Analysis of warning messages: 20031 Warnings
In general, no drawbacks to fixing, with exception of serialVersionId
Benefit is reduced code size and improve correctness, maintainability
We can explicitly ignore issues in code using @supress or in the IDE.
Dead Code: 45 instances
Code that cannot be executed due to the structure of the code around it.
Dead Code: ins
Unreachable Catch block
Low risk to leave
Might be unintentional.
Might be due to commenting out a feature
Recommendation: quick sweep to identiy and that have comments
Deliberate analysis to see if there are coding errors embedded
Null pointer access: 2 instances
Code looks erroneous
should be fixed
Assignment has no effect : 1 instance
Can be safely removed
Looks like it is simply to keep from having an empty if block, and keep the logic positive.
Recommendation: Should be inspected to confirm that there is no logic error and then removed.
Deprecated: 1805
Usually a case where a small number of libraries are in heavy usage
Need to replace deprecated libraries with newer versions
We are using import sun.io API. This should be replace with nio API calls.
We use many APIs (example class com.netscape.management.client.util.Help) that have either been deprecated or have deprecated methods that we call.
Recommendation: We should either replace these calls, or un-deprecate the classes/methods and support them.
Unused code:
Local variable never read: 1015
Unused local or private member:691instances
Unused import: 5565 instances
Trivial to clean up in eclipse
Will simplify maintainability
Recommendation: cleaned up
Related but unreported issue: * imports
Makes it difficult to find origianal types of imports
can mask import conflicts
Trivial to clean up in eclipse
Recommendation: make explicit
Serial class with out serialVersionId:834 instances
Blindly adding this will cause errors only for long term persisted (written to file) Java objects. Typically, Serialization is not used for that ,but for RPCs (short term persistance). However, it will trigger an exception if a client talks to a server and only one of them have specified it.
Recomendation: Surpress using Attribute for now. If any of these APIs change, Add in serialVersionId and remove surpressing attribute, then maintain the ID moving forward.
Generics
Unchecked Generic Type Operation
Raw Types in collections: 4174 instances
newer Java feature.
Better to be type safe.
Won't break ABI to fix
Will require identifying collected types
Easy to fix in eclipse, but not trivial
Recommendation: quick sweep to get easy fixes, Then suppress so other warnings don't get lost.
Non-static access to Static member
Stylistic issue
can be safely ignored
Recommendation: clean up in the course of other work.
Pki-java-tools
There are a series of shell scripts in /usr/bin that call Java code in the java-tools jar file. They need: better names, descriptions of what they do, man pages, and so forth, or they need to be removed from the distro:
AtoB , AuditVerify , BtoA , CMCEnroll , CMCRequest ,CMCResponse ,CMCRevoke , CRMFPopClient , DRMTool , ExtJoiner , GenExtKeyUsage , GenIssuerAltNameExt , GenSubjectAltNameExt , HttpClient , OCSPClient , PKCS10Client , PKCS1Export, PrettyPrintCert , PrettyPrintCrl , TokenInfo
Direct use of Servlets instead of a framework. Doesn't have to be/ would not recommend struts, but we can probably reduce code significantly
Use of hungarian notation for member variables in violation of Java coding standard, Fedora Coding standard, and good taste
Need a complete set of formatting rules, and then apply to all files, so we ca automatically clean up the format. Recommend going with Java Standard
Many constants constantly redefined, such as ONE for BigNumber(1) and SUCCESS=1
ArraySet should be replaced with standard collection?