime
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\erixa\PrescriptionTransferEntry.java#L174
health.ere.ps.model.erixa.PrescriptionTransferEntry.getSurgeryDate() may expose internal representation by returning PrescriptionTransferEntry.surgeryDate
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\erixa\PrescriptionTransferEntry.java#L67
health.ere.ps.model.erixa.PrescriptionTransferEntry.setBirthday(Date) may expose internal representation by storing an externally mutable object into PrescriptionTransferEntry.birthday
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\erixa\PrescriptionTransferEntry.java#L170
health.ere.ps.model.erixa.PrescriptionTransferEntry.setCreationDateTime(Date) may expose internal representation by storing an externally mutable object into PrescriptionTransferEntry.creationDateTime
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\erixa\PrescriptionTransferEntry.java#L178
health.ere.ps.model.erixa.PrescriptionTransferEntry.setSurgeryDate(Date) may expose internal representation by storing an externally mutable object into PrescriptionTransferEntry.surgeryDate
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\gematik\BundleWithAccessCodeOrThrowable.java#L75
health.ere.ps.model.gematik.BundleWithAccessCodeOrThrowable.getSignedBundle() may expose internal representation by returning BundleWithAccessCodeOrThrowable.signedBundle
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\gematik\BundleWithAccessCodeOrThrowable.java#L79
health.ere.ps.model.gematik.BundleWithAccessCodeOrThrowable.setSignedBundle(byte[]) may expose internal representation by storing an externally mutable object into BundleWithAccessCodeOrThrowable.signedBundle
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L212
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getAcrValuesSupported() may expose internal representation by returning IdpDiscoveryDocument.acrValuesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L228
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getCodeChallengeMethodsSupported() may expose internal representation by returning IdpDiscoveryDocument.codeChallengeMethodsSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L204
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getGrantTypesSupported() may expose internal representation by returning IdpDiscoveryDocument.grantTypesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L172
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getIdTokenSigningAlgValuesSupported() may expose internal representation by returning IdpDiscoveryDocument.idTokenSigningAlgValuesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L196
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getResponseModesSupported() may expose internal representation by returning IdpDiscoveryDocument.responseModesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L180
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getResponseTypesSupported() may expose internal representation by returning IdpDiscoveryDocument.responseTypesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L188
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getScopesSupported() may expose internal representation by returning IdpDiscoveryDocument.scopesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L164
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getSubjectTypesSupported() may expose internal representation by returning IdpDiscoveryDocument.subjectTypesSupported
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L220
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.getTokenEndpointAuthMethodsSupported() may expose internal representation by returning IdpDiscoveryDocument.tokenEndpointAuthMethodsSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L59
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.acrValuesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L61
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.codeChallengeMethodsSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L58
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.grantTypesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L54
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.idTokenSigningAlgValuesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L57
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.responseModesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L55
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.responseTypesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L56
