From eamonn.w...@gmail.com on June 21, 2013 07:53:13
Hi, I integrated ESAPI into a large legacy application last year and am very happy with it!
However we use eclipse and set all eclipse compiler preferences to Error (instead of Warning or Ignore) for the categories "Potential programming problems" and "Unnecessary code" (except 'value of parameter is not used'). Additionally for JavaDoc 'Malformed Javadoc comments' is also an error. Altogether this shows 339 "errors" in ESAPI, which include what could be considered bugs (eg potential null pointer access), efficiency issues (eg boxing and unboxing) and nice-to-haves.
I say all this because it would be nice to see these 'errors' disappear from our eclipse baseline, but it would also improve the quality of the ESAPI deliverable. If you do not use eclipse I could upload a list of the 339 issues.
Original issue: http://code.google.com/p/owasp-esapi-java/issues/detail?id=303