StringBuilder

core/src/main/java/hudson/FilePath.java

@@ -2730,12 +2730,12 @@ public String invoke(File dir, VirtualChannel channel) throws IOException, Inter
                                 //
                                 // this is not a very efficient/clever way to do it, but it's relatively simple
 
-                                String prefix="";
+                                StringBuilder prefix = new StringBuilder();
                                 while(true) {
                                     int idx = findSeparator(f);
                                     if(idx==-1)     break;
 
-                                    prefix+=f.substring(0,idx)+'/';
+                                    prefix.append(f.substring(0, idx)).append('/');
                                     f=f.substring(idx+1);
                                     if(hasMatch(dir,prefix+fileMask,caseSensitive))
                                         return Messages.FilePath_validateAntFileMask_doesntMatchAndSuggest(fileMask, prefix+fileMask);

core/src/main/java/hudson/security/TokenBasedRememberMeServices2.java

@@ -276,9 +276,11 @@ private String findRememberMeCookieValue(HttpServletRequest request, HttpServlet
      * @return the decoded base64 of the cookie or {@code null} if the value was not correctly encoded
      */
     private @CheckForNull String decodeCookieBase64(@Nonnull String base64EncodedValue){
-        for (int j = 0; j < base64EncodedValue.length() % 4; j++) {
-            base64EncodedValue = base64EncodedValue + "=";
+        StringBuilder base64EncodedValueBuilder = new StringBuilder(base64EncodedValue);
+        for (int j = 0; j < base64EncodedValueBuilder.length() % 4; j++) {
+            base64EncodedValueBuilder.append("=");
         }
+        base64EncodedValue = base64EncodedValueBuilder.toString();
 
         try {
             // any charset should be fine but better safe than sorry

core/src/main/java/hudson/util/FormFieldValidator.java

@@ -540,18 +540,19 @@ protected void check() throws IOException, ServletException {
             } else {
                 // look in PATH
                 String path = EnvVars.masterEnvVars.get("PATH");
-                String tokenizedPath = "";
+                String tokenizedPath;
                 String delimiter = null;
                 if(path!=null) {
+                    StringBuilder tokenizedPathBuilder = new StringBuilder();
                     for (String _dir : Util.tokenize(path.replace("\\", "\\\\"),File.pathSeparator)) {
                         if (delimiter == null) {
                           delimiter = ", ";
                         }
                         else {
-                          tokenizedPath += delimiter;
+                          tokenizedPathBuilder.append(delimiter);
                         }
 
-                        tokenizedPath += _dir.replace('\\', '/');
+                        tokenizedPathBuilder.append(_dir.replace('\\', '/'));
 
                         File dir = new File(_dir);
 
@@ -567,8 +568,8 @@ protected void check() throws IOException, ServletException {
                             return;
                         }
                     }
-
-                    tokenizedPath += ".";
+                    tokenizedPathBuilder.append('.');
+                    tokenizedPath = tokenizedPathBuilder.toString();
                 }
                 else {
                   tokenizedPath = "unavailable.";

core/src/main/java/hudson/util/FormValidation.java

@@ -351,18 +351,19 @@ public static FormValidation validateExecutable(String exe, FileValidator exeVal
 
         // look in PATH
         String path = EnvVars.masterEnvVars.get("PATH");
-        String tokenizedPath = "";
+        String tokenizedPath;
         String delimiter = null;
         if(path!=null) {
+            StringBuilder tokenizedPathBuilder = new StringBuilder();
             for (String _dir : Util.tokenize(path.replace("\\", "\\\\"),File.pathSeparator)) {
                 if (delimiter == null) {
                   delimiter = ", ";
                 }
                 else {
-                  tokenizedPath += delimiter;
+                  tokenizedPathBuilder.append(delimiter);
                 }
 
-                tokenizedPath += _dir.replace('\\', '/');
+                tokenizedPathBuilder.append(_dir.replace('\\', '/'));
 
                 File dir = new File(_dir);
 
@@ -372,8 +373,9 @@ public static FormValidation validateExecutable(String exe, FileValidator exeVal
                 File fexe = new File(dir,exe+".exe");
                 if(fexe.exists())   return exeValidator.validate(fexe);
             }
+            tokenizedPathBuilder.append('.');
 
-            tokenizedPath += ".";
+            tokenizedPath = tokenizedPathBuilder.toString();
         } else {
             tokenizedPath = "unavailable.";
         }

core/src/main/java/jenkins/security/s2m/AdminWhitelistRule.java

@@ -160,19 +160,19 @@ public boolean checkFileAccess(String op, File f) {
 
     @RequirePOST
     public HttpResponse doSubmit(StaplerRequest req) throws IOException {
-        String whitelist = Util.fixNull(req.getParameter("whitelist"));
-        if (!whitelist.endsWith("\n"))
-            whitelist+="\n";
+        StringBuilder whitelist = new StringBuilder(Util.fixNull(req.getParameter("whitelist")));
+        if (whitelist.charAt(whitelist.length() - 1) != '\n')
+            whitelist.append("\n");
 
         Enumeration e = req.getParameterNames();
         while (e.hasMoreElements()) {
             String name = (String) e.nextElement();
             if (name.startsWith("class:")) {
-                whitelist += name.substring(6)+"\n";
+                whitelist.append(name.substring(6)).append("\n");
             }
         }
 
-        whitelisted.set(whitelist);
+        whitelisted.set(whitelist.toString());
 
         String newRules = Util.fixNull(req.getParameter("filePathRules"));
         filePathRules.parseTest(newRules);  // test first before writing a potentially broken rules