You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Joe Bowser (JIRA)" <ji...@apache.org> on 2017/07/25 18:02:02 UTC
[jira] [Resolved] (CB-11391) cordova-plugin-whitelist Android does
not pass sonarqube scan
[ https://issues.apache.org/jira/browse/CB-11391?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joe Bowser resolved CB-11391.
-----------------------------
Resolution: Won't Fix
If I understand this, this is a false positive on the scan, and everything is fine, so I'll close this one for now. If I'm wrong, feel free to re-open it.
BTW: Security Audit Tools will often give false positives, but unlike ones that complain about addJavascriptInterface or our lack of ProGuard (because Plugins/Reflection), we might be able to tweak this. Let me know if this makes sense to tweak or not.
> cordova-plugin-whitelist Android does not pass sonarqube scan
> -------------------------------------------------------------
>
> Key: CB-11391
> URL: https://issues.apache.org/jira/browse/CB-11391
> Project: Apache Cordova
> Issue Type: Bug
> Components: cordova-plugin-whitelist
> Affects Versions: Master
> Environment: Android
> Reporter: Rob Close
> Priority: Minor
> Fix For: Master
>
>
> The Android whitelist plugin does not pass sonarqube (http://www.sonarqube.org/) scan.
> The problem is "Correctness - Suspicious reference comparison of Boolean values", which sonarqube considers major.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org