You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@daffodil.apache.org by "Mike Beckerle (Jira)" <ji...@apache.org> on 2020/01/28 18:41:00 UTC
[jira] [Commented] (DAFFODIL-2272) Address Findings from Trial
Sonarqube Run
[ https://issues.apache.org/jira/browse/DAFFODIL-2272?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17025368#comment-17025368 ]
Mike Beckerle commented on DAFFODIL-2272:
-----------------------------------------
So how would we get a file and line number and any other details about each of these detections?
> Address Findings from Trial Sonarqube Run
> -----------------------------------------
>
> Key: DAFFODIL-2272
> URL: https://issues.apache.org/jira/browse/DAFFODIL-2272
> Project: Daffodil
> Issue Type: Improvement
> Reporter: Olabusayo Kilo
> Priority: Major
>
> h4. Bugs (10)
> * Branches in conditional structure with same implementation (4)
> ** 1 is false positive
> ** 2 are code smells
> ** 1 is bug
> * DBI: Double Brace Initialization (1)
> * Attempt to write class that isn’t serializable
> * Arrays.toString bug (3) in test udfs
> * Unused return val (1) in test udfs
> h4. Vulnerabilities (4)
> * Class variable field with public accessibility
> * Publicly mutable enum fields
> h4. Code Smells (5.6k)
> * Critical (469)
> ** Duplicated string literals (316: Scala + 9: Java)
> ** Empty methods with no comments explaining why (73: Scala + 1: Java)
> ** Code with high cognitive complexity (58)
> ** Non-compliant constant and enum names (11)
> ** Switch statement with no default (1)
> * Major (625)
> ** Commented out code (478: Scala + 32: XML + 3: Java)
> ** Collapsible if statements (22: Scala)
> ** Address FIXMEs (22: Scala)
> ** Unused function parameter (14)
> ** Function with too many parameters (13)
> ** Conditional branches of code with same implementation (13)
> ** Match statement with too many cases (6)
> ** Missing override annotation over function (5)
> ** Methods with duplicate code (5: Scala + 3: Java)
> ** Generic exception thrown (3)
> ** Unused Private Methods (2)
> ** Useless assignment to local variable (1)
> ** Returning null instead of empty collection (1)
> ** Not using static class initializers/constructor (1)
> ** Empty conditional blocks of code (1)
> * Minor (4.3k)
> ** Non-compliant method names (4.1k: Scala + 3: Java)
> ** Non-compliant local variables and function parameters (64)
> ** Non-compliant package names (23)
> ** Non-compliant class names (7)
> ** Redundant Boolean literals (45)
> ** Unused local variables (22)
> ** Not using diamond operator (9)
> ** Empty comments (5)
> ** Declaring and immediately returning local variable (3)
> ** Using inverted Boolean checks (3)
> ** Throws declaration of runtime exceptions (2)
> ** Packages with only “package-info.java” (2)
> ** Switch statement instead of if resulting in decreased readability
> ** Abstract class instead of interface (1)
> ** size instead of .isEmpty (1)
> ** Improper modifier order (1)
> ** Check cross-platform compatibility of hardcoded URIs (1)
> * Info (195)
> ** Track TODO tags (193: Scala + 2: Java)
> h4. Security Hotspots (3)
> * Verify command line args are safe and sanitized
> * Verify hashing is secure
> * Verify deserialization of object is secure
--
This message was sent by Atlassian Jira
(v8.3.4#803005)