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.scopesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L53
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.subjectTypesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L60
new health.ere.ps.model.idp.client.data.IdpDiscoveryDocument(String, String, String, String, String, String, String, String, long, long, String, String, String[], String[], String[], String[], String[], String[], String[], String[], String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.tokenEndpointAuthMethodsSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L216
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setAcrValuesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.acrValuesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L232
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setCodeChallengeMethodsSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.codeChallengeMethodsSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L208
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setGrantTypesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.grantTypesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L176
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setIdTokenSigningAlgValuesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.idTokenSigningAlgValuesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L200
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setResponseModesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.responseModesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L184
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setResponseTypesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.responseTypesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L192
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setScopesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.scopesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L168
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setSubjectTypesSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.subjectTypesSupported
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpDiscoveryDocument.java#L224
health.ere.ps.model.idp.client.data.IdpDiscoveryDocument.setTokenEndpointAuthMethodsSupported(String[]) may expose internal representation by storing an externally mutable object into IdpDiscoveryDocument.tokenEndpointAuthMethodsSupported
|
|
EQ_DOESNT_OVERRIDE_EQUALS:
src\main\java\health\ere\ps\model\idp\client\data\IdpEccKeyDescriptor.java#L1
health.ere.ps.model.idp.client.data.IdpEccKeyDescriptor doesn't override IdpKeyDescriptor.equals(Object)
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\idp\client\data\IdpKeyDescriptor.java#L115
health.ere.ps.model.idp.client.data.IdpKeyDescriptor.getX5c() may expose internal representation by returning IdpKeyDescriptor.x5c
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\idp\client\data\IdpKeyDescriptor.java#L119
health.ere.ps.model.idp.client.data.IdpKeyDescriptor.setX5c(String[]) may expose internal representation by storing an externally mutable object into IdpKeyDescriptor.x5c
|
|
EQ_DOESNT_OVERRIDE_EQUALS:
src\main\java\health\ere\ps\model\idp\client\data\IdpRsaKeyDescriptor.java#L1
health.ere.ps.model.idp.client.data.IdpRsaKeyDescriptor doesn't override IdpKeyDescriptor.equals(Object)
|
|
EI_EXPOSE_REP:
src\main\java\health\ere\ps\model\pdf\ERezeptDocument.java#L25
health.ere.ps.model.pdf.ERezeptDocument.getPdfDocument() may expose internal representation by returning ERezeptDocument.pdfDocument
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\pdf\ERezeptDocument.java#L13
new health.ere.ps.model.pdf.ERezeptDocument(List, byte[]) may expose internal representation by storing an externally mutable object into ERezeptDocument.pdfDocument
|
|
EI_EXPOSE_REP2:
src\main\java\health\ere\ps\model\pdf\ERezeptDocument.java#L29
health.ere.ps.model.pdf.ERezeptDocument.setPdfDocument(byte[]) may expose internal representation by storing an externally mutable object into ERezeptDocument.pdfDocument
|
|
MS_SHOULD_BE_FINAL:
src\main\java\health\ere\ps\resource\config\JSONConfigurator.java#L30
health.ere.ps.resource.config.JSONConfigurator.jsonbFactory isn't final but should be
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\resource\gematik\ERezeptWorkflowResource.java#L98
Found reliance on default encoding in health.ere.ps.resource.gematik.ERezeptWorkflowResource.signResponse2base64String(SignResponse): new String(byte[])
