Fortify issue — Dead Code unused
Abstract:
The field X is never used.
Explanation:
This field is never accessed, except perhaps by dead code. Dead code is defined as code that is never directly or indirectly executed by a public method. It is likely that the field is simply vestigial, but it is also possible that the unused field points out a bug.
Example 1:
The field named glue is not used in the following class. The author of the class has accidentally put quotes around the field name, transforming it into a string constant.
public class Dead {
String glue;
public String getGlue() {
return "glue";}}
Example 2:
The field named glue is used in the following class, but only from a method that is never called.
public class Dead {
String glue;
private String getGlue() {
return glue;
}
}
Recommendations:
In general, you should repair or remove dead code. To repair dead code, execute the dead code directly or indirectly through a public method. Dead code causes additional complexity and maintenance burden without contributing to the functionality of the program.
Tip:
Avoid having unused code or unused variable in the class
credits :
Fortify documentation
image from softwaretesttips website