发布最新正式版4.4.0#2786
Conversation
![sonatype-lift[bot]](https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
| } | ||
|
|
||
| @Override | ||
| public WxOpenResult wxAmpLink(String appid, String notifyUsers, String showProfile) throws WxErrorException { |
There was a problem hiding this comment.
InconsistentCapitalization: Found the field 'appId' with the same name as the parameter 'appid' but with different capitalization.
| public WxOpenResult wxAmpLink(String appid, String notifyUsers, String showProfile) throws WxErrorException { | |
| public WxOpenResult wxAmpLink(String appId, String notifyUsers, String showProfile) throws WxErrorException { |
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| } | ||
|
|
||
| @Override | ||
| public WxOpenResult wxAmpUnLink(String appid) throws WxErrorException { |
There was a problem hiding this comment.
InconsistentCapitalization: Found the field 'appId' with the same name as the parameter 'appid' but with different capitalization.
| public WxOpenResult wxAmpUnLink(String appid) throws WxErrorException { | |
| public WxOpenResult wxAmpUnLink(String appId) throws WxErrorException { |
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| @@ -645,4 +663,56 @@ WxOpenMaDomainResult modifyDomain(String action, List<String> requestDomains, Li | |||
| * @return | |||
There was a problem hiding this comment.
💬 5 similar findings have been found in this PR
EmptyBlockTag: A block tag (@param, @return, @throws, @deprecated) has an empty description. Block tags without descriptions don't add much value for future readers of the code; consider removing the tag entirely or adding a description.
| * @return | |
| * |
Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/WxMaShopRegisterService.java | 43 |
| weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/WxMaShopRegisterService.java | 35 |
| weixin-java-open/src/main/java/me/chanjar/weixin/open/api/WxOpenMaService.java | 642 |
| weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/WxMaShopRegisterService.java | 27 |
| weixin-java-miniapp/src/main/java/cn/binarywang/wx/miniapp/api/WxMaShopRegisterService.java | 19 |
Visit the Lift Web Console to find more details in your report.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| HttpGet httpGet = new HttpGet(url); | ||
| httpGet.addHeader("Accept", "application/json"); | ||
| httpGet.addHeader("Content-Type", "application/json"); | ||
| String serialNumber = getConfig().getVerifier().getValidCertificate().getSerialNumber().toString(16).toUpperCase(); |
There was a problem hiding this comment.
💬 4 similar findings have been found in this PR
NULL_DEREFERENCE: object returned by getConfig().getVerifier() could be null and is dereferenced at line 252.
Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/CustomDeclarationServiceImpl.java | 87 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/TransferServiceImpl.java | 31 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/MerchantTransferServiceImpl.java | 29 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/PartnerPayScoreServiceImpl.java | 335 |
Visit the Lift Web Console to find more details in your report.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| log.debug("扫码支付回调通知解析后的对象:{}", result); | ||
| result.checkResult(this, signType, false); | ||
| result.checkResult(this, this.getConfig().getSignType(), false); |
There was a problem hiding this comment.
💬 4 similar findings have been found in this PR
THREAD_SAFETY_VIOLATION: Read/Write race. Non-private method BaseWxPayServiceImpl.parseScanPayNotifyResult(...) indirectly reads without synchronization from container this.configMap via call to Map.values(). Potentially races with write in method BaseWxPayServiceImpl.removeConfig(...).
Reporting because another access to the same memory occurs on a background thread, although this access may not.
Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java | 401 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java | 317 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java | 314 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/service/impl/BaseWxPayServiceImpl.java | 440 |
Visit the Lift Web Console to find more details in your report.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| public WxCpTpOrderListGetResult getOrderList(Date startTime, Date endTime, Integer testMode) throws WxErrorException { | ||
| String url = mainService.getWxCpTpConfigStorage().getApiUrl(GET_ORDER_LIST); | ||
| JsonObject jsonObject = new JsonObject(); | ||
| jsonObject.addProperty("start_time", startTime.getTime() / 1000); |
There was a problem hiding this comment.
JavaUtilDate: Date has a bad API that leads to bugs; prefer java.time.Instant or LocalDate.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| String url = mainService.getWxCpTpConfigStorage().getApiUrl(GET_ORDER_LIST); | ||
| JsonObject jsonObject = new JsonObject(); | ||
| jsonObject.addProperty("start_time", startTime.getTime() / 1000); | ||
| jsonObject.addProperty("end_time", endTime.getTime() / 1000); |
There was a problem hiding this comment.
