You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@fineract.apache.org by "Michael Vorburger (Jira)" <ji...@apache.org> on 2020/05/10 12:17:00 UTC
[jira] [Commented] (FINERACT-967) lgtm.com Security Vulnerability
Assessment Scanning
[ https://issues.apache.org/jira/browse/FINERACT-967?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17103769#comment-17103769 ]
Michael Vorburger commented on FINERACT-967:
--------------------------------------------
I expect some of the alert here (on lgtm.com) will naturally overlap with what will be found in FINERACT-969 - that's fine.
> lgtm.com Security Vulnerability Assessment Scanning
> ---------------------------------------------------
>
> Key: FINERACT-967
> URL: https://issues.apache.org/jira/browse/FINERACT-967
> Project: Apache Fineract
> Issue Type: Improvement
> Components: Security
> Reporter: Michael Vorburger
> Priority: Major
> Labels: technical
>
> https:///projects/g/apache/fineract/ is pretty "interesting"... ;-)
> 368 alerts: 69 Errors, 251Warnings, 48 Recommendations
> Let's do something about this? :P
> FINERACT-854 for FINERACT-853 should address some of the issues raised there. Let's first do that, and then look at this again. Whatever is left, we ideally should not just fix it "one off", but find (or make?!) automated code scan quality tools which detect those issues - and make sure that we don not re-introduce them again over time.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)