Prevent file descriptor leak and modernize BufferedWriter creation

[pixeebot]

This change prevents a file descriptor leak and modernizes the file writing API pattern.

The way the code is written now, the FileWriter never gets closed. Thus, it is up to the garbage collector's objection finalization process to close them at some point. This is not a good practice, and it can lead to a file descriptor leak. In hot code paths, it could cause exhaustion of all the available file descriptors for the system and lead to denial-of-service conditions.

Our changes look something like this:

-  BufferedWriter writer = new BufferedWriter(new FileWriter(f));
+  BufferedWriter writer = Files.newBufferedWriter(f.toPath());

More reading

• https://cwe.mitre.org/data/definitions/775.html

🧚🤖 Powered by Pixeebot

Feedback | Community | Docs | Codemod ID: pixee:java/prevent-filewriter-leak-with-nio

[github-actions]

Summary

Qwiet preZero Static Analysis detected 290 findings in this PR

Severity	Count
Critical	25
Moderate	24
Info	33

Additionally there are 7 secrets leaked, and 201 vulnerabilities
inherited from OSS components.

Build Rules

Build rule with ID "allow-zero-findings" failed because it matched 283 findings and the configured threshold is 0

Get more information about this scan.

[pixeebot]

I'm confident in this change, but I'm not a maintainer of this project. Do you see any reason not to merge it?

If this change was not helpful, or you have suggestions for improvements, please let me know!

[pixeebot]

Just a friendly ping to remind you about this change. If there are concerns about it, we'd love to hear about them!