|
|
NM_SAME_SIMPLE_NAME_AS_SUPERCLASS:
src\main\java\health\ere\ps\service\common\security\SSLSocketFactory.java#L16
The class name health.ere.ps.service.common.security.SSLSocketFactory shadows the simple name of the superclass javax.net.ssl.SSLSocketFactory
|
|
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE:
src\main\java\health\ere\ps\service\common\security\SecretsManagerService.java#L159
Exceptional return value of java.io.File.createNewFile() ignored in health.ere.ps.service.common.security.SecretsManagerService.createTrustStore(String, SecretsManagerService$KeyStoreType, char[])
|
|
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE:
src\main\java\health\ere\ps\service\common\security\SecretsManagerService.java#L158
Exceptional return value of java.io.File.mkdirs() ignored in health.ere.ps.service.common.security.SecretsManagerService.createTrustStore(String, SecretsManagerService$KeyStoreType, char[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\config\UserConfigurationService.java#L58
Found reliance on default encoding in health.ere.ps.service.config.UserConfigurationService.readFile(File): new java.io.FileReader(File)
|
|
OBL_UNSATISFIED_OBLIGATION:
src\main\java\health\ere\ps\service\config\UserConfigurationService.java#L58
health.ere.ps.service.config.UserConfigurationService.readFile(File) may fail to clean up java.io.Reader
|
|
OBL_UNSATISFIED_OBLIGATION_EXCEPTION_EDGE:
src\main\java\health\ere\ps\service\config\UserConfigurationService.java#L67
health.ere.ps.service.config.UserConfigurationService.writeFile(File, Properties) may fail to clean up java.io.OutputStream on checked exception
|
|
OS_OPEN_STREAM:
src\main\java\health\ere\ps\service\config\UserConfigurationService.java#L58
health.ere.ps.service.config.UserConfigurationService.readFile(File) may fail to close stream
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\connector\auth\SmcbAuthenticatorService.java#L59
Found reliance on default encoding in health.ere.ps.service.connector.auth.SmcbAuthenticatorService.lambda$signIdpChallenge$0(String): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\connector\auth\SmcbAuthenticatorService.java#L56
Found reliance on default encoding in health.ere.ps.service.connector.auth.SmcbAuthenticatorService.signIdpChallenge(Pair, RuntimeConfig): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\connector\endpoint\EndpointDiscoveryService.java#L98
Found reliance on default encoding in health.ere.ps.service.connector.endpoint.EndpointDiscoveryService.obtainConfiguration(boolean): String.getBytes()
|
|
SF_SWITCH_FALLTHROUGH:
src\main\java\health\ere\ps\service\connector\endpoint\EndpointDiscoveryService.java#L148
Switch statement found in health.ere.ps.service.connector.endpoint.EndpointDiscoveryService.obtainConfiguration(boolean) where one case falls through to the next case
|
|
SF_SWITCH_NO_DEFAULT:
src\main\java\health\ere\ps\service\connector\endpoint\EndpointDiscoveryService.java#L130
Switch statement found in health.ere.ps.service.connector.endpoint.EndpointDiscoveryService.obtainConfiguration(boolean) where default case is missing
|
|
OBL_UNSATISFIED_OBLIGATION:
src\main\java\health\ere\ps\service\connector\provider\SingleConnectorServicesProvider.java#L120
health.ere.ps.service.connector.provider.SingleConnectorServicesProvider.getKeyFromKeyStoreUri(String, String) may fail to clean up java.io.InputStream
|
|
OS_OPEN_STREAM:
src\main\java\health\ere\ps\service\connector\provider\SingleConnectorServicesProvider.java#L120
health.ere.ps.service.connector.provider.SingleConnectorServicesProvider.getKeyFromKeyStoreUri(String, String) may fail to close stream
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\erixa\ErixaAPIInterface.java#L57
Found reliance on default encoding in health.ere.ps.service.erixa.ErixaAPIInterface.uploadToDrugstore(String): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\erixa\ErixaHttpClient.java#L62
Found reliance on default encoding in health.ere.ps.service.erixa.ErixaHttpClient.getBasicAuthenticationHeader(): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\gematik\ERezeptWorkflowService.java#L715
Found reliance on default encoding in health.ere.ps.service.gematik.ERezeptWorkflowService.getCanonicalXmlBytes(Bundle): new String(byte[])
|
|
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE:
src\main\java\health\ere\ps\service\gematik\ERezeptWorkflowService.java#L904
Nullcheck of getSignatureModeEvent at line 906 of value previously dereferenced in health.ere.ps.service.gematik.ERezeptWorkflowService.onGetSignatureModeEvent(GetSignatureModeEvent, String, boolean)
|
|
BC_VACUOUS_INSTANCEOF:
src\main\java\health\ere\ps\service\gematik\KIMFlowtype169Service.java#L220
instanceof will always return true for all non-null values in health.ere.ps.service.gematik.KIMFlowtype169Service.onBundlesWithAccessCodeEvent(BundlesWithAccessCodeEvent), since all Throwable are instances of Throwable
|
|
RCN_REDUNDANT_NULLCHECK_WOULD_HAVE_BEEN_A_NPE:
src\main\java\health\ere\ps\service\gematik\KIMFlowtype169Service.java#L157
Nullcheck of runtimeConfig at line 160 of value previously dereferenced in health.ere.ps.service.gematik.KIMFlowtype169Service.search(RuntimeConfig, String)
|
|
ST_WRITE_TO_STATIC_FROM_INSTANCE_METHOD:
src\main\java\health\ere\ps\service\gematik\KIMFlowtype169Service.java#L161
Write to static field health.ere.ps.service.common.security.SSLSocketFactory.delegate from instance method health.ere.ps.service.gematik.KIMFlowtype169Service.search(RuntimeConfig, String)
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\gematik\PharmacyService.java#L148
Found reliance on default encoding in health.ere.ps.service.gematik.PharmacyService.accept(String, RuntimeConfig): new String(byte[])
|
|
NP_NULL_ON_SOME_PATH:
src\main\java\health\ere\ps\service\gematik\PrefillPrescriptionService.java#L186
Possible null pointer dereference of coverage in health.ere.ps.service.gematik.PrefillPrescriptionService.get(RuntimeConfig, String)
|
|
NP_NULL_ON_SOME_PATH:
src\main\java\health\ere\ps\service\gematik\PrefillPrescriptionService.java#L185
Possible null pointer dereference of patient in health.ere.ps.service.gematik.PrefillPrescriptionService.get(RuntimeConfig, String)
|
|
NP_NULL_ON_SOME_PATH:
src\main\java\health\ere\ps\service\gematik\PrefillPrescriptionService.java#L185
Possible null pointer dereference of practitioner in health.ere.ps.service.gematik.PrefillPrescriptionService.get(RuntimeConfig, String)
|
|
NP_NULL_PARAM_DEREF:
src\main\java\health\ere\ps\service\gematik\PrefillPrescriptionService.java#L188
Null passed for non-null parameter of health.ere.ps.service.kbv.KBVFHIRUtil.assembleBundle(Practitioner, Organization, Patient, Coverage, Medication, MedicationRequest, PractitionerRole, Practitioner) in health.ere.ps.service.gematik.PrefillPrescriptionService.get(RuntimeConfig, String)
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\idp\client\AuthenticatorClient.java#L258
Found reliance on default encoding in health.ere.ps.service.idp.client.AuthenticatorClient.buildKeyVerifierToken(byte[], String, PublicKey): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\idp\client\AuthenticatorClient.java#L207
Found reliance on default encoding in health.ere.ps.service.idp.client.AuthenticatorClient.retrieveAccessToken(TokenRequest): String.getBytes()
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\idp\client\ClientUtilities.java#L34
Found reliance on default encoding in health.ere.ps.service.idp.client.ClientUtilities.generateCodeChallenge(String): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\idp\client\IdpClient.java#L133
Found reliance on default encoding in health.ere.ps.service.idp.client.IdpClient.lambda$login$0(String): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\idp\client\IdpClient.java#L131
Found reliance on default encoding in health.ere.ps.service.idp.client.IdpClient.lambda$login$2(PkiIdentity, Pair): new String(byte[])
|
|
DMI_RANDOM_USED_ONLY_ONCE:
src\main\java\health\ere\ps\service\idp\crypto\Nonce.java#L27
Random object created and used only once in health.ere.ps.service.idp.crypto.Nonce.getNonceAsBase64UrlEncodedString(int)
|
|
DMI_RANDOM_USED_ONLY_ONCE:
src\main\java\health\ere\ps\service\idp\crypto\Nonce.java#L41
Random object created and used only once in health.ere.ps.service.idp.crypto.Nonce.getNonceAsHex(int)
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\idp\crypto\Nonce.java#L28
Found reliance on default encoding in health.ere.ps.service.idp.crypto.Nonce.getNonceAsBase64UrlEncodedString(int): new String(byte[])
|
|
OBL_UNSATISFIED_OBLIGATION:
src\main\java\health\ere\ps\service\kbv\GenerateKBVCertificationBundlesService.java#L343
health.ere.ps.service.kbv.GenerateKBVCertificationBundlesService.getDoctor(String) may fail to clean up java.io.InputStream
|
|
REC_CATCH_EXCEPTION:
src\main\java\health\ere\ps\service\kbv\GenerateKBVCertificationBundlesService.java#L201
