patrickfav/uber-apk-signer

View on GitHub

Showing 46 of 46 total issues

Method generate has a Cognitive Complexity of 64 (exceeds 5 allowed). Consider refactoring.
Open

    private List<SigningConfig> generate(List<Arg.SignArgs> signArgsList, boolean ksIsDebug) {
        if (ksIsDebug || signArgsList.isEmpty()) {
            File debugKeystore = null;
            SigningConfig.KeystoreLocation location = SigningConfig.KeystoreLocation.DEBUG_EMBEDDED;
            CmdUtil.OS osType = CmdUtil.getOsType();
Severity: Minor
Found in src/main/java/at/favre/tools/apksigner/signing/SigningConfigGen.java - About 1 day to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method execute has a Cognitive Complexity of 44 (exceeds 5 allowed). Consider refactoring.
Open

    private static Result execute(Arg args) {
        List<CmdUtil.Result> executedCommands = new ArrayList<>();
        ZipAlignExecutor zipAlignExecutor = null;
        SigningConfigGen signingConfigGen = null;

Severity: Minor
Found in src/main/java/at/favre/tools/apksigner/SignTool.java - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method verifySign has a Cognitive Complexity of 41 (exceeds 5 allowed). Consider refactoring.
Open

    private static AndroidApkSignerVerify.Result verifySign(File targetApkFile, File rootTargetFile, String[] checkHashes, boolean verbose, boolean preCheckVerify) {
        try {
            AndroidApkSignerVerify verifier = new AndroidApkSignerVerify();
            AndroidApkSignerVerify.Result result = verifier.verify(targetApkFile, null, null, false);

Severity: Minor
Found in src/main/java/at/favre/tools/apksigner/SignTool.java - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method parse has a Cognitive Complexity of 40 (exceeds 5 allowed). Consider refactoring.
Open

    List<Arg.SignArgs> parse(CommandLine commandLine) {
        if (commandLine.hasOption("ksDebug")) {
            return singletonList(new Arg.SignArgs(0, commandLine.getOptionValue("ksDebug"), null, null, null));
        } else {
            List<Arg.SignArgs> signArgsList = new ArrayList<>();
Severity: Minor
Found in src/main/java/at/favre/tools/apksigner/ui/MultiKeystoreParser.java - About 6 hrs to fix

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method verify has a Cognitive Complexity of 35 (exceeds 5 allowed). Consider refactoring.
Open

    public Result verify(File apk, Integer minSdkVersion, Integer maxSdkVersion, boolean warningsTreatedAsErrors) throws Exception {
        StringBuilder logMsg = new StringBuilder();
        List<CertInfo> certInfoList = new ArrayList<>();
        List<String> warnings = new ArrayList<>();

Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

  • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
  • Code is considered more complex for each "break in the linear flow of the code"
  • Code is considered more complex when "flow breaking structures are nested"

Further reading

Method verify has 113 lines of code (exceeds 25 allowed). Consider refactoring.
Open

    public Result verify(File apk, Integer minSdkVersion, Integer maxSdkVersion, boolean warningsTreatedAsErrors) throws Exception {
        StringBuilder logMsg = new StringBuilder();
        List<CertInfo> certInfoList = new ArrayList<>();
        List<String> warnings = new ArrayList<>();

    File SignTool.java has 351 lines of code (exceeds 250 allowed). Consider refactoring.
    Open

    package at.favre.tools.apksigner;
    
    import at.favre.tools.apksigner.signing.*;
    import at.favre.tools.apksigner.ui.Arg;
    import at.favre.tools.apksigner.ui.CLIParser;
    Severity: Minor
    Found in src/main/java/at/favre/tools/apksigner/SignTool.java - About 4 hrs to fix

      Method execute has 103 lines of code (exceeds 25 allowed). Consider refactoring.
      Open

          private static Result execute(Arg args) {
              List<CmdUtil.Result> executedCommands = new ArrayList<>();
              ZipAlignExecutor zipAlignExecutor = null;
              SigningConfigGen signingConfigGen = null;
      
