Skip to content

audit codebase for potential memory leaks#1005

Draft
derTobsch wants to merge 1 commit into
mainfrom
fix-potential-memory-leak
Draft

audit codebase for potential memory leaks#1005
derTobsch wants to merge 1 commit into
mainfrom
fix-potential-memory-leak

Conversation

@derTobsch
Copy link
Copy Markdown
Contributor

@derTobsch derTobsch commented Apr 16, 2026

Conducted a comprehensive analysis of the project's caching mechanisms, configuration management, and resource handling.

Key findings:

  • Verified that all primary caches (e.g., HolidayManager) are bounded.
  • Confirmed that cache keys are stable and do not grow indefinitely.
  • Verified that static collections are keyed by finite sets (e.g., Locale).
  • Confirmed proper resource management (try-with-resources) for all I/O operations.

No memory leaks were identified.

@derTobsch derTobsch added this to the 2.8.0 milestone Apr 21, 2026
@derTobsch derTobsch added the type: enhancement A general enhancement label Apr 21, 2026
@derTobsch derTobsch modified the milestones: 2.8.0, 2.9.0, 2.10.0 May 4, 2026
@derTobsch derTobsch force-pushed the fix-potential-memory-leak branch 3 times, most recently from 45c7990 to 99dfc29 Compare May 15, 2026 06:47
@derTobsch
audit codebase for potential memory leaks
3ee9d59 
Conducted a comprehensive analysis of the project's caching mechanisms,
configuration management, and resource handling.

Key findings:
- Verified that all primary caches (e.g., HolidayManager) are bounded.
- Confirmed that cache keys are stable and do not grow indefinitely.
- Verified that static collections are keyed by finite sets (e.g.,
Locale).
- Confirmed proper resource management (try-with-resources) for all
  I/O operations.

No memory leaks were identified.
@derTobsch derTobsch force-pushed the fix-potential-memory-leak branch from 99dfc29 to 3ee9d59 Compare May 15, 2026 09:54
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 15, 2026

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 3ee9d59.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

jollyday-core/pom.xml

PackageVersionLicenseIssue Type
com.github.ben-manes.caffeine:caffeineNullUnknown License

pom.xml

PackageVersionLicenseIssue Type
com.github.ben-manes.caffeine:caffeine3.2.4NullUnknown License
Allowed Licenses: Apache-2.0, MIT, BSD-3-Clause, LGPL-3.0

OpenSSF Scorecard

PackageVersionScoreDetails
maven/com.github.ben-manes.caffeine:caffeine UnknownUnknown
maven/com.github.ben-manes.caffeine:caffeine 3.2.4 🟢 9
Details
CheckScoreReason
CI-Tests⚠️ -1no pull request found
Dependency-Update-Tool🟢 10update tool detected
Code-Review⚠️ 0Found 0/30 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
License🟢 10license file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST🟢 10SAST tool detected
Pinned-Dependencies🟢 10all dependencies are pinned
CII-Best-Practices🟢 10badge detected: Gold
Signed-Releases⚠️ -1no releases found
Fuzzing🟢 10project is fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
Contributors🟢 10project has 8 contributing companies or organizations

Scanned Files

  • jollyday-core/pom.xml
  • pom.xml

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented May 15, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type: enhancement A general enhancement

Projects

None yet

Milestone

2.10.0

Development

Successfully merging this pull request may close these issues.

1 participant

@derTobsch