NUTCH-3161 Address Sonarcloud High and Medium Security Hotspots

[lewismc]

PR to address NUTCH-3161. This patch addresses following Security Hotspota

High

(false positives): Exclude plugin resource directories from analysis in sonar-project.properties. No Java code lives in conf, data, or sample under src/plugin/**, so these paths are excluded from scanning., and

Medium

• ParseOutputFormat (src/java/.../ParseOutputFormat.java): Replace regex " *, *" for db.parsemeta.to.crawldb with comma-split + trim in getParseMetaToCrawlDBKeys(). Add TestParseOutputFormat with tests for empty, single, comma-separated, trim, and empty-segment handling.
• HtmlParser (parse-html plugin): Remove metaPattern, charsetPattern, and charsetPatternHTML5. Use linear string parsing in extractCharsetFromMeta() / extractCharsetValue() for HTML4 and HTML5 meta charset detection. Add testExtractCharsetFromMeta in existing TestHtmlParser.
• JSParseFilter (parse-js plugin): Remove STRING_PATTERN and URI_PATTERN. Use extractQuotedStrings() and looksLikeUri() (linear scan / simple checks). Add testExtractQuotedStrings and testLooksLikeUri in existing TestJSParseFilter.
• UrlValidator (urlfilter-validator plugin): Remove URL_PATTERN and AUTHORITY_PATTERN. Use java.net.URI for URL structure and parseAuthority() for host/port. Remove unused isBlankOrNull. Add testParseAuthority in existingTestUrlValidator.

Thanks for any review.

[lewismc]

Confirmed this PR addresses the security hotspots and passes tests.

[sonarqubecloud]

Quality Gate failed

Failed conditions
62.6% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud