Skip to content

Conversation

AniruddhaKanhere
Copy link
Member

@AniruddhaKanhere AniruddhaKanhere commented Oct 3, 2025

Issue #, if available:

Description of changes:

Remove codestyle.
Replaced it with spotless which is much more strict.
Following a merge of this PR, we will create one more PR which will ignore this change from git blame so as not to point all the changes to me.

Why is this change necessary:

How was this change tested:

  • Updated or added new unit tests.
  • Updated or added new integration tests.
  • Updated or added new end-to-end tests.
  • If my code makes a remote network call, it was tested with a proxy.

Any additional information or context required to review the change:

Documentation Checklist:

  • Updated the README if applicable.

Compatibility Checklist:

  • I confirm that the change is backwards compatible.
  • Any modification or deletion of public interfaces does not impact other plugin components.
  • For external library version updates, I have reviewed its change logs and Nucleus does not consume
    any deprecated method or type.

Refer to Compatibility Guidelines for more information.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CodeQL found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

@@ -210,8 +200,7 @@ static Process start(String username,
} else if (redirects[1] == ProcessBuilderForWin32.Redirect.INHERIT) {
stdHandles[1] = getHandle(FileDescriptor.out);
} else {
f1 = newFileOutputStream(redirects[1].file(),
redirects[1].append());
f1 = newFileOutputStream(redirects[1].file(), redirects[1].append());
stdHandles[1] = getHandle(f1.getFD());
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Similar code fragments were detected in the same file at the following lines: 198:205, 207:214.
Refactoring can help improve code maintainability. Consider reducing duplicate code by extracting it into a separate method. You can then replace duplicated code with calls to this new method.

GreengrassService, ServiceLoadException> locateFunction) throws ServiceLoadException {
@SuppressWarnings({"UseSpecificCatch", "PMD.AvoidCatchingThrowable", "PMD.AvoidDeeplyNestedIfStmts",
"PMD.ConfusingTernary"})
private GreengrassService createGreengrassServiceInstance(Context.Value v, String name,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The cyclomatic complexity of this method is 24. By comparison, 99% of the methods in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the method has a high number of decisions and it can make the logic difficult to understand and test.

We recommend that you simplify this method or break it into multiple methods. For example, consider extracting the code block on lines 561-615 into a separate method.

voidCompletableFuture.thenAccept(result -> {connection.closeConnection(0); this.close();});
CompletableFuture<Void> voidCompletableFuture = connection.sendProtocolMessage(responseHeaders,
responsePayload.getBytes(StandardCharsets.UTF_8), responseMessageType, responseMessageFlag);
voidCompletableFuture.thenAccept(result -> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenAccept on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

@@ -198,17 +203,17 @@ private CompletableFuture<Integer> subscribe(String topic, QualityOfService qos)

@Override
public CompletableFuture<SubscribeResponse> subscribe(Subscribe subscribe) {
return subscribe(subscribe.getTopic(),
QualityOfService.getEnumValueFromInteger(subscribe.getQos().getValue()))
return subscribe(subscribe.getTopic(), QualityOfService.getEnumValueFromInteger(subscribe.getQos().getValue()))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenApply on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

ex.getMessage());
}
});
return continuation
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method whenComplete on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

@@ -371,8 +370,8 @@ public CompletableFuture<UnsubscribeResponse> unsubscribe(String topic) {
try (LockScope ls1 = LockScope.lock(lock)) {
return connect().thenCompose((client) -> {
logger.atDebug().kv(TOPIC_KEY, topic).log("Unsubscribing from topic");
return client.unsubscribe(
new UnsubscribePacket.UnsubscribePacketBuilder().withSubscription(topic).build())
return client
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenApply on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

.thenApply((i) -> new SubscribeResponse(null, subscribe.getQos().getValue(), null));
}

@Override
public CompletableFuture<PubAck> publish(Publish publish) {
return publish(new MqttMessage(publish.getTopic(), publish.getPayload(),
return publish(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenApply on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

"Error subscribing. Reason: " + rcString);
})
.get(getMqttOperationTimeoutMillis(), TimeUnit.MILLISECONDS);
subscribe(newReq).thenApply((v) -> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenApply on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

@@ -638,28 +674,33 @@ public void unsubscribe(UnsubscribeRequest request)
if (subReq == null) {
return;
}
unsubscribe(Unsubscribe.builder().subscriptionCallback(subReq.getCallback())
.topic(request.getTopic()).build()).thenAccept((m) -> cbMapping.remove(lookup))
unsubscribe(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenAccept on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

return connection.publish(request)
.whenComplete((response, throwable) -> {
if (throwable == null && (response == null || response.isSuccessful())) {
return connection.publish(request).whenComplete((response, throwable) -> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method whenComplete on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

@@ -277,8 +284,8 @@ public CompletableFuture<Boolean> connect() {
});
}

connectionFuture =
voidCompletableFuture.thenCompose((b) -> establishConnection(false)).thenApply((sessionPresent) -> {
connectionFuture = voidCompletableFuture.thenCompose((b) -> establishConnection(false))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

This code is using non-async method thenCompose on CompletableFuture (or CompletionStage). Please be aware that task subscribed to CompletableFuture(or CompletionStage) through non-async method may be executed by the thread that completes the current CompletableFuture (or CompletionStage), or the thread that calls this non-async method to add subscription. In other words, the thread that executes the subscription is non-deterministic. If you prefer having fully control over threads, you may consider using the async variants instead. In addition, please make sure tasks subscribed to CompletableFuture (or CompletionStage) are short lived and non-blocking to avoid deadlock. Learn more: https://docs.oracle.com/en/java/javase/18/docs/api/java.base/java/util/concurrent/CompletableFuture.html

CoralClient user: Please consider doing so to align with Coral Java Documentation.Work chained to CoralClient CompletableFuture (or CompletionStage) may be inadvertently scheduled on the internal pool of the library. Since the internal pool has limited number of threads, this may cause the pool to run out of available threads and eventually lead to a deadlock.

if (ARCH_ARM.equals(arch) || ARCH_AARCH64.equals(arch)) {
String archDetail = com.aws.greengrass.util.platforms.Platform.getInstance()
.createNewProcessRunner().sh("uname -m").toLowerCase();
String archDetail = com.aws.greengrass.util.platforms.Platform.getInstance().createNewProcessRunner()
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

toLowerCase

The parameterless versions of String.toLowerCase() and String.toUpperCase() use the default locale of the JVM when transforming strings. This can have unintended results, including difficult-to-debug transient failures because case mapping differs based on locale.

Even if you aren’t writing code for a user experience that’s displayed to a customer, system internal code often uses case folding to normalize strings for comparison.
Not doing so can missing locale lead to errors when running on systems that are configured to use a different system locale. This can include developer desktops or build servers (not just your fleet hosts): many hours have been spent debugging errors that only occur on a specific machine due to its locale configuration.

Recommended solutions:

Always pass in a Locale.

Language or locale-dependent processing:

Get the locale from the platform, use the language of the content, or configure it in your code and pass that to the method.

String firstName = &#34;Ichabod&#34;; 
Locale locale = // Where you obtain the locale from is platform dependent
String lowerCaseFirstName = firstName.toLowerCase(locale);

Internal processing that isn’t locale-dependent:

Example: S3 bucket name

Always specify the language/country-neutral locale Locale.ROOT.

String imgTag = &#34;IMG&#34;; 
if (&#34;img&#34;.equals(imgTag.toLowerCase(Locale.ROOT)) {    
// do something 
}

String rcString = SubAckPacket.SubAckReasonCode.UNSPECIFIED_ERROR.name();
try {
rcString = SubAckPacket.SubAckReasonCode.getEnumValueFromInteger(v.getReasonCode()).name();
} catch (RuntimeException ignored) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Swallowing exceptions without logging can make it difficult to identify and troubleshoot issues, potentially leading to application instability, hidden bugs, or unexpected behavior. To avoid this, ensure that all exceptions are logged using appropriate logging levels. When logging exceptions, include the exception object or its stack trace to capture detailed information. For critical exceptions, rethrow them when necessary to provide sufficient context for effective troubleshooting.

Suggested remediation:
Handle all exceptions by creating a log for each exception using the message thrown.

@@ -554,2 +554,3 @@
                 } catch (RuntimeException ignored) {
+                    log.error(&#34;RuntimeException is caught.&#34;, ignored);
                 }

* "loggerName": "Metrics-SystemMetrics", "timestamp": 1600127641506, "cause":
* null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 98.

try {
configuration = SerializerFactory.getFailSafeJsonObjectMapper()
.readValue(fleetConfigStr, Configuration.class);
configuration = SerializerFactory.getFailSafeJsonObjectMapper().readValue(fleetConfigStr,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

bootstrapTaskStatusList.clear();
bootstrapTaskStatusList.addAll(SerializerFactory.getFailSafeJsonObjectMapper()
.readValue(in, new TypeReference<List<BootstrapTaskStatus>>(){}));
bootstrapTaskStatusList.addAll(SerializerFactory.getFailSafeJsonObjectMapper().readValue(in,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

* "loggerName": "Metrics-SystemMetrics", "timestamp": 1600127641506, "cause":
* null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 193.

// start creating files and directories which may not be desired
outStream.println(String.format(SHOW_VERSION_RESPONSE,
DeviceConfiguration.getVersionFromBuildRecipeFile()));
outStream
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

It appears that you are using println() rather than a dedicated logging facility makes it difficult to monitor the program behavior. We recommend to use a Java logging facility rather than System.out or System.err.

Learn more

case KERNEL_ACTIVATION:
case KERNEL_ROLLBACK:
case KERNEL_ACTIVATION :
case KERNEL_ROLLBACK :
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Problem: The 'switch-case' context does not contain a terminating statement and allows execution to fall through to the next 'switch-case'.
Learn more
Fix: Consider terminating the switch case with 'break'/'return'/'throw' as suitable

.request(innerRequestBuilder.build()).build());
ExecutableHttpRequest request = connManager.getClient()
.prepareRequest(HttpExecuteRequest.builder()
.contentStreamProvider(body == null ? null : () -> new ByteArrayInputStream(body))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The code is not properly closing resources, which can lead to resource leaks. Unclosed resources may cause memory leaks or other system resource issues, potentially degrading application performance over time. If an exception occurs before the explicit close() call, the resource will not be closed, increasing the risk of leaks. To remediate this, use the try-with-resources statement to automatically close AutoCloseable resources, ensuring proper resource management even when exceptions occur.

Learn more

} else {
FileDescriptor stdinFd = new FileDescriptor();
setHandle(stdinFd, stdHandles[0]);
stdinStream = new BufferedOutputStream(new FileOutputStream(stdinFd));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The code is not properly closing resources, which can lead to resource leaks. Unclosed resources may cause memory leaks or other system resource issues, potentially degrading application performance over time. If an exception occurs before the explicit close() call, the resource will not be closed, increasing the risk of leaks. To remediate this, use the try-with-resources statement to automatically close AutoCloseable resources, ensuring proper resource management even when exceptions occur.

Learn more

Similar issue at line numbers 533 and 541.

return AccessController.doPrivileged(new PrivilegedAction<FileOutputStream>() {
@Override
public FileOutputStream run() {
return new FileOutputStream(fd);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The code is not properly closing resources, which can lead to resource leaks. Unclosed resources may cause memory leaks or other system resource issues, potentially degrading application performance over time. If an exception occurs before the explicit close() call, the resource will not be closed, increasing the risk of leaks. To remediate this, use the try-with-resources statement to automatically close AutoCloseable resources, ensuring proper resource management even when exceptions occur.

