1 package net.jaekl.cfb.xml;
3 public class MessagesXmlData {
4 public static final String XML =
5 "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"
6 + "<MessageCollection xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n"
7 + "xsi:noNamespaceSchemaLocation=\"messagecollection.xsd\">\n"
8 + " <BugCategory category=\"CORRECTNESS\">\n"
9 + " <Description>Correctness</Description>\n"
10 + " <Abbreviation>C</Abbreviation>\n"
11 + " <Details>Probable bug - an apparent coding mistake\n"
12 + " resulting in code that was probably not what the\n"
13 + " developer intended. We strive for a low false positive rate.</Details>\n"
15 + " <BugCategory category=\"NOISE\">\n"
16 + " <Description>Bogus random noise</Description>\n"
17 + " <Abbreviation>N</Abbreviation>\n"
18 + " <Details>Bogus random noise: intended to be useful\n"
19 + " as a control in data mining experiments, not in finding actual bugs in software\n"
22 + " <BugCategory category=\"SECURITY\">\n"
23 + " <Description>Security</Description>\n"
24 + " <Abbreviation>S</Abbreviation>\n"
25 + " <Details>A use of untrusted input in a way that could create a remotely exploitable security vulnerability.\n"
28 + " <BugCategory category=\"BAD_PRACTICE\">\n"
29 + " <Description>Bad practice</Description>\n"
30 + " <Abbreviation>B</Abbreviation>\n"
31 + " <Details>Violations of recommended and essential\n"
32 + " coding practice. Examples include hash code and equals\n"
33 + " problems, cloneable idiom, dropped exceptions,\n"
34 + " Serializable problems, and misuse of finalize.\n"
35 + " We strive to make this analysis accurate,\n"
36 + " although some groups may\n"
37 + " not care about some of the bad practices.</Details>\n"
39 + " <BugCategory category=\"STYLE\">\n"
40 + " <Description>Dodgy code</Description>\n"
41 + " <Abbreviation>D</Abbreviation>\n"
42 + " <Details>code that is confusing, anomalous, or\n"
43 + " written in a way that leads itself to errors.\n"
44 + " Examples include dead local stores, switch fall through,\n"
45 + " unconfirmed casts, and redundant null check of value\n"
46 + " known to be null.\n"
47 + " More false positives accepted.\n"
48 + " In previous versions of FindBugs, this category was known as Style.\n"
51 + " <BugCategory category=\"PERFORMANCE\">\n"
52 + " <Description>Performance</Description>\n"
53 + " <Abbreviation>P</Abbreviation>\n"
54 + " <Details>code that is not necessarily incorrect but may be inefficient</Details>\n"
56 + " <BugCategory category=\"MALICIOUS_CODE\">\n"
57 + " <Description>Malicious code vulnerability</Description>\n"
58 + " <Abbreviation>V</Abbreviation>\n"
59 + " <Details>code that is vulnerable to attacks from untrusted code</Details>\n"
61 + " <BugCategory category=\"MT_CORRECTNESS\">\n"
62 + " <Description>Multithreaded correctness</Description>\n"
63 + " <Abbreviation>M</Abbreviation>\n"
64 + " <Details>code flaws having to do with threads, locks, and volatiles</Details>\n"
66 + " <BugCategory category=\"I18N\">\n"
67 + " <Description>Internationalization</Description>\n"
68 + " <Abbreviation>I</Abbreviation>\n"
69 + " <Details>code flaws having to do with internationalization and locale</Details>\n"
70 + " <!-- DM_CONVERT_CASE is the only core bug pattern in this category -->\n"
72 + " <BugCategory category=\"EXPERIMENTAL\">\n"
73 + " <Description>Experimental</Description>\n"
74 + " <Abbreviation>X</Abbreviation>\n"
75 + " <Details>Experimental and not fully vetted bug patterns</Details>\n"
