Master merge SEI_CERT_MET01_J #16
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…tions to v2.20.0 (spotbugs#2452) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…bugs#2453) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…gs#2437) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…#2454) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…10 (spotbugs#2451) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
* Added the messages.xml and findbugs.xml components for my first checker. * Added the messages.xml and findbugs.xml components for my first checker. Added Checker as well. * Added the messages.xml and findbugs.xml components for my first checker. Added Checker as well. Added test cases calsses. * Added the messages.xml and findbugs.xml components for my first checker. Added Checker as well. Added test cases calsses. Added test class (JUnit) as well. * Added the messages.xml and findbugs.xml components for my first checker. Added Checker as well. Added test cases calsses. Added test class (JUnit) as well. Edited the Changelog.md. * Added the messages.xml and findbugs.xml components for my first checker. Added Checker as well. Added test cases calsses. Added test class (JUnit) as well. Edited the Changelog.md. Fixed the formatting issues as well. * Apply 1 suggestion(s) to 1 file(s) * Apply 1 suggestion(s) to 1 file(s) * Resolved many comments on merge request. * Added the license and Javadoc for checker class. * Don't report for stream methods called on Random If one of the stream-returning methods (doubles, ints, or longs) is called on Random or SecureRandom, don't report that the Random was only used once Fixes spotbugs#2370 * fix(deps): update dependency checkstyle to v7.8.2 (spotbugs#2373) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.mockito:mockito-core to v5.2.0 (spotbugs#2376) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.apache.groovy:groovy-all to v4.0.10 (spotbugs#2377) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.slf4j:slf4j-api to v2.0.7 (spotbugs#2381) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency net.sf.saxon:saxon-he to v12.1 (spotbugs#2385) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update plugin com.github.spotbugs to v5.0.14 (spotbugs#2386) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.springframework:spring-core to v6.0.7 (spotbugs#2383) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update plugin com.gradle.enterprise to v3.12.5 (spotbugs#2382) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency joda-time:joda-time to v2.12.4 (spotbugs#2387) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update plugin com.gradle.enterprise to v3.12.6 (spotbugs#2390) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update asm to v9.5 (spotbugs#2391) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency joda-time:joda-time to v2.12.5 (spotbugs#2393) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.apache.groovy:groovy-all to v4.0.11 (spotbugs#2394) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Issue 543 (spotbugs#2395) * Issue-543 Store Java class annotation names to PackageMemberAnnotations * Issue-543 Store Java class annotation names to PackageMemberAnnotations * Issue-543 Add AnnotationMatcher for filtering (with test cases) * Issue-543 Extend SAX handler for AnnotationMatcher and classjas attr * Issue-543 Fix whitespaces * Issue-543 Add CHANGELOG entry * Issue-543 Make compatible with Java 1.8 * Issue-543 Extract code to addJavaAnnotationNames method * Issue-543 Update filter file xml schema * Issue-543 Run spotlessApply * Issue-543 Fix AnnotationMatcherTest * Issue-543 Fix file header comments * Issue-543 Use MethodHandles for logger * Issue 543 Fix documentation * Issue 543 Combine expressions when getting annotation type * Issue 543 Rename attribute classjas to classAnnotationNames * Issue-543 Fix whitespaces * Issue-543: Fix typo --------- Co-authored-by: Philipp Sadler <philipp.sadler@gebit.de> * fix(deps): update dependency jacoco to v0.8.9 (spotbugs#2398) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.checkerframework:checker-qual to v3.33.0 (spotbugs#2399) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.mockito:mockito-core to v5.3.0 (spotbugs#2403) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.springframework:spring-core to v6.0.8 (spotbugs#2405) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update plugin com.gradle.enterprise to v3.13 (spotbugs#2404) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * minor: make private class final with default constructor (spotbugs#2407) * chore(deps): update plugin org.ajoberstar.grgit to v5.1.0 (spotbugs#2409) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * fix(deps): update dependency org.mockito:mockito-core to v5.3.1 (spotbugs#2408) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(deps): update plugin org.ajoberstar.grgit to v5.2.0 (spotbugs#2411) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * Changed the implementation of testing classes entirely. * Added Javadoc for testing files. * Made changes for second time review comments. * Fixed the CHANGELOG.md and added the solution in the bug reporting message. * Fixed the extra boolean parameter in helping function for testing. * Separated the class addClass and addMethod in the bug reporting. * Fixed the package naming convention. * Added comments for detector thought process, improved it's efficiency. * Tried to fix white space issues in findbugs.xml * Fixed some white space issues causing the pipeline to fail. * Added the exact source line number in the detector. * White space correction. * Fixed new lines in finbugs.xml Improved commenting in the sawOpCode() method and removed the sourceline remoting as it yeilds wrong results for large results. * Removed always true evident null check in sawOpCode(). * Fixed source line annotation. Added another class "COmmandMap". This class is actually one of th etest cases of large repo. I added it to verify the correction of reported exact source line number. * Made the bug type local variable in JUnit testing class method `createBugInstanceMatcher`. * Fixed the CHANGELOG.md formatting errors. * Implemented a null check on variable `met` in another detector `ReflectionIncreaseAccessibility` in `sawOpCode()` method. * deleted the temporary test case file. Refactored teh xMethod Variable. * DOn't see it. * Implemented the null check on `met` variable in another checker `ReflectionIncreaseAccessibility.java` class. * Added many good and bad test cases. * Improved and added new assertions in the Junit testing. * Improved the implementation of checker. It has changed totally. Now it is very efficient. * Changed the message reported in consistent with the new implementation of the checker. * Fixing white spaces. * Removed teh commented out lines. * Done! * Done! * Implemented new test cases in `FindVulnerableSecurityCheckMethodsTest.java` * Implemented new test cases in `GoodVulnerableSecurityCheckMethodsTest.java` * Implemented user defined `SecurityManager` required for some test cases. * Implemented Junit tests for the newly added test cases. * Fixed the comments. Fixed bug reporting message. * I don't know where these changes came form automatically. * Removed the commented out lines. Fixed the private methods with 1 usage only. * Revert "I don't know where these changes came form automatically." This reverts commit e8f89d4. * Reverted the Null Pointer Exception. * Refactored the name of the testing class as per conventions. * Refactored the bug type in all the related files. * Refactored the bug type in all the `CHANGELOG.md` --------- Co-authored-by: Judit Knoll <judit.knoll@sigmatechnology.com> Co-authored-by: Mike Dillon <mike@appropriate.io> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Carsten Pfeiffer <cpfeiffer@users.noreply.github.com> Co-authored-by: Philipp Sadler <philipp.sadler@gebit.de> Co-authored-by: Kevin222004 <97679350+Kevin222004@users.noreply.github.com>
Co-authored-by: Jonathan Hoelzel <Jonathan.Hoelzel@imc.com>
* LCK01 - Do not sync on reused or shared objects * Changelog updated --------- Co-authored-by: Jeremy Landis <jeremylandis@hotmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
…potbugs#2457) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Judit Knoll <judit.knoll@sigmatechnology.com>
# Conflicts: # CHANGELOG.md # spotbugs/etc/findbugs.xml # spotbugs/etc/messages.xml
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Merging the master to the SEI_CERT_MET01_J branch and resolving the merge conflict.
The build is successful.
Make sure these boxes are checked before submitting your PR -- thank you!
CHANGELOG.mdif you have changed SpotBugs code