Learn more

}
LOGGER.info(String.format("%s authenticated identity: %s", serviceHandler.getServiceName(), authenticationData.getIdentityLabel()));
LOGGER.info(String.format("%s authenticated identity: %s", serviceHandler.getServiceName(),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Using String.format(), string concatenation, or StringBuilder in logging statements can lead to unnecessary string formatting, even when the log level is disabled, potentially impacting application performance. SLF4J offers parameterized logging, which defers string formatting until the log message is actually needed. This approach can significantly improve efficiency, especially in high-throughput scenarios or when certain log levels are frequently disabled. Learn more - https://cwe.mitre.org/data/definitions/1176.html

continuation.close();
});
if (ex != null) {
LOGGER.error(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Using String.format(), string concatenation, or StringBuilder in logging statements can lead to unnecessary string formatting, even when the log level is disabled, potentially impacting application performance. SLF4J offers parameterized logging, which defers string formatting until the log message is actually needed. This approach can significantly improve efficiency, especially in high-throughput scenarios or when certain log levels are frequently disabled. Learn more - https://cwe.mitre.org/data/definitions/1176.html

logger.atInfo().kv(RUN_WITH_TOPIC + "." + RUN_WITH_DEFAULT_POSIX_USER,
runWithDefault.get(RUN_WITH_DEFAULT_POSIX_USER))
.log(RESTART_REQUIRED_MESSAGE);
runWithDefault.get(RUN_WITH_DEFAULT_POSIX_USER)).log(RESTART_REQUIRED_MESSAGE);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Untrusted input is passed to a method that executes arbitrary code, creating a code injection vulnerability. This allows attackers to execute malicious code within the application, potentially leading to data theft or system compromise. Validate input using allowlists with Arrays.asList().contains(), use regex matching with String.matches(), or parse input safely with Integer.parseInt() or Boolean.parseBoolean(). Learn more

logger.atInfo().kv(RUN_WITH_TOPIC + "." + RUN_WITH_DEFAULT_POSIX_SHELL,
runWithDefault.get(RUN_WITH_DEFAULT_POSIX_SHELL))
.log(RESTART_REQUIRED_MESSAGE);
runWithDefault.get(RUN_WITH_DEFAULT_POSIX_SHELL)).log(RESTART_REQUIRED_MESSAGE);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Untrusted input is passed to a method that executes arbitrary code, creating a code injection vulnerability. This allows attackers to execute malicious code within the application, potentially leading to data theft or system compromise. Validate input using allowlists with Arrays.asList().contains(), use regex matching with String.matches(), or parse input safely with Integer.parseInt() or Boolean.parseBoolean(). Learn more

return param.startsWith(FILE_URL_PREFIX) ? new String(Files.readAllBytes(Paths.get(new URI(param))),
StandardCharsets.UTF_8) : param;
return param.startsWith(FILE_URL_PREFIX)
? new String(Files.readAllBytes(Paths.get(new URI(param))), StandardCharsets.UTF_8)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Server-Side Request Forgery (SSRF) vulnerability detected. User-controlled input is being used to construct HTTP requests without proper validation, which could allow attackers to make requests to internal services or arbitrary external URLs. Validate and sanitize all user inputs before using them in HTTP requests, implement allowlists for permitted destinations, and avoid direct user input in URL construction. Learn more: https://owasp.org/www-community/attacks/Server_Side_Request_Forgery.

for (Topics topics : sortedByTimestamp) {
boolean allConsumersUpdated = consumers.stream()
.allMatch(consumer -> consumer.apply(topics.toPOJO()));
boolean allConsumersUpdated = consumers.stream().allMatch(consumer -> consumer.apply(topics.toPOJO()));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

When the stream is empty the Stream::allMatch operator in the Java Stream API, returns true by default, as there are no elements to violate the predicate. Which can lead to wrong results and potential security vulnerabilities. Therefore always verify that the stream contains elements by using conditions like !nameOfStream.isEmpty(), !nameOfStream.noneMatch(x -> true), !nameOfStream.findAny().isEmpty() to avoid unintended results or consider alternative approaches which will explicitly handle empty streams to ensure robust and secure code. Learn More https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/util/stream/Stream.html

}

private static TrustManager[] createTrustManagers(String rootCAPath) throws TLSAuthException {
try {
List<X509Certificate> trustCertificates = EncryptionUtils.loadX509Certificates(Paths.get(rootCAPath));
List<X509Certificate> trustCertificates =
EncryptionUtils.loadX509Certificates(Paths.get(rootCAPath));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Path traversal vulnerability detected. User-controlled input in file paths
can allow attackers to access files outside intended directories using
../ sequences. Secure your code by using framework functions like
getCanonicalPath(), normalize(), or validating paths with
.startsWith() checks. Learn more:
https://cwe.mitre.org/data/definitions/22.html

private void interpolateServiceTemplate(
Path src, Path dst, KernelAlternatives kernelAlternatives) throws IOException {
try (BufferedReader r = Files.newBufferedReader(src);
BufferedWriter w = Files.newBufferedWriter(dst)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Path traversal vulnerability detected. User-controlled input in file paths
can allow attackers to access files outside intended directories using
../ sequences. Secure your code by using framework functions like
getCanonicalPath(), normalize(), or validating paths with
.startsWith() checks. Learn more:
https://cwe.mitre.org/data/definitions/22.html

@@ -158,7 +160,8 @@ public int size() {
* @param map map to merge
*/
public void mergeMap(long timestamp, Map<String, Object> map) {
this.updateMap(map, new UpdateBehaviorTree(UpdateBehaviorTree.UpdateBehavior.MERGE, timestamp));
this.updateMap(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Potential SQL Injection detected. Untrusted input is being directly included in an SQL query without proper parameterization. This can allow attackers to modify the query structure and execute arbitrary SQL commands. Use PreparedStatement with parameterized queries instead. Always validate and sanitize inputs before using them in queries. Learn more https://cwe.mitre.org/data/definitions/89.html

# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

YELLOW appears unused. Verify use (or export if used externally).

subscribed = iotJobsClientWrapper
.SubscribeToDescribeJobExecutionAccepted(describeJobExecutionSubscriptionRequest,
QualityOfService.AT_LEAST_ONCE, consumerAccept);
subscribed = iotJobsClientWrapper.SubscribeToDescribeJobExecutionAccepted(

Check notice

Code scanning / CodeQL

Javadoc has impossible 'throws' tag Note

Javadoc for subscribeToGetNextJobDescription claims to throw TimeoutException but this is impossible.

Copilot Autofix

AI 10 days ago

To resolve the issue, the @throws TimeoutException Javadoc tag needs to be removed from the Javadoc comment above subscribeToGetNextJobDescription in IotJobsHelper.java. No changes are necessary to the method signature, since TimeoutException is not thrown and only InterruptedException is declared. Only the documentation should be updated. The edit should be applied precisely to the lines spanning the Javadoc for this method.

Suggested changeset 1
src/main/java/com/aws/greengrass/deployment/IotJobsHelper.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/main/java/com/aws/greengrass/deployment/IotJobsHelper.java b/src/main/java/com/aws/greengrass/deployment/IotJobsHelper.java
--- a/src/main/java/com/aws/greengrass/deployment/IotJobsHelper.java
+++ b/src/main/java/com/aws/greengrass/deployment/IotJobsHelper.java
@@ -524,7 +524,6 @@
      * @param consumerReject Consumer for when the job is rejected
      * @throws ExecutionException if subscribing fails
      * @throws InterruptedException if the thread gets interrupted
-     * @throws TimeoutException if the operation does not complete within the given time
      */
     @SuppressWarnings("PMD.AvoidCatchingThrowable")
     protected void subscribeToGetNextJobDescription(Consumer<DescribeJobExecutionResponse> consumerAccept,
EOF
@@ -524,7 +524,6 @@
* @param consumerReject Consumer for when the job is rejected
* @throws ExecutionException if subscribing fails
* @throws InterruptedException if the thread gets interrupted
* @throws TimeoutException if the operation does not complete within the given time
*/
@SuppressWarnings("PMD.AvoidCatchingThrowable")
protected void subscribeToGetNextJobDescription(Consumer<DescribeJobExecutionResponse> consumerAccept,
Copilot is powered by AI and may make mistakes. Always verify output.
@AniruddhaKanhere AniruddhaKanhere force-pushed the AddFormattingCheck branch 2 times, most recently from 8895556 to eb264b2 Compare October 9, 2025 22:16
GreengrassService, ServiceLoadException> locateFunction) throws ServiceLoadException {
@SuppressWarnings({"UseSpecificCatch", "PMD.AvoidCatchingThrowable", "PMD.AvoidDeeplyNestedIfStmts",
"PMD.ConfusingTernary"})
private GreengrassService createGreengrassServiceInstance(Context.Value v, String name,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The cyclomatic complexity of this method is 24. By comparison, 99% of the methods in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the method has a high number of decisions and it can make the logic difficult to understand and test.

We recommend that you simplify this method or break it into multiple methods. For example, consider extracting the code block on lines 535-588 into a separate method.

case ENV_STAGE_ARG_SHORT:
kernelArgs.add(arg);
this.environmentStage = getArg();
kernelArgs.add(environmentStage.toLowerCase());
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

toLowerCase

The parameterless versions of String.toLowerCase() and String.toUpperCase() use the default locale of the JVM when transforming strings. This can have unintended results, including difficult-to-debug transient failures because case mapping differs based on locale.

Even if you aren’t writing code for a user experience that’s displayed to a customer, system internal code often uses case folding to normalize strings for comparison.
Not doing so can missing locale lead to errors when running on systems that are configured to use a different system locale. This can include developer desktops or build servers (not just your fleet hosts): many hours have been spent debugging errors that only occur on a specific machine due to its locale configuration.

Recommended solutions:

Always pass in a Locale.

Language or locale-dependent processing:

Get the locale from the platform, use the language of the content, or configure it in your code and pass that to the method.

String firstName = &#34;Ichabod&#34;; 
Locale locale = // Where you obtain the locale from is platform dependent
String lowerCaseFirstName = firstName.toLowerCase(locale);

Internal processing that isn’t locale-dependent:

Example: S3 bucket name

Always specify the language/country-neutral locale Locale.ROOT.

String imgTag = &#34;IMG&#34;; 
if (&#34;img&#34;.equals(imgTag.toLowerCase(Locale.ROOT)) {    
// do something 
}

String rcString = SubAckPacket.SubAckReasonCode.UNSPECIFIED_ERROR.name();
try {
rcString = SubAckPacket.SubAckReasonCode.getEnumValueFromInteger(v.getReasonCode()).name();
} catch (RuntimeException ignored) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Swallowing exceptions without logging can make it difficult to identify and troubleshoot issues, potentially leading to application instability, hidden bugs, or unexpected behavior. To avoid this, ensure that all exceptions are logged using appropriate logging levels. When logging exceptions, include the exception object or its stack trace to capture detailed information. For critical exceptions, rethrow them when necessary to provide sufficient context for effective troubleshooting.

Suggested remediation:
Handle all exceptions by creating a log for each exception using the message thrown.

@@ -520,2 +520,3 @@
                 } catch (RuntimeException ignored) {
+                    log.error(&#34;RuntimeException is caught.&#34;, ignored);
                 }

* 4583, "TS": 1600127641506 }, "contexts": {}, "loggerName": "Metrics-SystemMetrics",
* "timestamp": 1600127641506, "cause": null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 91.

* 1600127641506 }, "contexts": {}, "loggerName": "Metrics-SystemMetrics", "timestamp":
* 1600127641506, "cause": null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 178.