      
      Severity: Major
      Found in src/main/java/at/favre/tools/apksigner/SignTool.java - About 4 hrs to fix

        Method generate has 92 lines of code (exceeds 25 allowed). Consider refactoring.
        Open

            private List<SigningConfig> generate(List<Arg.SignArgs> signArgsList, boolean ksIsDebug) {
                if (ksIsDebug || signArgsList.isEmpty()) {
                    File debugKeystore = null;
                    SigningConfig.KeystoreLocation location = SigningConfig.KeystoreLocation.DEBUG_EMBEDDED;
                    CmdUtil.OS osType = CmdUtil.getOsType();
        Severity: Major
        Found in src/main/java/at/favre/tools/apksigner/signing/SigningConfigGen.java - About 3 hrs to fix

          Method findLocation has a Cognitive Complexity of 20 (exceeds 5 allowed). Consider refactoring.
          Open

              private void findLocation(Arg arg) {
                  try {
                      if (arg.zipAlignPath != null && new File(arg.zipAlignPath).exists()) {
                          File passedPath = new File(arg.zipAlignPath);
                          if (passedPath.exists() && passedPath.isFile()) {
          Severity: Minor
          Found in src/main/java/at/favre/tools/apksigner/signing/ZipAlignExecutor.java - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method zipAlign has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring.
          Open

              private static File zipAlign(File targetApkFile, File rootTargetFile, File outFolder, ZipAlignExecutor executor, Arg arguments, List<CmdUtil.Result> cmdList) {
                  if (!arguments.skipZipAlign) {
          
                      String fileName = FileUtil.getFileNameWithoutExtension(targetApkFile);
                      fileName = fileName.replace("-unaligned", "");
          Severity: Minor
          Found in src/main/java/at/favre/tools/apksigner/SignTool.java - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method equals has a Cognitive Complexity of 18 (exceeds 5 allowed). Consider refactoring.
          Open

                  @Override
                  public boolean equals(Object o) {
                      if (this == o) return true;
                      if (o == null || getClass() != o.getClass()) return false;
          
          
          Severity: Minor
          Found in src/main/java/at/favre/tools/apksigner/ui/Arg.java - About 2 hrs to fix

          Cognitive Complexity

          Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

          A method's cognitive complexity is based on a few simple rules:

          • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
          • Code is considered more complex for each "break in the linear flow of the code"
          • Code is considered more complex when "flow breaking structures are nested"

          Further reading

          Method verifySign has 57 lines of code (exceeds 25 allowed). Consider refactoring.
          Open

              private static AndroidApkSignerVerify.Result verifySign(File targetApkFile, File rootTargetFile, String[] checkHashes, boolean verbose, boolean preCheckVerify) {
                  try {
                      AndroidApkSignerVerify verifier = new AndroidApkSignerVerify();
                      AndroidApkSignerVerify.Result result = verifier.verify(targetApkFile, null, null, false);
          
          
          Severity: Major
          Found in src/main/java/at/favre/tools/apksigner/SignTool.java - About 2 hrs to fix

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

                    while (resultIter.hasNext()) {
                        ApkVerifier.Result.V2SchemeSignerInfo signerInfo = (ApkVerifier.Result.V2SchemeSignerInfo) resultIter.next();
                        name = "signer #" + (signerInfo.getIndex() + 1);
                        iter = signerInfo.getErrors().iterator();
            
            
            src/main/java/at/favre/tools/apksigner/signing/AndroidApkSignerVerify.java on lines 144..160

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 144.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            Similar blocks of code found in 2 locations. Consider refactoring.
            Open

                    while (resultIter.hasNext()) {
                        ApkVerifier.Result.V3SchemeSignerInfo signerInfo = (ApkVerifier.Result.V3SchemeSignerInfo) resultIter.next();
                        name = "signer #" + (signerInfo.getIndex() + 1);
                        iter = signerInfo.getErrors().iterator();
            
            
            src/main/java/at/favre/tools/apksigner/signing/AndroidApkSignerVerify.java on lines 125..141

            Duplicated Code

            Duplicated code can lead to software that is hard to understand and difficult to change. The Don't Repeat Yourself (DRY) principle states:

            Every piece of knowledge must have a single, unambiguous, authoritative representation within a system.