JavaUtilDate: Date has a bad API that leads to bugs; prefer java.time.Instant or LocalDate.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| * @param startTime 获取审批记录的开始时间。Unix时间戳 | ||
| * @param endTime 获取审批记录的结束时间。Unix时间戳 | ||
| * @param nextSpNum 第一个拉取的审批单号,不填从该时间段的第一个审批单拉取 | ||
| * @return |
There was a problem hiding this comment.
💬 15 similar findings have been found in this PR
EmptyBlockTag: A block tag (@param, @return, @throws, @deprecated) has an empty description. Block tags without descriptions don't add much value for future readers of the code; consider removing the tag entirely or adding a description.
| * @return | |
| * |
Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOaService.java | 136 |
| weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOaService.java | 187 |
| weixin-java-open/src/main/java/me/chanjar/weixin/open/api/WxOpenMinishopService.java | 35 |
| weixin-java-open/src/main/java/me/chanjar/weixin/open/api/WxOpenMinishopService.java | 33 |
| weixin-java-open/src/main/java/me/chanjar/weixin/open/api/WxOpenMinishopService.java | 37 |
| weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOaService.java | 152 |
| weixin-java-open/src/main/java/me/chanjar/weixin/open/api/WxOpenMinishopService.java | 36 |
| weixin-java-open/src/main/java/me/chanjar/weixin/open/api/WxOpenMinishopService.java | 40 |
| weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOaService.java | 151 |
| weixin-java-cp/src/main/java/me/chanjar/weixin/cp/api/WxCpOaService.java | 188 |
Showing 10 of 15 findings. Visit the Lift Web Console to see all.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
| @NoArgsConstructor | ||
| @AllArgsConstructor | ||
| public class WxMaCodeLineColor { | ||
| private String r = "0", g = "0", b = "0"; |
There was a problem hiding this comment.
💬 271 similar findings have been found in this PR
SameNameButDifferent: The name r = "0", refers to [java.lang.SuppressWarnings, java.lang.String] within this file. It may be confusing to have the same name refer to multiple types. Consider qualifying them for clarity.
Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| spring-boot-starters/wx-java-cp-spring-boot-starter/src/main/java/com/binarywang/spring/starter/wxjava/cp/properties/WxCpProperties.java | 67 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/bean/marketing/UseNotifyData.java | 75 |
| weixin-java-qidian/src/main/java/me/chanjar/weixin/qidian/config/impl/WxQidianRedissonConfigImpl.java | 28 |
| spring-boot-starters/wx-java-qidian-spring-boot-starter/src/main/java/com/binarywang/spring/starter/wxjava/qidian/properties/RedisProperties.java | 50 |
| weixin-java-cp/src/main/java/me/chanjar/weixin/cp/bean/taskcard/TaskCardButton.java | 28 |
| weixin-java-pay/src/main/java/com/github/binarywang/wxpay/bean/result/WxPayRefundV3Result.java | 196 |
| weixin-java-mp/src/main/java/me/chanjar/weixin/mp/bean/guide/WxMpGuideConfig.java | 23 |
| spring-boot-starters/wx-java-open-spring-boot-starter/src/main/java/com/binarywang/spring/starter/wxjava/open/properties/RedisProperties.java | 12 |
| weixin-java-mp/src/main/java/me/chanjar/weixin/mp/bean/card/WxMpCardLandingPageCreateResult.java | 17 |
| spring-boot-starters/wx-java-pay-spring-boot-starter/src/main/java/com/binarywang/spring/starter/wxjava/pay/properties/WxPayProperties.java | 14 |
Showing 10 of 271 findings. Visit the Lift Web Console to see all.
Reply with "@sonatype-lift help" for info about LiftBot commands.
Reply with "@sonatype-lift ignore" to tell LiftBot to leave out the above finding from this PR.
Reply with "@sonatype-lift ignoreall" to tell LiftBot to leave out all the findings from this PR and from the status bar in Github.
When talking to LiftBot, you need to refresh the page to see its response. Click here to get to know more about LiftBot commands.
Was this a good recommendation?
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
20 participants
No description provided.