} else {
FileDescriptor stdinFd = new FileDescriptor();
setHandle(stdinFd, stdHandles[0]);
stdinStream = new BufferedOutputStream(new FileOutputStream(stdinFd));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The code is not properly closing resources, which can lead to resource leaks. Unclosed resources may cause memory leaks or other system resource issues, potentially degrading application performance over time. If an exception occurs before the explicit close() call, the resource will not be closed, increasing the risk of leaks. To remediate this, use the try-with-resources statement to automatically close AutoCloseable resources, ensuring proper resource management even when exceptions occur.

Learn more

Similar issue at line numbers 525 and 533.

@SuppressWarnings({
"UseSpecificCatch", "PMD.AvoidCatchingThrowable", "PMD.AvoidDeeplyNestedIfStmts", "PMD.ConfusingTernary"
})
private GreengrassService createGreengrassServiceInstance(Context.Value v, String name,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The cyclomatic complexity of this method is 24. By comparison, 99% of the methods in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the method has a high number of decisions and it can make the logic difficult to understand and test.

We recommend that you simplify this method or break it into multiple methods. For example, consider extracting the code block on lines 536-589 into a separate method.

String rcString = SubAckPacket.SubAckReasonCode.UNSPECIFIED_ERROR.name();
try {
rcString = SubAckPacket.SubAckReasonCode.getEnumValueFromInteger(v.getReasonCode()).name();
} catch (RuntimeException ignored) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

Swallowing exceptions without logging can make it difficult to identify and troubleshoot issues, potentially leading to application instability, hidden bugs, or unexpected behavior. To avoid this, ensure that all exceptions are logged using appropriate logging levels. When logging exceptions, include the exception object or its stack trace to capture detailed information. For critical exceptions, rethrow them when necessary to provide sufficient context for effective troubleshooting.

Suggested remediation:
Handle all exceptions by creating a log for each exception using the message thrown.

@@ -522,2 +522,3 @@
                 } catch (RuntimeException ignored) {
+                    log.error(&#34;RuntimeException is caught.&#34;, ignored);
                 }

* 1600127641506 }, "contexts": {}, "loggerName": "Metrics-SystemMetrics", "timestamp":
* 1600127641506, "cause": null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 179.

} else {
FileDescriptor stdinFd = new FileDescriptor();
setHandle(stdinFd, stdHandles[0]);
stdinStream = new BufferedOutputStream(new FileOutputStream(stdinFd));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The code is not properly closing resources, which can lead to resource leaks. Unclosed resources may cause memory leaks or other system resource issues, potentially degrading application performance over time. If an exception occurs before the explicit close() call, the resource will not be closed, increasing the risk of leaks. To remediate this, use the try-with-resources statement to automatically close AutoCloseable resources, ensuring proper resource management even when exceptions occur.

Learn more

Similar issue at line numbers 536 and 544.

.httpClientBuilder(ProxyUtils.getSdkHttpClientBuilder())
.overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build()).build();
.overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build())

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note

Invoking
Builder.retryPolicy
should be avoided because it has been deprecated.

Copilot Autofix

AI 10 days ago

To fix the problem, move the retry configuration out of ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build() and instead supply the RetryPolicy directly to the IamClient.builder().retryPolicy(retryPolicy) as per AWS SDK v2.x best practices. Remove the .overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build()) line entirely or use .overrideConfiguration(ClientOverrideConfiguration.create()) if an override configuration is still required for other reasons, but in this snippet, it appears the only reason for using ClientOverrideConfiguration is to configure retries.

Therefore:

  • Remove .overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build()) from the builder chain in the getIamClient method.
  • Insert .retryPolicy(retryPolicy) in the IamClient.builder() chain, before .build().
  • No external dependencies need to be added, and the change is constrained to the shown method.
Suggested changeset 1
src/main/java/com/aws/greengrass/util/IamSdkClientFactory.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/main/java/com/aws/greengrass/util/IamSdkClientFactory.java b/src/main/java/com/aws/greengrass/util/IamSdkClientFactory.java
--- a/src/main/java/com/aws/greengrass/util/IamSdkClientFactory.java
+++ b/src/main/java/com/aws/greengrass/util/IamSdkClientFactory.java
@@ -51,7 +51,7 @@
         return IamClient.builder()
                 .region(globalRegionByPartition)
                 .httpClientBuilder(ProxyUtils.getSdkHttpClientBuilder())
-                .overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build())
+                .retryPolicy(retryPolicy)
                 .build();
     }
 }
EOF
@@ -51,7 +51,7 @@
return IamClient.builder()
.region(globalRegionByPartition)
.httpClientBuilder(ProxyUtils.getSdkHttpClientBuilder())
.overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build())
.retryPolicy(retryPolicy)
.build();
}
}
Copilot is powered by AI and may make mistakes. Always verify output.
.httpClientBuilder(ProxyUtils.getSdkHttpClientBuilder())
.overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build()).build();
.overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build())

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note

Invoking
Builder.retryPolicy
should be avoided because it has been deprecated.

Copilot Autofix

AI 10 days ago

To fix the problem, we need to avoid setting the retry policy through a deprecated method on ClientOverrideConfiguration.Builder. Instead, we should set the retryPolicy directly on the StsClient.builder() using its non-deprecated retryPolicy method, as recommended by the AWS SDK v2 documentation. This means:

  • Remove .overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build()) from the client builder call.
  • Add .retryPolicy(retryPolicy) directly to the StsClient.builder() chain.
  • No additional imports or method changes are needed; simply update the builder chain to use the preferred API.

All changes are localized within the getStsClient method of StsSdkClientFactory.java.


Suggested changeset 1
src/main/java/com/aws/greengrass/util/StsSdkClientFactory.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/main/java/com/aws/greengrass/util/StsSdkClientFactory.java b/src/main/java/com/aws/greengrass/util/StsSdkClientFactory.java
--- a/src/main/java/com/aws/greengrass/util/StsSdkClientFactory.java
+++ b/src/main/java/com/aws/greengrass/util/StsSdkClientFactory.java
@@ -50,7 +50,7 @@
         return StsClient.builder()
                 .region(Region.of(awsRegion))
                 .httpClientBuilder(ProxyUtils.getSdkHttpClientBuilder())
-                .overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build())
+                .retryPolicy(retryPolicy)
                 .build();
     }
 }
EOF
@@ -50,7 +50,7 @@
return StsClient.builder()
.region(Region.of(awsRegion))
.httpClientBuilder(ProxyUtils.getSdkHttpClientBuilder())
.overrideConfiguration(ClientOverrideConfiguration.builder().retryPolicy(retryPolicy).build())
.retryPolicy(retryPolicy)
.build();
}
}
Copilot is powered by AI and may make mistakes. Always verify output.
@@ -265,16 +279,17 @@

private Set<Integer> pidsInComponentCgroup(Cgroup cgroup, String component) throws IOException {
return Files.readAllLines(cgroup.getCgroupProcsPath(component))
.stream().map(Integer::parseInt).collect(Collectors.toSet());
.stream()
.map(Integer::parseInt)

Check notice

Code scanning / CodeQL

Missing catch of NumberFormatException Note

Potential uncaught 'java.lang.NumberFormatException'.

Copilot Autofix

AI 10 days ago

The best way to fix this problem is to catch NumberFormatException when parsing each line as an integer. This prevents a bad line from crashing the operation and lets the code skip malformed values gracefully. This can be done by replacing the direct .map(Integer::parseInt) with a .flatMap(...) or similar, which tries to parse each line, includes it in the result if successful, and skips it if not, possibly logging the parse error.

Edit only lines 282-284 in pidsInComponentCgroup in src/main/java/com/aws/greengrass/util/platforms/unix/linux/LinuxSystemResourceController.java.
Add a logger statement if a malformed line is skipped—for observability.
No new imports are required, as logger is already available.


Suggested changeset 1
src/main/java/com/aws/greengrass/util/platforms/unix/linux/LinuxSystemResourceController.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/main/java/com/aws/greengrass/util/platforms/unix/linux/LinuxSystemResourceController.java b/src/main/java/com/aws/greengrass/util/platforms/unix/linux/LinuxSystemResourceController.java
--- a/src/main/java/com/aws/greengrass/util/platforms/unix/linux/LinuxSystemResourceController.java
+++ b/src/main/java/com/aws/greengrass/util/platforms/unix/linux/LinuxSystemResourceController.java
@@ -280,7 +280,15 @@
     private Set<Integer> pidsInComponentCgroup(Cgroup cgroup, String component) throws IOException {
         return Files.readAllLines(cgroup.getCgroupProcsPath(component))
                 .stream()
-                .map(Integer::parseInt)
+                .flatMap(line -> {
+                    try {
+                        return Arrays.stream(new Integer[]{Integer.parseInt(line)});
+                    } catch (NumberFormatException ex) {
+                        logger.warn("Malformed PID '{}' in {}: {}", line,
+                                cgroup.getCgroupProcsPath(component), ex.getMessage());
+                        return Arrays.stream(new Integer[0]);
+                    }
+                })
                 .collect(Collectors.toSet());
     }
 
EOF
@@ -280,7 +280,15 @@
private Set<Integer> pidsInComponentCgroup(Cgroup cgroup, String component) throws IOException {
return Files.readAllLines(cgroup.getCgroupProcsPath(component))
.stream()
.map(Integer::parseInt)
.flatMap(line -> {
try {
return Arrays.stream(new Integer[]{Integer.parseInt(line)});
} catch (NumberFormatException ex) {
logger.warn("Malformed PID '{}' in {}: {}", line,
cgroup.getCgroupProcsPath(component), ex.getMessage());
return Arrays.stream(new Integer[0]);
}
})
.collect(Collectors.toSet());
}

Copilot is powered by AI and may make mistakes. Always verify output.
.componentName("MonitoringService")
.componentVersion(new Semver("1.0.0"))
.componentDescription("a monitor service")
.build();

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
FileUtils.writeStringToFile
should be avoided because it has been deprecated.

Copilot Autofix

AI 10 days ago

To fix the deprecated usage of FileUtils.writeStringToFile(File, String), replace the call with FileUtils.writeStringToFile(File, String, Charset), supplying an explicit encoding, preferably StandardCharsets.UTF_8 since this is already imported and used elsewhere in the code. The change should only be made on line 183 of src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java, substituting the old call with one specifying the encoding. No additional imports are necessary as StandardCharsets is already present.

Suggested changeset 1
src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java b/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java
--- a/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java
+++ b/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java
@@ -180,7 +180,7 @@
 
         assertThat(expectedRecipeFile, not(anExistingFile()));
         String oldContent = "old content that will be replaced";
-        FileUtils.writeStringToFile(expectedRecipeFile, oldContent);
+        FileUtils.writeStringToFile(expectedRecipeFile, oldContent, StandardCharsets.UTF_8);
 
         assertThat(expectedRecipeFile, is(anExistingFile()));
         String fileContent = new String(Files.readAllBytes(expectedRecipeFile.toPath()));
EOF
@@ -180,7 +180,7 @@

assertThat(expectedRecipeFile, not(anExistingFile()));
String oldContent = "old content that will be replaced";
FileUtils.writeStringToFile(expectedRecipeFile, oldContent);
FileUtils.writeStringToFile(expectedRecipeFile, oldContent, StandardCharsets.UTF_8);

assertThat(expectedRecipeFile, is(anExistingFile()));
String fileContent = new String(Files.readAllBytes(expectedRecipeFile.toPath()));
Copilot is powered by AI and may make mistakes. Always verify output.
.componentVersion(new Semver("1.0.0")).componentDescription("a monitor service").build();
.recipeFormatVersion(RecipeFormatVersion.JAN_25_2020)
.componentName("MonitoringService")
.componentVersion(new Semver("1.0.0"))

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
FileUtils.writeStringToFile
should be avoided because it has been deprecated.