            When you violate DRY, bugs and maintenance problems are sure to follow. Duplicated code has a tendency to both continue to replicate and also to diverge (leaving bugs as two similar implementations differ in subtle ways).

            Tuning

            This issue has a mass of 144.

            We set useful threshold defaults for the languages we support but you may want to adjust these settings based on your project guidelines.

            The threshold configuration represents the minimum mass a code block must have to be analyzed for duplication. The lower the threshold, the more fine-grained the comparison.

            If the engine is too easily reporting duplication, try raising the threshold. If you suspect that the engine isn't catching enough duplication, try lowering the threshold. The best setting tends to differ from language to language.

            See codeclimate-duplication's documentation for more information about tuning the mass threshold in your .codeclimate.yml.

            Refactorings

            Further Reading

            Method parse has 53 lines of code (exceeds 25 allowed). Consider refactoring.
            Open

                List<Arg.SignArgs> parse(CommandLine commandLine) {
                    if (commandLine.hasOption("ksDebug")) {
                        return singletonList(new Arg.SignArgs(0, commandLine.getOptionValue("ksDebug"), null, null, null));
                    } else {
                        List<Arg.SignArgs> signArgsList = new ArrayList<>();
            Severity: Major
            Found in src/main/java/at/favre/tools/apksigner/ui/MultiKeystoreParser.java - About 2 hrs to fix

              Method findLocation has 48 lines of code (exceeds 25 allowed). Consider refactoring.
              Open

                  private void findLocation(Arg arg) {
                      try {
                          if (arg.zipAlignPath != null && new File(arg.zipAlignPath).exists()) {
                              File passedPath = new File(arg.zipAlignPath);
                              if (passedPath.exists() && passedPath.isFile()) {

                Method parseAndSortUniqueFilesNonRecursive has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
                Open

                    public List<File> parseAndSortUniqueFilesNonRecursive(String[] files, String extensionFilter) {
                        if (files == null) {
                            throw new IllegalArgumentException("input files must not be null");
                        }
                
                
                Severity: Minor
                Found in src/main/java/at/favre/tools/apksigner/ui/FileArgParser.java - About 1 hr to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method parse has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.
                Open

                    public static Arg parse(String[] inputArgs) {
                        Options options = setupOptions();
                        CommandLineParser parser = new DefaultParser();
                        Arg argument = new Arg();
                
                
                Severity: Minor
                Found in src/main/java/at/favre/tools/apksigner/ui/CLIParser.java - About 1 hr to fix

                Cognitive Complexity

                Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

                A method's cognitive complexity is based on a few simple rules:

                • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
                • Code is considered more complex for each "break in the linear flow of the code"
                • Code is considered more complex when "flow breaking structures are nested"

                Further reading

                Method setupOptions has 47 lines of code (exceeds 25 allowed). Consider refactoring.
                Open

                    static Options setupOptions() {
                        Options options = new Options();
                        Option apkPathOpt = Option.builder(ARG_APK_FILE).longOpt("apks").argName("file/folder").hasArgs().desc("Can be a single apk or " +
                                "a folder containing multiple apks. These are used as source for zipalining/signing/verifying. It is also possible to provide " +
                                "multiple locations space seperated (can be mixed file folder): '/apk /apks2 my.apk'. Folder will be checked non-recursively.").build();
                Severity: Minor
                Found in src/main/java/at/favre/tools/apksigner/ui/CLIParser.java - About 1 hr to fix
                  Severity
                  Category
                  Status
                  Source
                  Language