-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature/alec 178 #59
Feature/alec 178 #59
Conversation
features/deeplearning/src/main/java/org/opennms/features/deeplearning/shell/LoadModel.java
Outdated
Show resolved
Hide resolved
engine/deeplearning/src/main/java/org/opennms/alec/engine/deeplearning/TFModel.java
Outdated
Show resolved
Hide resolved
engine/dbscan/src/main/java/org/opennms/alec/engine/dbscan/DBScanEngineFactory.java
Outdated
Show resolved
Hide resolved
o Expanding archive files without controlling resource consumption is security-sensitive https://sonarcloud.io/organizations/opennms/rules?open=java%3AS5042&rule_key=java%3AS5042 ALEC-178
- Make sure publicly writable directories are used safely here. java:S5443 - Generic exceptions should never be thrown ALEC-178
- use of System.out intentionally in Karaf shell commands so that they show up in console output. LOGs aren't ideal here. - avoid adding a new checked exception here. This add a bunch of boilerplate, and can now lead to an NPE in calls to createEngine. - use java.io.tmpdir to avoid sonar java:S5443 (Make sure publicly writable directories are used safely here.) ALEC-178
9319127
to
75fb018
Compare
ALEC-178
engine/deeplearning/src/main/java/org/opennms/alec/engine/deeplearning/ClasspathUtils.java
Outdated
Show resolved
Hide resolved
engine/deeplearning/src/main/java/org/opennms/alec/engine/deeplearning/ClasspathUtils.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me other than a few minor comments
o fix comment at wrong line o filename could be set before the loop o all the zip entries are retrieved from the jarConnection, the if statement is redundant ALEC-178
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks for the updates
Sonar Cloud Security Grade A - Figure out What We Need to Fix and Report the List