Copilot Autofix

AI 10 days ago

To fix the deprecated invocation, update the call on line 221 from FileUtils.writeStringToFile(expectedRecipeFile, recipeString) to FileUtils.writeStringToFile(expectedRecipeFile, recipeString, StandardCharsets.UTF_8). This change makes the encoding explicit (UTF-8), addressing the reason why the previous overload was deprecated. Since StandardCharsets is already imported, there is no need to add new imports. The update does not change functionality, only prevents encoding ambiguity.

Modify only this line in src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java, with several lines of pre/post context for clarity.

Suggested changeset 1
src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java b/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java
--- a/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java
+++ b/src/test/java/com/aws/greengrass/componentmanager/ComponentStoreTest.java
@@ -218,7 +218,7 @@
         File expectedRecipeFile = getExpectedRecipeFile(componentIdentifier);
 
         assertThat(expectedRecipeFile, not(anExistingFile()));
-        FileUtils.writeStringToFile(expectedRecipeFile, recipeString);
+        FileUtils.writeStringToFile(expectedRecipeFile, recipeString, StandardCharsets.UTF_8);
 
         assertThat(expectedRecipeFile, is(anExistingFile()));
         long modifiedTime = expectedRecipeFile.lastModified();
EOF
@@ -218,7 +218,7 @@
File expectedRecipeFile = getExpectedRecipeFile(componentIdentifier);

assertThat(expectedRecipeFile, not(anExistingFile()));
FileUtils.writeStringToFile(expectedRecipeFile, recipeString);
FileUtils.writeStringToFile(expectedRecipeFile, recipeString, StandardCharsets.UTF_8);

assertThat(expectedRecipeFile, is(anExistingFile()));
long modifiedTime = expectedRecipeFile.lastModified();
Copilot is powered by AI and may make mistakes. Always verify output.
.responseBody(AbortableInputStream.create(IOUtils.toInputStream("random"))).build());
when(request.call()).thenReturn(HttpExecuteResponse.builder()
.response(SdkHttpResponse.builder().statusCode(HTTP_OK).build())
.responseBody(AbortableInputStream.create(IOUtils.toInputStream("random")))

Check notice

Code scanning / CodeQL

Deprecated method or constructor invocation Note test

Invoking
IOUtils.toInputStream
should be avoided because it has been deprecated.

Copilot Autofix

AI 10 days ago

To fix the issue, we should replace the use of the deprecated method IOUtils.toInputStream(String) on line 365 with a non-deprecated alternative for creating an InputStream from a String. The current recommended approach is to use new ByteArrayInputStream(string.getBytes(StandardCharsets.UTF_8)), which ensures the string is properly encoded and converted to an input stream. This approach does not require any external dependency beyond standard Java libraries, so only an additional import for java.nio.charset.StandardCharsets may be needed if it is not already present in the file.

The fix affects only line 365 in src/test/java/com/aws/greengrass/deployment/DeploymentDocumentDownloaderTest.java. The replacement block should convert "random" to an InputStream as described, maintaining the encoding consistency.

Suggested changeset 1
src/test/java/com/aws/greengrass/deployment/DeploymentDocumentDownloaderTest.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/test/java/com/aws/greengrass/deployment/DeploymentDocumentDownloaderTest.java b/src/test/java/com/aws/greengrass/deployment/DeploymentDocumentDownloaderTest.java
--- a/src/test/java/com/aws/greengrass/deployment/DeploymentDocumentDownloaderTest.java
+++ b/src/test/java/com/aws/greengrass/deployment/DeploymentDocumentDownloaderTest.java
@@ -362,7 +362,7 @@
 
         when(request.call()).thenReturn(HttpExecuteResponse.builder()
                 .response(SdkHttpResponse.builder().statusCode(HTTP_OK).build())
-                .responseBody(AbortableInputStream.create(IOUtils.toInputStream("random")))
+                .responseBody(AbortableInputStream.create(new java.io.ByteArrayInputStream("random".getBytes(java.nio.charset.StandardCharsets.UTF_8))))
                 .build());
 
         RetryableDeploymentDocumentDownloadException exception =
EOF
@@ -362,7 +362,7 @@

when(request.call()).thenReturn(HttpExecuteResponse.builder()
.response(SdkHttpResponse.builder().statusCode(HTTP_OK).build())
.responseBody(AbortableInputStream.create(IOUtils.toInputStream("random")))
.responseBody(AbortableInputStream.create(new java.io.ByteArrayInputStream("random".getBytes(java.nio.charset.StandardCharsets.UTF_8))))
.build());

RetryableDeploymentDocumentDownloadException exception =
Copilot is powered by AI and may make mistakes. Always verify output.
Long id = 1L;
Publish request = Publish.builder().topic("spool")
MqttClient client = spy(new MqttClient(deviceConfiguration, spool, false, (c) -> builder, executorService));
Long id = 1L;

Check warning

Code scanning / CodeQL

Boxed variable is never null Warning test

The variable 'id' is only assigned values of primitive type and is never 'null', but it is declared with the boxed type 'Long'.

Copilot Autofix

AI 10 days ago

To fix the problem, change the declaration of id at line 993 from the boxed type Long to the primitive type long. Assign the primitive value as before. Use the primitive type throughout that method where id is used. This does not change functionality, as the variable is not intended to be null and is only used as an ID value. No additional imports or method changes are necessary, assuming that SpoolMessage.builder().id(...) and spool.getMessageById(...) accept either primitive longs or their boxed equivalent (Java will auto-box if needed). All edits are confined to the method shown.


Suggested changeset 1
src/test/java/com/aws/greengrass/mqttclient/MqttClientTest.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/test/java/com/aws/greengrass/mqttclient/MqttClientTest.java b/src/test/java/com/aws/greengrass/mqttclient/MqttClientTest.java
--- a/src/test/java/com/aws/greengrass/mqttclient/MqttClientTest.java
+++ b/src/test/java/com/aws/greengrass/mqttclient/MqttClientTest.java
@@ -990,7 +990,7 @@
 
         // The mqttClient is initiated when connectivity is offline
         MqttClient client = spy(new MqttClient(deviceConfiguration, spool, false, (c) -> builder, executorService));
-        Long id = 1L;
+        long id = 1L;
         Publish request = Publish.builder()
                 .topic("spool")
                 .payload("What's up".getBytes(StandardCharsets.UTF_8))
EOF
@@ -990,7 +990,7 @@

// The mqttClient is initiated when connectivity is offline
MqttClient client = spy(new MqttClient(deviceConfiguration, spool, false, (c) -> builder, executorService));
Long id = 1L;
long id = 1L;
Publish request = Publish.builder()
.topic("spool")
.payload("What's up".getBytes(StandardCharsets.UTF_8))
Copilot is powered by AI and may make mistakes. Always verify output.
@SuppressWarnings({
"UseSpecificCatch", "PMD.AvoidCatchingThrowable", "PMD.AvoidDeeplyNestedIfStmts", "PMD.ConfusingTernary"
})
private GreengrassService createGreengrassServiceInstance(Context.Value v, String name,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The cyclomatic complexity of this method is 24. By comparison, 99% of the methods in the CodeGuru reference dataset have a lower cyclomatic complexity. This indicates the method has a high number of decisions and it can make the logic difficult to understand and test.

We recommend that you simplify this method or break it into multiple methods. For example, consider extracting the code block on lines 541-595 into a separate method.

* 1600127641506 }, "contexts": {}, "loggerName": "Metrics-SystemMetrics", "timestamp":
* 1600127641506, "cause": null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 184.

* 4583, "TS": 1600127641506 }, "contexts": {}, "loggerName": "Metrics-SystemMetrics",
* "timestamp": 1600127641506, "cause": null }
*/
GreengrassLogMessage egLog = objectMapper.readValue(log, GreengrassLogMessage.class);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recommendation generated by Amazon CodeGuru Reviewer. Leave feedback on this recommendation by replying to the comment or by reacting to the comment using emoji.

The ObjectMapper.readValue() method can throw a JsonProcessingException, but this exception is not handled properly here. By simply logging the error and returning an empty value, the exception is ignored. This can mask potential JSON parsing issues, leading to unexpected application behavior or data corruption because the system may continue with invalid or incomplete data. To fix this, catch JsonProcessingException and either handle it appropriately or rethrow it as a custom runtime exception. https://www.ibm.com/support/pages/best-practice-catching-and-re-throwing-java-exceptions

Similar issue at line number 92.

Copy link

github-actions bot commented Oct 9, 2025

Binary incompatibility detected for commit b15e9e6.
See the uploaded artifacts from the action for details. You must bump the version number.

com.aws.greengrass.componentmanager.KernelConfigResolver is binary incompatible and is source incompatible because of METHOD_REMOVED
com.aws.greengrass.deployment.activator.DefaultActivator is binary incompatible and is source incompatible because of METHOD_REMOVED_IN_SUPERCLASS
com.aws.greengrass.deployment.activator.DeploymentActivator is binary incompatible and is source incompatible because of METHOD_REMOVED
com.aws.greengrass.deployment.activator.KernelUpdateActivator is binary incompatible and is source incompatible because of METHOD_REMOVED_IN_SUPERCLASS
com.aws.greengrass.deployment.DefaultDeploymentTask is binary incompatible and is source incompatible because of CONSTRUCTOR_REMOVED
com.aws.greengrass.deployment.DeploymentConfigMerger is binary incompatible and is source incompatible because of METHOD_REMOVED
com.aws.greengrass.lifecyclemanager.KernelAlternatives is binary incompatible and is source incompatible because of METHOD_LESS_ACCESSIBLE
com.aws.greengrass.telemetry.AggregatedMetric is binary incompatible and is source incompatible because of METHOD_RETURN_TYPE_CHANGED, CONSTRUCTOR_REMOVED, METHOD_REMOVED
com.aws.greengrass.telemetry.AggregatedMetric$AggregatedMetricBuilder is binary incompatible and is source incompatible because of METHOD_REMOVED
com.aws.greengrass.util.NucleusPaths is binary incompatible and is source incompatible because of CONSTRUCTOR_REMOVED
com.aws.greengrass.util.orchestration.SystemServiceUtils is binary incompatible and is source incompatible because of METHOD_REMOVED

