Re: [PR] [Improvement-17570][Task-Plugin] Use protoc in gRPC Task Plugin [dolphinscheduler]

Tue, 11 Nov 2025 06:39:18 -0800 


github-advanced-security[bot] commented on code in PR #17603:
URL: 
https://github.com/apache/dolphinscheduler/pull/17603#discussion_r2514488320


##########
dolphinscheduler-task-plugin/dolphinscheduler-task-grpc/src/main/java/org/apache/dolphinscheduler/plugin/task/grpc/protofactory/ProtoFactory.java:
##########
@@ -0,0 +1,25 @@
+package org.apache.dolphinscheduler.plugin.task.grpc.protofactory;
+import com.github.os72.protocjar.Protoc;
+import com.google.protobuf.DescriptorProtos;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+
+public class ProtoFactory {
+    public static void runProtoc(String[] args) throws IOException, 
InterruptedException {
+
+//        String[] args = {"-v2.4.1", "--help"};
+        Protoc.runProtoc(args);
+    }
+
+    public static void loadDescFile() throws IOException {
+        final FileInputStream fileInputStream = new 
FileInputStream("directory/descriptors.dsc");

Review Comment:
   ## Potential input resource leak
   
   This FileInputStream is not always closed on method exit.
   
   [Show more 
details](https://github.com/apache/dolphinscheduler/security/code-scanning/5582)



##########
dolphinscheduler-task-plugin/dolphinscheduler-task-grpc/src/main/java/org/apache/dolphinscheduler/plugin/task/grpc/protofactory/ProtoFactory.java:
##########
@@ -0,0 +1,25 @@
+package org.apache.dolphinscheduler.plugin.task.grpc.protofactory;
+import com.github.os72.protocjar.Protoc;
+import com.google.protobuf.DescriptorProtos;
+
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+
+public class ProtoFactory {
+    public static void runProtoc(String[] args) throws IOException, 
InterruptedException {
+
+//        String[] args = {"-v2.4.1", "--help"};
+        Protoc.runProtoc(args);
+    }
+
+    public static void loadDescFile() throws IOException {
+        final FileInputStream fileInputStream = new 
FileInputStream("directory/descriptors.dsc");
+        final DescriptorProtos.FileDescriptorSet descriptorSet = 
DescriptorProtos.FileDescriptorSet.parseFrom(fileInputStream);
+
+        for (DescriptorProtos.FileDescriptorProto fileDescriptor : 
descriptorSet.getFileList()) {

Review Comment:
   ## Unread local variable
   
   Variable 'FileDescriptorProto fileDescriptor' is never read.
   
   [Show more 
details](https://github.com/apache/dolphinscheduler/security/code-scanning/5583)



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to