Exception is caught when Exception is not thrown in health.ere.ps.service.kbv.GenerateKBVCertificationBundlesService.PF08()
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\service\pdf\DocumentService.java#L101
Found reliance on default encoding in health.ere.ps.service.pdf.DocumentService.initConfiguration(FopFactoryBuilder): String.getBytes()
|
|
RV_RETURN_VALUE_IGNORED_BAD_PRACTICE:
src\main\java\health\ere\ps\service\pdf\DocumentService.java#L154
Exceptional return value of java.io.File.mkdir() ignored in health.ere.ps.service.pdf.DocumentService.extractJarsFromFolderFopFolder(String)
|
|
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE:
src\main\java\health\ere\ps\validation\fhir\context\support\ErePrePopulatedValidationSupport.java#L198
Possible null pointer dereference in health.ere.ps.validation.fhir.context.support.ErePrePopulatedValidationSupport.applyConfiguration(Path) due to return value of called method
|
|
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE:
src\main\java\health\ere\ps\validation\fhir\context\support\ErePrePopulatedValidationSupport.java#L202
Possible null pointer dereference in health.ere.ps.validation.fhir.context.support.ErePrePopulatedValidationSupport.applyConfiguration(Path) due to return value of called method
|
|
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE:
src\main\java\health\ere\ps\validation\fhir\context\support\ErePrePopulatedValidationSupport.java#L206
Possible null pointer dereference in health.ere.ps.validation.fhir.context.support.ErePrePopulatedValidationSupport.applyConfiguration(Path) due to return value of called method
|
|
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE:
src\main\java\health\ere\ps\validation\fhir\context\support\ErePrePopulatedValidationSupport.java#L210
Possible null pointer dereference in health.ere.ps.validation.fhir.context.support.ErePrePopulatedValidationSupport.applyConfiguration(Path) due to return value of called method
|
|
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE:
src\main\java\health\ere\ps\validation\fhir\context\support\ErePrePopulatedValidationSupport.java#L214
Possible null pointer dereference in health.ere.ps.validation.fhir.context.support.ErePrePopulatedValidationSupport.applyConfiguration(Path) due to return value of called method
|
|
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE:
src\main\java\health\ere\ps\validation\fhir\context\support\ErePrePopulatedValidationSupport.java#L170
Possible null pointer dereference in health.ere.ps.validation.fhir.context.support.ErePrePopulatedValidationSupport.getConfigType(Path) due to return value of called method
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\vau\VAU.java#L253
Found reliance on default encoding in health.ere.ps.vau.VAU.encrypt(String, KeyPair, VAU$KeyCoords, byte[]): String.getBytes()
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\vau\VAUEngine.java#L116
Found reliance on default encoding in health.ere.ps.vau.VAUEngine.buildEntity(ClientInvocation): new String(byte[])
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\vau\VAUEngine.java#L222
Found reliance on default encoding in health.ere.ps.vau.VAUEngine.extractHttpResponse(String): String.getBytes()
|
|
DM_DEFAULT_ENCODING:
src\main\java\health\ere\ps\vau\VAUEngine.java#L178
Found reliance on default encoding in health.ere.ps.vau.VAUEngine.invoke(Invocation): new String(byte[])
|
|
MS_SHOULD_BE_FINAL:
src\main\java\health\ere\ps\websocket\Websocket.java#L165
health.ere.ps.websocket.Websocket.jsonbFactory isn't final but should be
|
|
SIC_INNER_SHOULD_BE_STATIC:
src\main\java\health\ere\ps\websocket\encoder\ResponseEventEncoder.java#L37
Should health.ere.ps.websocket.encoder.ResponseEventEncoder$Response be a _static_ inner class?
|
|
URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD:
src\main\java\health\ere\ps\websocket\encoder\ResponseEventEncoder.java#L39
Unread public/protected field: health.ere.ps.websocket.encoder.ResponseEventEncoder$Response.payload
|
|
URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD:
src\main\java\health\ere\ps\websocket\encoder\ResponseEventEncoder.java#L40
Unread public/protected field: health.ere.ps.websocket.encoder.ResponseEventEncoder$Response.replyToMessageId
|
|
URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD:
src\main\java\health\ere\ps\websocket\encoder\ResponseEventEncoder.java#L38
Unread public/protected field: health.ere.ps.websocket.encoder.ResponseEventEncoder$Response.type
|