Call to 'Runtime.exec()' with non-constant string
Reports calls to
java.lang.Runtime.exec() which take a dynamically-constructed string as the command to execute.
Constructed execution strings are a common source of security breaches. By default, this inspection ignores compile-time constants.
Use the inspection settings to consider any
final fields as constant. Be careful, because strings like the following will be ignored when the option is enabled:
Consider 'static final' fields constant
IntelliJ IDEA 2023.3, Qodana for JVM 2023.3