Produced by binaryCompatability.py

Copy link

github-actions bot commented Oct 9, 2025

Unit Tests Coverage Report

File Coverage Lines Branches
All files 66% 70% 62%
com.aws.greengrass.deployment.activator.DeploymentActivatorFactory 100% 100% 100%
com.aws.greengrass.deployment.activator.KernelUpdateActivator 59% 62% 55%
com.aws.greengrass.deployment.activator.DeploymentActivator 37% 25% 50%
com.aws.greengrass.deployment.activator.DefaultActivator 0% 0% 0%
com.aws.greengrass.authorization.AuthorizationIPCAgent$ValidateAuthorizationTokenOperationHandler 95% 91% 100%
com.aws.greengrass.authorization.AuthorizationPolicyParser$1 100% 100% 0%
com.aws.greengrass.authorization.AuthorizationPolicyParser$2 0% 0% 0%
com.aws.greengrass.authorization.WildcardTrie 97% 98% 95%
com.aws.greengrass.authorization.AuthorizationIPCAgent 100% 100% 0%
com.aws.greengrass.authorization.AuthorizationPolicyParser 84% 91% 77%
com.aws.greengrass.authorization.AuthorizationHandler$ResourceLookupPolicy 100% 100% 0%
com.aws.greengrass.authorization.AuthorizationHandler 85% 93% 78%
com.aws.greengrass.authorization.AuthorizationModule 96% 100% 93%
com.aws.greengrass.authorization.AuthorizationPolicy 100% 100% 0%
com.aws.greengrass.util.IotSdkClientFactory$EnvironmentStage 52% 55% 50%
com.aws.greengrass.util.IotSdkClientFactory 86% 89% 83%
com.aws.greengrass.util.RootCAUtils 61% 67% 56%
com.aws.greengrass.util.DependencyOrder 100% 100% 100%
com.aws.greengrass.util.SerializerFactory 100% 100% 0%
com.aws.greengrass.util.BaseRetryableAccessor 95% 90% 100%
com.aws.greengrass.util.CommitableWriter 47% 70% 25%
com.aws.greengrass.util.EncryptionUtils$PemWriter 100% 100% 100%
com.aws.greengrass.util.IamSdkClientFactory 100% 100% 0%
com.aws.greengrass.util.OrderedExecutorService$OrderedTask 81% 88% 75%
com.aws.greengrass.util.ProxyUtils 72% 73% 71%
com.aws.greengrass.util.FileSystemPermission$Option 100% 100% 0%
com.aws.greengrass.util.NucleusPaths 90% 90% 0%
com.aws.greengrass.util.Exec 62% 78% 46%
com.aws.greengrass.util.StsSdkClientFactory 100% 100% 0%
com.aws.greengrass.util.MqttChunkedPayloadPublisher 79% 65% 94%
com.aws.greengrass.util.LockFactory 75% 75% 0%
com.aws.greengrass.util.CommitableReader 67% 84% 50%
com.aws.greengrass.util.Utils$1 50% 50% 0%
com.aws.greengrass.util.Utils 79% 82% 76%
com.aws.greengrass.util.AppendableWriter 0% 0% 0%
com.aws.greengrass.util.Digest 83% 92% 75%
com.aws.greengrass.util.OrderedExecutorService 82% 81% 83%
com.aws.greengrass.util.CommitableFile 78% 85% 71%
com.aws.greengrass.util.RetryUtils$DifferentiatedRetryConfig 100% 100% 0%
com.aws.greengrass.util.Coerce 92% 93% 91%
com.aws.greengrass.util.BatchedSubscriber 87% 100% 75%
com.aws.greengrass.util.LockScope 100% 100% 0%
com.aws.greengrass.util.Exec$Copier 86% 91% 82%
com.aws.greengrass.util.S3SdkClientFactory 92% 100% 85%
com.aws.greengrass.util.LoaderLogsSummarizer 0% 0% 0%
com.aws.greengrass.util.DefaultConcurrentHashMap 100% 100% 100%
com.aws.greengrass.util.Coerce$1 100% 100% 0%
com.aws.greengrass.util.GreengrassServiceClientFactory$1 0% 0% 0%
com.aws.greengrass.util.RegionUtils 58% 58% 0%
com.aws.greengrass.util.RetryUtils 85% 92% 79%
com.aws.greengrass.util.Permissions 85% 98% 72%
com.aws.greengrass.util.EncryptionUtils 100% 100% 100%
com.aws.greengrass.util.GreengrassServiceClientFactory 27% 21% 34%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$CmdDecorator 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$WindowsFileSystemPermissionView 0% 0% 0%
com.aws.greengrass.util.platforms.windows.UserEnv 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$1 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$2 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsExec 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsUserAttributes 0% 0% 0%
com.aws.greengrass.util.platforms.windows.UserEnv$PROFILEINFO 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$RunasDecorator 0% 0% 0%
com.aws.greengrass.componentmanager.plugins.docker.DefaultDockerClient 1% 1% 0%
com.aws.greengrass.componentmanager.plugins.docker.EcrAccessor 62% 62% 0%
com.aws.greengrass.componentmanager.plugins.docker.DockerImageDownloader 79% 76% 81%
com.aws.greengrass.componentmanager.plugins.docker.Image 66% 66% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry$RegistrySource 100% 100% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry$RegistryType 100% 100% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry$Credentials 75% 75% 0%
com.aws.greengrass.componentmanager.plugins.docker.DockerApplicationManagerService 0% 0% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry 75% 100% 50%
com.aws.greengrass.componentmanager.plugins.docker.DockerImageArtifactParser 97% 98% 96%
com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent 87% 92% 83%
com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent$PublishToIoTCoreOperationHandler 55% 74% 37%
com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent$SubscribeToIoTCoreOperationHandler 40% 44% 35%
com.aws.greengrass.mqttclient.v5.PubAck 81% 100% 62%
com.aws.greengrass.mqttclient.v5.Subscribe 75% 100% 50%
com.aws.greengrass.mqttclient.v5.SubscribeResponse 83% 100% 66%
com.aws.greengrass.mqttclient.v5.Subscribe$RetainHandlingType 100% 100% 0%
com.aws.greengrass.mqttclient.v5.UnsubscribeResponse 75% 100% 50%
com.aws.greengrass.mqttclient.v5.Publish$PayloadFormatIndicator 54% 54% 0%
com.aws.greengrass.mqttclient.v5.QOS 67% 84% 50%
com.aws.greengrass.mqttclient.v5.Publish 45% 52% 37%
com.aws.greengrass.builtin.services.telemetry.ComponentMetricIPCEventStreamAgent$PutComponentMetricOperationHandler 88% 88% 0%
com.aws.greengrass.builtin.services.telemetry.ComponentMetricIPCEventStreamAgent 87% 97% 76%
com.aws.greengrass.componentmanager.models.ComponentIdentifier 100% 100% 0%
com.aws.greengrass.componentmanager.models.ComponentMetadata 0% 0% 0%
com.aws.greengrass.componentmanager.models.PermissionType 58% 66% 50%
com.aws.greengrass.componentmanager.models.Permission 70% 100% 40%
com.aws.greengrass.componentmanager.models.ComponentRequirementIdentifier 0% 0% 0%
com.aws.greengrass.util.platforms.StubResourceController 20% 20% 0%
com.aws.greengrass.util.platforms.Platform$1 100% 100% 0%
com.aws.greengrass.util.platforms.UserDecorator 100% 100% 0%
com.aws.greengrass.util.platforms.Platform 66% 75% 58%
com.aws.greengrass.util.platforms.Platform$FileSystemPermissionView 100% 100% 0%
com.aws.greengrass.dependency.Context$Value 81% 87% 75%
com.aws.greengrass.dependency.EZPlugins 43% 50% 36%
com.aws.greengrass.dependency.Context 78% 83% 72%
com.aws.greengrass.dependency.InjectionActions 100% 100% 0%
com.aws.greengrass.dependency.State 51% 72% 30%
com.aws.greengrass.dependency.ComponentStatusCode 43% 64% 23%
com.aws.greengrass.dependency.Context$1 84% 69% 100%
com.aws.greengrass.mqttclient.spool.Spool 82% 89% 75%
com.aws.greengrass.mqttclient.spool.InMemorySpool 77% 77% 0%
com.aws.greengrass.mqttclient.spool.SpoolerStorageType 100% 100% 0%
com.aws.greengrass.componentmanager.KernelConfigResolver 83% 89% 77%
com.aws.greengrass.componentmanager.Unarchiver 3% 3% 0%
com.aws.greengrass.componentmanager.ClientConfigurationUtils 0% 0% 0%
com.aws.greengrass.componentmanager.ComponentStore 62% 66% 58%
com.aws.greengrass.componentmanager.ComponentServiceHelper 64% 79% 50%
com.aws.greengrass.componentmanager.DependencyResolver 96% 98% 94%
com.aws.greengrass.componentmanager.ComponentManager 69% 71% 66%
com.aws.greengrass.util.platforms.unix.UnixRunWithGenerator 79% 74% 84%
com.aws.greengrass.util.platforms.unix.UnixPlatform$ShDecorator 68% 87% 50%
com.aws.greengrass.util.platforms.unix.UnixUserAttributes 58% 66% 50%
com.aws.greengrass.util.platforms.unix.UnixPlatform$IdOption 100% 100% 0%
com.aws.greengrass.util.platforms.unix.UnixPlatform 36% 37% 35%
com.aws.greengrass.util.platforms.unix.UnixExec 42% 44% 40%
com.aws.greengrass.util.platforms.unix.UnixGroupAttributes 0% 0% 0%
com.aws.greengrass.util.platforms.unix.QNXPlatform 0% 0% 0%
com.aws.greengrass.util.platforms.unix.UnixPlatform$1 100% 100% 0%
com.aws.greengrass.util.platforms.unix.UnixPlatform$SudoDecorator 72% 86% 58%
com.aws.greengrass.util.platforms.unix.UnixPlatform$PosixFileSystemPermissionView 100% 100% 100%
com.aws.greengrass.util.platforms.unix.DarwinPlatform 0% 0% 0%
com.aws.greengrass.config.UpdateBehaviorTree$PrunedUpdateBehaviorTree 80% 80% 0%
com.aws.greengrass.config.Node 88% 89% 87%
com.aws.greengrass.config.PlatformResolver 68% 79% 58%
com.aws.greengrass.config.ConfigurationReader$1 100% 100% 0%
com.aws.greengrass.config.Configuration 81% 89% 72%
com.aws.greengrass.config.ConfigurationReader 90% 96% 84%
com.aws.greengrass.config.UpdateBehaviorTree 100% 100% 100%
com.aws.greengrass.config.Topic 75% 82% 68%
com.aws.greengrass.config.CaseInsensitiveString 65% 70% 60%
com.aws.greengrass.config.Topics 89% 91% 88%
com.aws.greengrass.config.ConfigurationReader$ConfigurationMode 100% 100% 0%
com.aws.greengrass.config.ConfigurationWriter 73% 75% 72%
com.aws.greengrass.config.WhatHappened 100% 100% 0%
com.aws.greengrass.config.UpdateBehaviorTree$UpdateBehavior 100% 100% 0%
com.aws.greengrass.iot.IotConnectionManager 20% 34% 5%
com.aws.greengrass.iot.IotCloudHelper 78% 90% 66%
com.aws.greengrass.iot.model.IotCloudResponse 100% 100% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapTaskStatus 100% 100% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapSuccessCode 83% 100% 66%
com.aws.greengrass.deployment.bootstrap.BootstrapManager 78% 82% 74%
com.aws.greengrass.deployment.bootstrap.BootstrapManager$1 100% 100% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapTaskStatus$ExecutionStatus 100% 100% 0%
com.aws.greengrass.deployment.model.S3EndpointType 100% 100% 0%
