You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@daffodil.apache.org by "Olabusayo Kilo (Jira)" <ji...@apache.org> on 2020/01/28 15:42:00 UTC
[jira] [Updated] (DAFFODIL-2272) Address Findings from Trial
Sonarqube Run
[ https://issues.apache.org/jira/browse/DAFFODIL-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Olabusayo Kilo updated DAFFODIL-2272:
-------------------------------------
Description:
h4. Bugs (10)
* Branches in conditional structure with same implementation (4)
** 1 is false positive
** 2 are code smells
** 1 is bug
* DBI: Double Brace Initialization (1)
* Attempt to write class that isn’t serializable
* Arrays.toString bug (3) in test udfs
* Unused return val (1) in test udfs
h4. Vulnerabilities (4)
* Class variable field with public accessibility
* Publicly mutable enum fields
h4. Code Smells (5.6k)
* Critical (469)
** Duplicated string literals (316: Scala + 9: Java)
** Empty methods with no comments explaining why (73: Scala + 1: Java)
** Code with high cognitive complexity (58)
** Non-compliant constant and enum names (11)
** Switch statement with no default (1)
* Major (625)
** Commented out code (478: Scala + 32: XML + 3: Java)
** Collapsible if statements (22: Scala)
** Address FIXMEs (22: Scala)
** Unused function parameter (14)
** Function with too many parameters (13)
** Conditional branches of code with same implementation (13)
** Match statement with too many cases (6)
** Missing override annotation over function (5)
** Methods with duplicate code (5: Scala + 3: Java)
** Generic exception thrown (3)
** Unused Private Methods (2)
** Useless assignment to local variable (1)
** Returning null instead of empty collection (1)
** Not using static class initializers/constructor (1)
** Empty conditional blocks of code (1)
* Minor (4.3k)
** Non-compliant method names (4.1k: Scala + 3: Java)
** Non-compliant local variables and function parameters (64)
** Non-compliant package names (23)
** Non-compliant class names (7)
** Redundant Boolean literals (45)
** Unused local variables (22)
** Not using diamond operator (9)
** Empty comments (5)
** Declaring and immediately returning local variable (3)
** Using inverted Boolean checks (3)
** Throws declaration of runtime exceptions (2)
** Packages with only “package-info.java” (2)
** Switch statement instead of if resulting in decreased readability
** Abstract class instead of interface (1)
** size instead of .isEmpty (1)
** Improper modifier order (1)
** Check cross-platform compatibility of hardcoded URIs (1)
* Info (195)
** Track TODO tags (193: Scala + 2: Java)
h4. Security Hotspots (3)
* Verify command line args are safe and sanitized
* Verify hashing is secure
* Verify deserialization of object is secure
was:
h4. Bugs (10)
* Branches in conditional structure with same implementation (4)
** 1 is false positive
** 2 are code smells
** 1 is bug
* DBI: Double Brace Initialization (1)
* Attempt to write class that isn’t serializable
* toString bug (3) in test udfs
* Unused return val (1) in test udfs
h4. Vulnerabilities (4)
* Class variable field with public accessibility
* Publicly mutable enum fields
h4. Code Smells (5.6k)
* Critical (469)
** Duplicated string literals (316: Scala + 9: Java)
** Empty methods with no comments explaining why (73: Scala + 1: Java)
** Code with high cognitive complexity (58)
** Non-compliant constant and enum names (11)
** Switch statement with no default (1)
* Major (625)
** Commented out code (478: Scala + 32: XML + 3: Java)
** Collapsible if statements (22: Scala)
** Address FIXMEs (22: Scala)
** Unused function parameter (14)
** Function with too many parameters (13)
** Conditional branches of code with same implementation (13)
** Match statement with too many cases (6)
** Missing override annotation over function (5)
** Methods with duplicate code (5: Scala + 3: Java)
** Generic exception thrown (3)
** Unused Private Methods (2)
** Useless assignment to local variable (1)
** Returning null instead of empty collection (1)
** Not using static class initializers/constructor (1)
** Empty conditional blocks of code (1)
* Minor (4.3k)