76 + " <!-- DM_CONVERT_CASE is the only core bug pattern in this category -->\n"
79 + " **********************************************************************\n"
81 + " **********************************************************************\n"
83 + " <BugPattern type=\"CNT_ROUGH_CONSTANT_VALUE\">\n"
84 + " <ShortDescription>Rough value of known constant found</ShortDescription>\n"
85 + " <LongDescription>Rough value of {3} found: {2}</LongDescription>\n"
88 + " <p>It's recommended to use the predefined library constant for code clarity and better precision.</p>\n"
92 + " <BugPattern type=\"SKIPPED_CLASS_TOO_BIG\">\n"
93 + " <ShortDescription>Class too big for analysis</ShortDescription>\n"
94 + " <LongDescription>{0} is too big for analysis</LongDescription>\n"
97 + " <p>This class is bigger than can be effectively handled, and was not fully analyzed for errors.\n"
103 + " <BugPattern type=\"NOISE_NULL_DEREFERENCE\">\n"
104 + " <ShortDescription>Bogus warning about a null pointer dereference</ShortDescription>\n"
105 + " <LongDescription>Bogus warning about a null pointer dereference in {1}</LongDescription>\n"
108 + " <p>Bogus warning.</p>\n"
112 + " <BugPattern type=\"NOISE_METHOD_CALL\">\n"
113 + " <ShortDescription>Bogus warning about a method call</ShortDescription>\n"
114 + " <LongDescription>Bogus warning about a method call {2} in {1}</LongDescription>\n"
117 + " <p>Bogus warning.</p>\n"
121 + " <BugPattern type=\"NOISE_FIELD_REFERENCE\">\n"
122 + " <ShortDescription>Bogus warning about a field reference</ShortDescription>\n"
123 + " <LongDescription>Bogus warning about a reference to {2} in {1}</LongDescription>\n"
126 + " <p>Bogus warning.</p>\n"
130 + " <BugPattern type=\"NOISE_OPERATION\">\n"
131 + " <ShortDescription>Bogus warning about an operation</ShortDescription>\n"
132 + " <LongDescription>Bogus warning about an operation {1}</LongDescription>\n"
135 + " <p>Bogus warning.</p>\n"
139 + " <BugPattern type=\"DMI_BIGDECIMAL_CONSTRUCTED_FROM_DOUBLE\">\n"
140 + " <ShortDescription>BigDecimal constructed from double that isn't represented precisely</ShortDescription>\n"
141 + " <LongDescription>BigDecimal constructed from {4} in {1}</LongDescription>\n"
145 + " This code creates a BigDecimal from a double value that doesn't translate well to a\n"
146 + " decimal number.\n"
147 + " For example, one might assume that writing new BigDecimal(0.1) in Java creates a BigDecimal which is exactly equal to 0.1 (an unscaled value of 1, with a scale of 1), but it is actually equal to 0.1000000000000000055511151231257827021181583404541015625.\n"
148 + " You probably want to use the BigDecimal.valueOf(double d) method, which uses the String representation\n"
149 + " of the double to create the BigDecimal (e.g., BigDecimal.valueOf(0.1) gives 0.1).\n"
156 + " <BugPattern type=\"DMI_DOH\">\n"
157 + " <ShortDescription>D'oh! A nonsensical method invocation</ShortDescription>\n"
158 + " <LongDescription>D'oh! A nonsensical invocation of {2.nameAndSignature} in {1}</LongDescription>\n"
162 + " This partical method invocation doesn't make sense, for reasons that should be apparent from inspection.\n"
169 + " <BugPattern type=\"DMI_VACUOUS_CALL_TO_EASYMOCK_METHOD\">"
170 + " <ShortDescription>Useless/vacuous call to EasyMock method</ShortDescription>"
171 + " <LongDescription>Useless/vacuous call to {2} in {1}</LongDescription>"
174 + " <p>This call doesn't pass any objects to the EasyMock method, so the call doesn't do anything."