com.aws.greengrass.deployment.model.FailureHandlingPolicy 100% 100% 0%
com.aws.greengrass.deployment.model.DeploymentTask 100% 100% 0%
com.aws.greengrass.deployment.model.RunWith 85% 95% 75%
com.aws.greengrass.deployment.model.DeploymentPackageConfiguration 57% 57% 0%
com.aws.greengrass.deployment.model.DeploymentDocument$SDKSerializer 100% 100% 0%
com.aws.greengrass.deployment.model.Deployment$DeploymentType 100% 100% 0%
com.aws.greengrass.deployment.model.Deployment 87% 100% 75%
com.aws.greengrass.deployment.model.Deployment$DeploymentStage 100% 100% 0%
com.aws.greengrass.deployment.model.DeploymentDocument$SDKDeserializer 80% 80% 0%
com.aws.greengrass.deployment.model.DeploymentTaskMetadata 78% 78% 0%
com.aws.greengrass.deployment.model.DeploymentDocument 100% 100% 100%
com.aws.greengrass.deployment.model.DeploymentResult$DeploymentStatus 100% 100% 0%
com.aws.greengrass.status.FleetStatusService 76% 83% 69%
com.aws.greengrass.status.FleetStatusService$1 100% 100% 0%
com.aws.greengrass.mqttclient.MqttClient$1 75% 100% 50%
com.aws.greengrass.mqttclient.MqttClient$2 100% 100% 0%
com.aws.greengrass.mqttclient.AwsIotMqtt5Client 49% 67% 32%
com.aws.greengrass.mqttclient.PublishRequest 71% 92% 50%
com.aws.greengrass.mqttclient.MqttClient 76% 83% 69%
com.aws.greengrass.mqttclient.WrapperMqttClientConnection 91% 82% 100%
com.aws.greengrass.mqttclient.AwsIotMqttClient 81% 87% 75%
com.aws.greengrass.mqttclient.AwsIotMqttClient$1 71% 93% 50%
com.aws.greengrass.mqttclient.CallbackEventManager 91% 92% 91%
com.aws.greengrass.mqttclient.IotCoreTopicValidator 89% 93% 85%
com.aws.greengrass.mqttclient.MqttTopic 97% 94% 100%
com.aws.greengrass.mqttclient.AwsIotMqtt5Client$1 50% 73% 27%
com.aws.greengrass.mqttclient.IotCoreTopicValidator$Operation 100% 100% 0%
com.aws.greengrass.network.HttpClientProvider 50% 50% 0%
com.aws.greengrass.status.model.FleetStatusDetails 100% 100% 100%
com.aws.greengrass.status.model.OverallStatus 100% 100% 0%
com.aws.greengrass.status.model.Trigger 56% 75% 37%
com.aws.greengrass.status.model.MessageType 75% 83% 66%
com.aws.greengrass.deployment.errorcode.DeploymentErrorCode 100% 100% 0%
com.aws.greengrass.deployment.errorcode.DeploymentErrorCodeUtils 74% 78% 70%
com.aws.greengrass.deployment.errorcode.DeploymentErrorType 100% 100% 0%
com.aws.greengrass.tes.CredentialRequestHandler 84% 91% 77%
com.aws.greengrass.tes.CredentialRequestHandler$TESCache 100% 100% 0%
com.aws.greengrass.tes.HttpServerImpl 100% 100% 0%
com.aws.greengrass.tes.LazyCredentialProvider 12% 12% 0%
com.aws.greengrass.tes.TokenExchangeService 73% 87% 60%
com.aws.greengrass.componentmanager.converter.RecipeLoader 77% 92% 62%
com.aws.greengrass.componentmanager.converter.RecipeLoader$RecipeFormat 100% 100% 0%
com.aws.greengrass.lifecyclemanager.Periodicity 13% 15% 11%
com.aws.greengrass.lifecyclemanager.LogManagerHelper 100% 100% 0%
com.aws.greengrass.lifecyclemanager.UnloadableService 78% 73% 83%
com.aws.greengrass.lifecyclemanager.RunWithPathOwnershipHandler 100% 100% 100%
com.aws.greengrass.lifecyclemanager.KernelAlternatives 48% 49% 47%
com.aws.greengrass.lifecyclemanager.ShellRunner$Default 67% 69% 64%
com.aws.greengrass.lifecyclemanager.GreengrassService 75% 79% 71%
com.aws.greengrass.lifecyclemanager.Lifecycle$DesiredStateUpdatedEvent 100% 100% 0%
com.aws.greengrass.lifecyclemanager.GenericExternalService 44% 48% 40%
com.aws.greengrass.lifecyclemanager.GreengrassService$RunStatus 100% 100% 0%
com.aws.greengrass.lifecyclemanager.Lifecycle 79% 83% 75%
com.aws.greengrass.lifecyclemanager.Kernel 71% 73% 68%
com.aws.greengrass.lifecyclemanager.KernelMetricsEmitter 100% 100% 100%
com.aws.greengrass.lifecyclemanager.Lifecycle$StateEvent 100% 100% 0%
com.aws.greengrass.lifecyclemanager.KernelCommandLine 77% 78% 76%
com.aws.greengrass.lifecyclemanager.GenericExternalService$RunResult 100% 100% 0%
com.aws.greengrass.lifecyclemanager.Kernel$1 82% 100% 64%
com.aws.greengrass.lifecyclemanager.KernelLifecycle 81% 85% 77%
com.aws.greengrass.lifecyclemanager.PluginService 41% 50% 33%
com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService 7% 8% 7%
com.aws.greengrass.util.platforms.unix.linux.Cgroup 61% 61% 0%
com.aws.greengrass.util.platforms.unix.linux.LinuxSystemResourceController 6% 8% 5%
com.aws.greengrass.util.platforms.unix.linux.LinuxSystemResourceController$CgroupFreezerState 0% 0% 0%
com.aws.greengrass.util.platforms.unix.linux.LinuxPlatform 100% 100% 0%
com.aws.greengrass.deployment.converter.DeploymentDocumentConverter 76% 82% 70%
com.aws.greengrass.ipc.AuthenticationHandler 16% 23% 8%
com.aws.greengrass.ipc.IPCEventStreamService 65% 80% 50%
com.aws.greengrass.jna.Kernel32Ex 0% 0% 0%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$UpdateConfigurationOperationHandler 76% 73% 80%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent 63% 77% 50%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$ConfigurationUpdateOperationHandler 69% 78% 59%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$GetConfigurationOperationHandler 76% 81% 71%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$SendConfigurationValidityReportOperationHandler 86% 90% 83%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$ValidateConfigurationUpdatesOperationHandler 86% 86% 0%
com.aws.greengrass.ipc.common.DefaultOperationHandler 0% 0% 0%
com.aws.greengrass.security.SecurityService$DefaultCryptoKeyProvider 96% 93% 100%
com.aws.greengrass.security.SecurityService 79% 78% 81%
com.aws.greengrass.provisioning.ProvisioningPluginFactory 0% 0% 0%
com.aws.greengrass.provisioning.ProvisioningConfigUpdateHelper 91% 100% 83%
com.aws.greengrass.componentmanager.builtins.GreengrassRepositoryDownloader 51% 63% 39%
com.aws.greengrass.componentmanager.builtins.S3Downloader 56% 63% 50%
com.aws.greengrass.componentmanager.builtins.ArtifactDownloaderFactory 79% 78% 80%
com.aws.greengrass.componentmanager.builtins.ArtifactDownloader 82% 83% 80%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$UpdateStateOperationHandler 90% 90% 0%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$DeferComponentUpdateHandler 77% 77% 0%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent 30% 24% 37%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$SubscribeToComponentUpdateOperationHandler 73% 96% 50%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$PauseComponentHandler 89% 90% 87%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$ResumeComponentHandler 89% 90% 87%
com.aws.greengrass.builtin.services.pubsub.PubSubIPCEventStreamAgent$PublishToTopicOperationHandler 90% 80% 100%
com.aws.greengrass.builtin.services.pubsub.SubscriptionTrie 97% 98% 95%
com.aws.greengrass.builtin.services.pubsub.PubSubIPCEventStreamAgent 83% 92% 73%
com.aws.greengrass.builtin.services.pubsub.PubSubIPCEventStreamAgent$SubscribeToTopicOperationHandler 73% 73% 0%
com.aws.greengrass.telemetry.MetricsPayload 100% 100% 0%
com.aws.greengrass.telemetry.MetricsAggregator 87% 90% 83%
com.aws.greengrass.telemetry.MetricsAggregator$1 100% 100% 0%
com.aws.greengrass.telemetry.AggregatedMetric 100% 100% 0%
com.aws.greengrass.telemetry.TelemetryAgent 72% 78% 66%
com.aws.greengrass.telemetry.TelemetryConfiguration 53% 67% 40%
com.aws.greengrass.telemetry.PeriodicMetricsEmitter 100% 100% 0%
com.aws.greengrass.telemetry.TelemetryAgent$1 60% 60% 0%
com.aws.greengrass.telemetry.SystemMetricsEmitter 100% 100% 100%
com.aws.greengrass.deployment.DeploymentConfigMerger 82% 83% 80%
com.aws.greengrass.deployment.IotJobsHelper$IotJobsClientFactory 100% 100% 0%
com.aws.greengrass.deployment.DeploymentConfigMerger$AggregateServicesChangeManager 72% 70% 75%
com.aws.greengrass.deployment.DeviceConfiguration 74% 80% 69%
com.aws.greengrass.deployment.DeploymentDocumentDownloader 69% 81% 58%
com.aws.greengrass.deployment.DeploymentQueue 97% 100% 95%
com.aws.greengrass.deployment.DeploymentService 56% 64% 47%
com.aws.greengrass.deployment.IotJobsHelper$LatestQueuedJobs 69% 69% 70%
com.aws.greengrass.deployment.KernelUpdateDeploymentTask 70% 84% 57%
com.aws.greengrass.deployment.DynamicComponentConfigurationValidator 84% 94% 75%
com.aws.greengrass.deployment.DefaultDeploymentTask 62% 73% 51%
com.aws.greengrass.deployment.DeploymentDirectoryManager 71% 87% 56%
com.aws.greengrass.deployment.IotJobsHelper$WrapperMqttConnectionFactory 100% 100% 0%
com.aws.greengrass.deployment.IotJobsHelper 54% 59% 48%
com.aws.greengrass.deployment.IotJobsHelper$1 85% 85% 0%
com.aws.greengrass.deployment.ThingGroupHelper 47% 62% 33%
com.aws.greengrass.deployment.ShadowDeploymentListener 23% 32% 14%
com.aws.greengrass.deployment.ShadowDeploymentListener$1 14% 14% 0%
com.aws.greengrass.deployment.DeploymentStatusKeeper 82% 94% 71%
com.aws.greengrass.deployment.IotJobsClientWrapper 15% 15% 0%
com.aws.greengrass.util.orchestration.SystemServiceUtilsFactory 0% 0% 0%
com.aws.greengrass.util.orchestration.ProcdUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.SystemServiceUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.InitUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.SystemdUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.WinswUtils 0% 0% 0%
com.aws.greengrass.testing.TestFeatureParameters 83% 100% 66%
com.aws.greengrass.testing.TestFeatureParameters$1 100% 100% 0%
com.aws.greengrass.ipc.modules.PubSubIPCService 81% 81% 0%
com.aws.greengrass.ipc.modules.AuthorizationService 75% 75% 0%
com.aws.greengrass.ipc.modules.ComponentMetricIPCService 76% 76% 0%
com.aws.greengrass.ipc.modules.MqttProxyIPCService 64% 64% 0%
com.aws.greengrass.ipc.modules.LifecycleIPCService 86% 86% 0%
com.aws.greengrass.ipc.modules.ConfigStoreIPCService 80% 80% 0%
com.aws.greengrass.easysetup.GreengrassSetup 75% 73% 76%
com.aws.greengrass.easysetup.DeviceProvisioningHelper 69% 76% 62%

Minimum allowed coverage is 65%

Generated by 🐒 cobertura-action against b15e9e6

Copy link

github-actions bot commented Oct 9, 2025

Integration Tests Coverage Report

File Coverage Lines Branches
All files 51% 55% 48%
com.aws.greengrass.deployment.activator.DeploymentActivatorFactory 100% 100% 100%
com.aws.greengrass.deployment.activator.KernelUpdateActivator 25% 29% 22%
com.aws.greengrass.deployment.activator.DeploymentActivator 77% 79% 75%
com.aws.greengrass.deployment.activator.DefaultActivator 72% 79% 64%
com.aws.greengrass.authorization.AuthorizationIPCAgent$ValidateAuthorizationTokenOperationHandler 47% 45% 50%
com.aws.greengrass.authorization.AuthorizationPolicyParser$1 100% 100% 0%
com.aws.greengrass.authorization.AuthorizationPolicyParser$2 0% 0% 0%
com.aws.greengrass.authorization.WildcardTrie 73% 79% 68%
com.aws.greengrass.authorization.AuthorizationIPCAgent 100% 100% 0%
com.aws.greengrass.authorization.AuthorizationPolicyParser 76% 80% 72%
com.aws.greengrass.authorization.AuthorizationHandler$ResourceLookupPolicy 100% 100% 0%
com.aws.greengrass.authorization.AuthorizationHandler 74% 73% 74%
com.aws.greengrass.authorization.AuthorizationModule 46% 59% 33%
com.aws.greengrass.authorization.AuthorizationPolicy 0% 0% 0%
com.aws.greengrass.util.IotSdkClientFactory$EnvironmentStage 0% 0% 0%
com.aws.greengrass.util.IotSdkClientFactory 0% 0% 0%
com.aws.greengrass.util.RootCAUtils 0% 0% 0%
com.aws.greengrass.util.DependencyOrder 100% 100% 100%
com.aws.greengrass.util.SerializerFactory 100% 100% 0%
com.aws.greengrass.util.BaseRetryableAccessor 0% 0% 0%
com.aws.greengrass.util.CommitableWriter 47% 70% 25%
com.aws.greengrass.util.EncryptionUtils$PemWriter 0% 0% 0%
com.aws.greengrass.util.IamSdkClientFactory 0% 0% 0%
com.aws.greengrass.util.OrderedExecutorService$OrderedTask 45% 66% 25%
com.aws.greengrass.util.ProxyUtils 24% 28% 20%
com.aws.greengrass.util.FileSystemPermission$Option 100% 100% 0%
com.aws.greengrass.util.NucleusPaths 95% 95% 0%
com.aws.greengrass.util.Exec 70% 85% 56%
com.aws.greengrass.util.StsSdkClientFactory 0% 0% 0%
com.aws.greengrass.util.MqttChunkedPayloadPublisher 31% 34% 27%
com.aws.greengrass.util.LockFactory 75% 75% 0%
com.aws.greengrass.util.CommitableReader 0% 0% 0%
com.aws.greengrass.util.Utils$1 87% 100% 75%
com.aws.greengrass.util.Utils 55% 60% 51%
com.aws.greengrass.util.AppendableWriter 0% 0% 0%
com.aws.greengrass.util.Digest 67% 84% 50%
com.aws.greengrass.util.OrderedExecutorService 63% 77% 50%
com.aws.greengrass.util.CommitableFile 65% 73% 57%
com.aws.greengrass.util.RetryUtils$DifferentiatedRetryConfig 33% 33% 0%
com.aws.greengrass.util.Coerce 58% 63% 52%
com.aws.greengrass.util.BatchedSubscriber 59% 68% 50%
com.aws.greengrass.util.LockScope 100% 100% 0%
com.aws.greengrass.util.Exec$Copier 86% 91% 82%
com.aws.greengrass.util.S3SdkClientFactory 35% 35% 0%
com.aws.greengrass.util.LoaderLogsSummarizer 0% 0% 0%
com.aws.greengrass.util.DefaultConcurrentHashMap 100% 100% 100%
com.aws.greengrass.util.Coerce$1 0% 0% 0%
com.aws.greengrass.util.GreengrassServiceClientFactory$1 0% 0% 0%
com.aws.greengrass.util.RegionUtils 0% 0% 0%
com.aws.greengrass.util.RetryUtils 21% 30% 12%
com.aws.greengrass.util.Permissions 72% 90% 54%
com.aws.greengrass.util.EncryptionUtils 0% 0% 0%
com.aws.greengrass.util.GreengrassServiceClientFactory 48% 35% 61%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$CmdDecorator 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$WindowsFileSystemPermissionView 0% 0% 0%
com.aws.greengrass.util.platforms.windows.UserEnv 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$1 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$2 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsExec 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsUserAttributes 0% 0% 0%
com.aws.greengrass.util.platforms.windows.UserEnv$PROFILEINFO 0% 0% 0%
com.aws.greengrass.util.platforms.windows.WindowsPlatform$RunasDecorator 0% 0% 0%
com.aws.greengrass.componentmanager.plugins.docker.DefaultDockerClient 1% 1% 0%
com.aws.greengrass.componentmanager.plugins.docker.EcrAccessor 62% 75% 50%
com.aws.greengrass.componentmanager.plugins.docker.DockerImageDownloader 49% 54% 43%
com.aws.greengrass.componentmanager.plugins.docker.Image 66% 66% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry$RegistrySource 100% 100% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry$RegistryType 100% 100% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry$Credentials 75% 75% 0%
com.aws.greengrass.componentmanager.plugins.docker.DockerApplicationManagerService 0% 0% 0%
com.aws.greengrass.componentmanager.plugins.docker.Registry 75% 100% 50%
com.aws.greengrass.componentmanager.plugins.docker.DockerImageArtifactParser 82% 89% 75%
com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent 48% 56% 41%
com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent$PublishToIoTCoreOperationHandler 57% 76% 37%
com.aws.greengrass.builtin.services.mqttproxy.MqttProxyIPCAgent$SubscribeToIoTCoreOperationHandler 38% 41% 35%
com.aws.greengrass.mqttclient.v5.PubAck 0% 0% 0%
com.aws.greengrass.mqttclient.v5.Subscribe 0% 0% 0%
com.aws.greengrass.mqttclient.v5.SubscribeResponse 0% 0% 0%
com.aws.greengrass.mqttclient.v5.Subscribe$RetainHandlingType 87% 87% 0%
com.aws.greengrass.mqttclient.v5.UnsubscribeResponse 0% 0% 0%
com.aws.greengrass.mqttclient.v5.Publish$PayloadFormatIndicator 54% 54% 0%
com.aws.greengrass.mqttclient.v5.QOS 50% 76% 25%
com.aws.greengrass.mqttclient.v5.Publish 28% 32% 25%
com.aws.greengrass.builtin.services.telemetry.ComponentMetricIPCEventStreamAgent$PutComponentMetricOperationHandler 0% 0% 0%
com.aws.greengrass.builtin.services.telemetry.ComponentMetricIPCEventStreamAgent 16% 16% 0%
com.aws.greengrass.componentmanager.models.ComponentIdentifier 75% 75% 0%
com.aws.greengrass.componentmanager.models.ComponentMetadata 0% 0% 0%
com.aws.greengrass.componentmanager.models.PermissionType 58% 66% 50%
com.aws.greengrass.componentmanager.models.Permission 79% 100% 59%
com.aws.greengrass.componentmanager.models.ComponentRequirementIdentifier 0% 0% 0%
com.aws.greengrass.util.platforms.StubResourceController 20% 20% 0%
com.aws.greengrass.util.platforms.Platform$1 100% 100% 0%
com.aws.greengrass.util.platforms.UserDecorator 100% 100% 0%
com.aws.greengrass.util.platforms.Platform 80% 90% 70%
com.aws.greengrass.util.platforms.Platform$FileSystemPermissionView 100% 100% 0%
com.aws.greengrass.dependency.Context$Value 77% 84% 70%
com.aws.greengrass.dependency.EZPlugins 61% 67% 54%
com.aws.greengrass.dependency.Context 76% 83% 70%
com.aws.greengrass.dependency.InjectionActions 100% 100% 0%
com.aws.greengrass.dependency.State 51% 76% 26%
com.aws.greengrass.dependency.ComponentStatusCode 55% 73% 38%
com.aws.greengrass.dependency.Context$1 84% 69% 100%
com.aws.greengrass.mqttclient.spool.Spool 23% 36% 10%
com.aws.greengrass.mqttclient.spool.InMemorySpool 44% 44% 0%
com.aws.greengrass.mqttclient.spool.SpoolerStorageType 100% 100% 0%
com.aws.greengrass.componentmanager.KernelConfigResolver 71% 79% 64%
com.aws.greengrass.componentmanager.Unarchiver 72% 87% 58%
com.aws.greengrass.componentmanager.ClientConfigurationUtils 0% 0% 0%
com.aws.greengrass.componentmanager.ComponentStore 45% 47% 44%
com.aws.greengrass.componentmanager.ComponentServiceHelper 32% 50% 14%
com.aws.greengrass.componentmanager.DependencyResolver 60% 67% 53%
com.aws.greengrass.componentmanager.ComponentManager 63% 60% 67%
com.aws.greengrass.util.platforms.unix.UnixRunWithGenerator 65% 66% 65%
com.aws.greengrass.util.platforms.unix.UnixPlatform$ShDecorator 75% 100% 50%
com.aws.greengrass.util.platforms.unix.UnixUserAttributes 75% 100% 50%
com.aws.greengrass.util.platforms.unix.UnixPlatform$IdOption 100% 100% 0%
com.aws.greengrass.util.platforms.unix.UnixPlatform 65% 62% 67%
com.aws.greengrass.util.platforms.unix.UnixExec 76% 84% 68%
com.aws.greengrass.util.platforms.unix.UnixGroupAttributes 100% 100% 0%
com.aws.greengrass.util.platforms.unix.QNXPlatform 0% 0% 0%
com.aws.greengrass.util.platforms.unix.UnixPlatform$1 100% 100% 0%
com.aws.greengrass.util.platforms.unix.UnixPlatform$SudoDecorator 76% 89% 62%
com.aws.greengrass.util.platforms.unix.UnixPlatform$PosixFileSystemPermissionView 87% 91% 83%
com.aws.greengrass.util.platforms.unix.DarwinPlatform 0% 0% 0%
com.aws.greengrass.config.UpdateBehaviorTree$PrunedUpdateBehaviorTree 80% 80% 0%
com.aws.greengrass.config.Node 78% 80% 77%
com.aws.greengrass.config.PlatformResolver 36% 47% 25%
com.aws.greengrass.config.ConfigurationReader$1 100% 100% 0%
com.aws.greengrass.config.Configuration 64% 78% 50%
com.aws.greengrass.config.ConfigurationReader 65% 72% 57%
com.aws.greengrass.config.UpdateBehaviorTree 100% 100% 100%
com.aws.greengrass.config.Topic 66% 71% 62%
com.aws.greengrass.config.CaseInsensitiveString 65% 70% 60%
com.aws.greengrass.config.Topics 69% 74% 64%
com.aws.greengrass.config.ConfigurationReader$ConfigurationMode 100% 100% 0%
com.aws.greengrass.config.ConfigurationWriter 74% 71% 77%
com.aws.greengrass.config.WhatHappened 100% 100% 0%
com.aws.greengrass.config.UpdateBehaviorTree$UpdateBehavior 100% 100% 0%
com.aws.greengrass.iot.IotConnectionManager 0% 0% 0%
com.aws.greengrass.iot.IotCloudHelper 0% 0% 0%
com.aws.greengrass.iot.model.IotCloudResponse 0% 0% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapTaskStatus 100% 100% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapSuccessCode 0% 0% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapManager 59% 63% 54%
com.aws.greengrass.deployment.bootstrap.BootstrapManager$1 0% 0% 0%
com.aws.greengrass.deployment.bootstrap.BootstrapTaskStatus$ExecutionStatus 100% 100% 0%
com.aws.greengrass.deployment.model.S3EndpointType 0% 0% 0%
com.aws.greengrass.deployment.model.FailureHandlingPolicy 100% 100% 0%