** Non-compliant method names (4.1k: Scala + 3: Java)
** Non-compliant local variables and function parameters (64)
** Non-compliant package names (23)
** Non-compliant class names (7)
** Redundant Boolean literals (45)
** Unused local variables (22)
** Not using diamond operator (9)
** Empty comments (5)
** Declaring and immediately returning local variable (3)
** Using inverted Boolean checks (3)
** Throws declaration of runtime exceptions (2)
** Packages with only “package-info.java” (2)
** Switch statement instead of if resulting in decreased readability
** Abstract class instead of interface (1)
** size instead of .isEmpty (1)
** Improper modifier order (1)
** Check cross-platform compatibility of hardcoded URIs (1)
* Info (195)
** Track TODO tags (193: Scala + 2: Java)
h4. Security Hotspots (3)
* Verify command line args are safe and sanitized
* Verify hashing is secure
* Verify deserialization of object is secure
> Address Findings from Trial Sonarqube Run
> -----------------------------------------
>
> Key: DAFFODIL-2272
> URL: https://issues.apache.org/jira/browse/DAFFODIL-2272
> Project: Daffodil
> Issue Type: Improvement
> Reporter: Olabusayo Kilo
> Priority: Major
>
> h4. Bugs (10)
> * Branches in conditional structure with same implementation (4)
> ** 1 is false positive
> ** 2 are code smells
> ** 1 is bug
> * DBI: Double Brace Initialization (1)
> * Attempt to write class that isn’t serializable
> * Arrays.toString bug (3) in test udfs
> * Unused return val (1) in test udfs
> h4. Vulnerabilities (4)
> * Class variable field with public accessibility
> * Publicly mutable enum fields
> h4. Code Smells (5.6k)
> * Critical (469)
> ** Duplicated string literals (316: Scala + 9: Java)
> ** Empty methods with no comments explaining why (73: Scala + 1: Java)
> ** Code with high cognitive complexity (58)
> ** Non-compliant constant and enum names (11)
> ** Switch statement with no default (1)
> * Major (625)
> ** Commented out code (478: Scala + 32: XML + 3: Java)
> ** Collapsible if statements (22: Scala)
> ** Address FIXMEs (22: Scala)
> ** Unused function parameter (14)
> ** Function with too many parameters (13)
> ** Conditional branches of code with same implementation (13)
> ** Match statement with too many cases (6)
> ** Missing override annotation over function (5)
> ** Methods with duplicate code (5: Scala + 3: Java)
> ** Generic exception thrown (3)
> ** Unused Private Methods (2)
> ** Useless assignment to local variable (1)
> ** Returning null instead of empty collection (1)
> ** Not using static class initializers/constructor (1)
> ** Empty conditional blocks of code (1)
> * Minor (4.3k)
> ** Non-compliant method names (4.1k: Scala + 3: Java)
> ** Non-compliant local variables and function parameters (64)
> ** Non-compliant package names (23)
> ** Non-compliant class names (7)
> ** Redundant Boolean literals (45)
> ** Unused local variables (22)
> ** Not using diamond operator (9)
> ** Empty comments (5)
> ** Declaring and immediately returning local variable (3)
> ** Using inverted Boolean checks (3)
> ** Throws declaration of runtime exceptions (2)
> ** Packages with only “package-info.java” (2)
> ** Switch statement instead of if resulting in decreased readability
> ** Abstract class instead of interface (1)
> ** size instead of .isEmpty (1)
> ** Improper modifier order (1)
> ** Check cross-platform compatibility of hardcoded URIs (1)
> * Info (195)
> ** Track TODO tags (193: Scala + 2: Java)
> h4. Security Hotspots (3)
> * Verify command line args are safe and sanitized
> * Verify hashing is secure
> * Verify deserialization of object is secure
--
This message was sent by Atlassian Jira
(v8.3.4#803005)