180 + " <BugPattern type=\"DMI_SCHEDULED_THREAD_POOL_EXECUTOR_WITH_ZERO_CORE_THREADS\">"
181 + " <ShortDescription>Creation of ScheduledThreadPoolExecutor with zero core threads</ShortDescription>"
182 + " <LongDescription>Creation of ScheduledThreadPoolExecutor with zero core threads in {1}</LongDescription>"
185 + " <p>(<a href=\"http://java.sun.com/javase/6/docs/api/java/util/concurrent/ScheduledThreadPoolExecutor.html#ScheduledThreadPoolExecutor(int)\">Javadoc</a>)"
186 + " A ScheduledThreadPoolExecutor with zero core threads will never execute anything; changes to the max pool size are ignored."
192 + " <BugPattern type=\"DMI_FUTILE_ATTEMPT_TO_CHANGE_MAXPOOL_SIZE_OF_SCHEDULED_THREAD_POOL_EXECUTOR\">"
193 + " <ShortDescription>Futile attempt to change max pool size of ScheduledThreadPoolExecutor</ShortDescription>"
194 + " <LongDescription>Futile attempt to change max pool size of ScheduledThreadPoolExecutor in {1}</LongDescription>"
197 + " <p>(<a href=\"http://java.sun.com/javase/6/docs/api/java/util/concurrent/ScheduledThreadPoolExecutor.html\">Javadoc</a>)"
198 + " While ScheduledThreadPoolExecutor inherits from ThreadPoolExecutor, a few of the inherited tuning methods are not useful for it. In particular, because it acts as a fixed-sized pool using corePoolSize threads and an unbounded queue, adjustments to maximumPoolSize have no useful effect."
204 + " <BugPattern type=\"DMI_UNSUPPORTED_METHOD\">"
205 + " <ShortDescription>Call to unsupported method</ShortDescription>"
206 + " <LongDescription>Call to unsupported method {2} in {1}</LongDescription>"
209 + " <p>All targets of this method invocation throw an UnsupportedOperationException."
215 + " <BugPattern type=\"DMI_EMPTY_DB_PASSWORD\">"
216 + " <ShortDescription>Empty database password</ShortDescription>"
217 + " <LongDescription>Empty database password in {1}</LongDescription>"
220 + " <p>This code creates a database connect using a blank or empty password. This indicates that the database is not protected by a password."
226 + " <BugPattern type=\"VO_VOLATILE_INCREMENT\">"
227 + " <ShortDescription>An increment to a volatile field isn't atomic</ShortDescription>"
228 + " <LongDescription>Increment of volatile field {2} in {1}</LongDescription>"
231 + " <p>This code increments a volatile field. Increments of volatile fields aren't"
232 + " atomic. If more than one thread is incrementing the field at the same time,"
233 + " increments could be lost."
238 + " <BugPattern type=\"DM_NUMBER_CTOR\">"
239 + " <ShortDescription>Method invokes inefficient Number constructor; use static valueOf instead</ShortDescription>"
240 + " <LongDescription>{1} invokes inefficient {2} constructor; use {3} instead</LongDescription>"
244 + " Using <code>new Integer(int)</code> is guaranteed to always result in a new object whereas"
245 + " <code>Integer.valueOf(int)</code> allows caching of values to be done by the compiler, class library, or JVM."
246 + " Using of cached values avoids object allocation and the code will be faster."
249 + " Values between -128 and 127 are guaranteed to have corresponding cached instances"
250 + " and using <code>valueOf</code> is approximately 3.5 times faster than using constructor."
251 + " For values outside the constant range the performance of both styles is the same."
254 + " Unless the class must be compatible with JVMs predating Java 1.5,"
255 + " use either autoboxing or the <code>valueOf()</code> method when creating instances of"
256 + " <code>Long</code>, <code>Integer</code>, <code>Short</code>, <code>Character</code>, and <code>Byte</code>."
261 + "</MessageCollection>";