com.aws.greengrass.deployment.model.DeploymentTask 100% 100% 0%
com.aws.greengrass.deployment.model.RunWith 70% 91% 50%
com.aws.greengrass.deployment.model.DeploymentPackageConfiguration 21% 21% 0%
com.aws.greengrass.deployment.model.DeploymentDocument$SDKSerializer 100% 100% 0%
com.aws.greengrass.deployment.model.Deployment$DeploymentType 100% 100% 0%
com.aws.greengrass.deployment.model.Deployment 72% 70% 75%
com.aws.greengrass.deployment.model.Deployment$DeploymentStage 100% 100% 0%
com.aws.greengrass.deployment.model.DeploymentDocument$SDKDeserializer 20% 20% 0%
com.aws.greengrass.deployment.model.DeploymentTaskMetadata 78% 78% 0%
com.aws.greengrass.deployment.model.DeploymentDocument 91% 100% 83%
com.aws.greengrass.deployment.model.DeploymentResult$DeploymentStatus 100% 100% 0%
com.aws.greengrass.status.FleetStatusService 81% 89% 74%
com.aws.greengrass.status.FleetStatusService$1 16% 16% 0%
com.aws.greengrass.mqttclient.MqttClient$1 12% 12% 0%
com.aws.greengrass.mqttclient.MqttClient$2 100% 100% 0%
com.aws.greengrass.mqttclient.AwsIotMqtt5Client 33% 42% 25%
com.aws.greengrass.mqttclient.PublishRequest 71% 92% 50%
com.aws.greengrass.mqttclient.MqttClient 40% 47% 33%
com.aws.greengrass.mqttclient.WrapperMqttClientConnection 90% 80% 100%
com.aws.greengrass.mqttclient.AwsIotMqttClient 0% 0% 0%
com.aws.greengrass.mqttclient.AwsIotMqttClient$1 0% 0% 0%
com.aws.greengrass.mqttclient.CallbackEventManager 32% 48% 16%
com.aws.greengrass.mqttclient.IotCoreTopicValidator 61% 60% 62%
com.aws.greengrass.mqttclient.MqttTopic 0% 0% 0%
com.aws.greengrass.mqttclient.AwsIotMqtt5Client$1 14% 24% 5%
com.aws.greengrass.mqttclient.IotCoreTopicValidator$Operation 100% 100% 0%
com.aws.greengrass.network.HttpClientProvider 50% 50% 0%
com.aws.greengrass.status.model.FleetStatusDetails 100% 100% 100%
com.aws.greengrass.status.model.OverallStatus 100% 100% 0%
com.aws.greengrass.status.model.Trigger 60% 83% 37%
com.aws.greengrass.status.model.MessageType 75% 83% 66%
com.aws.greengrass.deployment.errorcode.DeploymentErrorCode 100% 100% 0%
com.aws.greengrass.deployment.errorcode.DeploymentErrorCodeUtils 38% 46% 29%
com.aws.greengrass.deployment.errorcode.DeploymentErrorType 100% 100% 0%
com.aws.greengrass.tes.CredentialRequestHandler 0% 0% 0%
com.aws.greengrass.tes.CredentialRequestHandler$TESCache 0% 0% 0%
com.aws.greengrass.tes.HttpServerImpl 0% 0% 0%
com.aws.greengrass.tes.LazyCredentialProvider 12% 12% 0%
com.aws.greengrass.tes.TokenExchangeService 0% 0% 0%
com.aws.greengrass.componentmanager.converter.RecipeLoader 75% 90% 59%
com.aws.greengrass.componentmanager.converter.RecipeLoader$RecipeFormat 100% 100% 0%
com.aws.greengrass.lifecyclemanager.Periodicity 53% 59% 47%
com.aws.greengrass.lifecyclemanager.LogManagerHelper 100% 100% 0%
com.aws.greengrass.lifecyclemanager.UnloadableService 23% 23% 0%
com.aws.greengrass.lifecyclemanager.RunWithPathOwnershipHandler 89% 95% 83%
com.aws.greengrass.lifecyclemanager.KernelAlternatives 16% 19% 14%
com.aws.greengrass.lifecyclemanager.ShellRunner$Default 71% 71% 71%
com.aws.greengrass.lifecyclemanager.GreengrassService 88% 90% 87%
com.aws.greengrass.lifecyclemanager.Lifecycle$DesiredStateUpdatedEvent 100% 100% 0%
com.aws.greengrass.lifecyclemanager.GenericExternalService 66% 70% 62%
com.aws.greengrass.lifecyclemanager.GreengrassService$RunStatus 100% 100% 0%
com.aws.greengrass.lifecyclemanager.Lifecycle 84% 86% 82%
com.aws.greengrass.lifecyclemanager.Kernel 56% 55% 57%
com.aws.greengrass.lifecyclemanager.KernelMetricsEmitter 100% 100% 100%
com.aws.greengrass.lifecyclemanager.Lifecycle$StateEvent 100% 100% 0%
com.aws.greengrass.lifecyclemanager.KernelCommandLine 56% 62% 51%
com.aws.greengrass.lifecyclemanager.GenericExternalService$RunResult 100% 100% 0%
com.aws.greengrass.lifecyclemanager.Kernel$1 0% 0% 0%
com.aws.greengrass.lifecyclemanager.KernelLifecycle 77% 77% 77%
com.aws.greengrass.lifecyclemanager.PluginService 67% 68% 66%
com.aws.greengrass.lifecyclemanager.UpdateSystemPolicyService 85% 85% 85%
com.aws.greengrass.util.platforms.unix.linux.Cgroup 61% 61% 0%
com.aws.greengrass.util.platforms.unix.linux.LinuxSystemResourceController 12% 17% 7%
com.aws.greengrass.util.platforms.unix.linux.LinuxSystemResourceController$CgroupFreezerState 0% 0% 0%
com.aws.greengrass.util.platforms.unix.linux.LinuxPlatform 100% 100% 0%
com.aws.greengrass.deployment.converter.DeploymentDocumentConverter 66% 75% 56%
com.aws.greengrass.ipc.AuthenticationHandler 29% 33% 25%
com.aws.greengrass.ipc.IPCEventStreamService 73% 80% 66%
com.aws.greengrass.jna.Kernel32Ex 0% 0% 0%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$UpdateConfigurationOperationHandler 68% 73% 63%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent 78% 81% 75%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$ConfigurationUpdateOperationHandler 76% 90% 62%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$GetConfigurationOperationHandler 67% 78% 57%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$SendConfigurationValidityReportOperationHandler 78% 90% 66%
com.aws.greengrass.builtin.services.configstore.ConfigStoreIPCEventStreamAgent$ValidateConfigurationUpdatesOperationHandler 95% 95% 0%
com.aws.greengrass.ipc.common.DefaultOperationHandler 0% 0% 0%
com.aws.greengrass.security.SecurityService$DefaultCryptoKeyProvider 24% 23% 25%
com.aws.greengrass.security.SecurityService 37% 50% 25%
com.aws.greengrass.provisioning.ProvisioningPluginFactory 100% 100% 0%
com.aws.greengrass.provisioning.ProvisioningConfigUpdateHelper 75% 100% 50%
com.aws.greengrass.componentmanager.builtins.GreengrassRepositoryDownloader 0% 0% 0%
com.aws.greengrass.componentmanager.builtins.S3Downloader 11% 18% 3%
com.aws.greengrass.componentmanager.builtins.ArtifactDownloaderFactory 53% 64% 42%
com.aws.greengrass.componentmanager.builtins.ArtifactDownloader 17% 23% 11%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$UpdateStateOperationHandler 60% 60% 0%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$DeferComponentUpdateHandler 88% 88% 0%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent 54% 53% 56%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$SubscribeToComponentUpdateOperationHandler 55% 61% 50%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$PauseComponentHandler 0% 0% 0%
com.aws.greengrass.builtin.services.lifecycle.LifecycleIPCEventStreamAgent$ResumeComponentHandler 0% 0% 0%
com.aws.greengrass.builtin.services.pubsub.PubSubIPCEventStreamAgent$PublishToTopicOperationHandler 70% 90% 50%
com.aws.greengrass.builtin.services.pubsub.SubscriptionTrie 70% 76% 64%
com.aws.greengrass.builtin.services.pubsub.PubSubIPCEventStreamAgent 66% 73% 58%
com.aws.greengrass.builtin.services.pubsub.PubSubIPCEventStreamAgent$SubscribeToTopicOperationHandler 97% 95% 100%
com.aws.greengrass.telemetry.MetricsPayload 100% 100% 0%
com.aws.greengrass.telemetry.MetricsAggregator 79% 86% 72%
com.aws.greengrass.telemetry.MetricsAggregator$1 100% 100% 0%
com.aws.greengrass.telemetry.AggregatedMetric 100% 100% 0%
com.aws.greengrass.telemetry.TelemetryAgent 59% 71% 48%
com.aws.greengrass.telemetry.TelemetryConfiguration 32% 54% 10%
com.aws.greengrass.telemetry.PeriodicMetricsEmitter 100% 100% 0%
com.aws.greengrass.telemetry.TelemetryAgent$1 20% 20% 0%
com.aws.greengrass.telemetry.SystemMetricsEmitter 100% 100% 100%
com.aws.greengrass.deployment.DeploymentConfigMerger 76% 76% 76%
com.aws.greengrass.deployment.IotJobsHelper$IotJobsClientFactory 100% 100% 0%
com.aws.greengrass.deployment.DeploymentConfigMerger$AggregateServicesChangeManager 76% 73% 78%
com.aws.greengrass.deployment.DeviceConfiguration 70% 75% 66%
com.aws.greengrass.deployment.DeploymentDocumentDownloader 17% 17% 0%
com.aws.greengrass.deployment.DeploymentQueue 61% 67% 55%
com.aws.greengrass.deployment.DeploymentService 67% 68% 65%
com.aws.greengrass.deployment.IotJobsHelper$LatestQueuedJobs 19% 19% 0%
com.aws.greengrass.deployment.KernelUpdateDeploymentTask 0% 0% 0%
com.aws.greengrass.deployment.DynamicComponentConfigurationValidator 84% 82% 87%
com.aws.greengrass.deployment.DefaultDeploymentTask 65% 72% 57%
com.aws.greengrass.deployment.DeploymentDirectoryManager 63% 77% 50%
com.aws.greengrass.deployment.IotJobsHelper$WrapperMqttConnectionFactory 100% 100% 0%
com.aws.greengrass.deployment.IotJobsHelper 36% 44% 29%
com.aws.greengrass.deployment.IotJobsHelper$1 14% 14% 0%
com.aws.greengrass.deployment.ThingGroupHelper 27% 37% 16%
com.aws.greengrass.deployment.ShadowDeploymentListener 33% 46% 21%
com.aws.greengrass.deployment.ShadowDeploymentListener$1 14% 14% 0%
com.aws.greengrass.deployment.DeploymentStatusKeeper 82% 92% 71%
com.aws.greengrass.deployment.IotJobsClientWrapper 35% 41% 30%
com.aws.greengrass.util.orchestration.SystemServiceUtilsFactory 0% 0% 0%
com.aws.greengrass.util.orchestration.ProcdUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.SystemServiceUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.InitUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.SystemdUtils 0% 0% 0%
com.aws.greengrass.util.orchestration.WinswUtils 0% 0% 0%
com.aws.greengrass.testing.TestFeatureParameters 83% 100% 66%
com.aws.greengrass.testing.TestFeatureParameters$1 100% 100% 0%
com.aws.greengrass.ipc.modules.PubSubIPCService 81% 81% 0%
com.aws.greengrass.ipc.modules.AuthorizationService 100% 100% 0%
com.aws.greengrass.ipc.modules.ComponentMetricIPCService 76% 76% 0%
com.aws.greengrass.ipc.modules.MqttProxyIPCService 78% 78% 0%
com.aws.greengrass.ipc.modules.LifecycleIPCService 86% 86% 0%
com.aws.greengrass.ipc.modules.ConfigStoreIPCService 100% 100% 0%
com.aws.greengrass.easysetup.GreengrassSetup 0% 0% 0%
com.aws.greengrass.easysetup.DeviceProvisioningHelper 0% 0% 0%

Minimum allowed coverage is 58%

Generated by 🐒 cobertura-action against b15e9e6

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants