New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
refactor(): Edits for sonarCloud critical code smells #157
Conversation
...in/java/com/synopsys/integration/configuration/source/SpringConfigurationPropertySource.java
Show resolved
Hide resolved
detectable/src/main/java/com/synopsys/integration/detectable/SingleDetectableApplication.java
Show resolved
Hide resolved
...src/main/java/com/synopsys/integration/detectable/detectable/file/impl/SimpleFileFinder.java
Outdated
Show resolved
Hide resolved
...rc/main/java/com/synopsys/integration/detectable/detectables/nuget/model/NugetContainer.java
Show resolved
Hide resolved
...src/main/java/com/synopsys/integration/detectable/detectables/yarn/parse/YarnLockParser.java
Outdated
Show resolved
Hide resolved
src/main/java/com/synopsys/integration/detect/interactive/mode/InteractiveMode.java
Show resolved
Hide resolved
src/main/java/com/synopsys/integration/detect/lifecycle/run/RunManager.java
Outdated
Show resolved
Hide resolved
src/main/java/com/synopsys/integration/detect/tool/detector/DetectorTool.java
Outdated
Show resolved
Hide resolved
src/main/java/com/synopsys/integration/detect/workflow/diagnostic/DiagnosticLogUtil.java
Show resolved
Hide resolved
Black Duck Security ReportMerging #157 into master will not change security risk. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In addition to the comments, I am a little concerned about including DetectorTool in this PR. It's risky. Our only test for that class ensures that it fails when it's supposed to, but does not test the positive case. Perhaps that class is a candidate for 6.4.0.
...src/main/java/com/synopsys/integration/detectable/detectables/yarn/parse/YarnLockParser.java
Outdated
Show resolved
Hide resolved
...src/main/java/com/synopsys/integration/detectable/detectables/yarn/parse/YarnLockParser.java
Outdated
Show resolved
Hide resolved
Kudos, SonarCloud Quality Gate passed! 0 Bugs |
Description
Edits for Critical code smells according to SonarCloud. Included classes have what I consider to be reasonable test coverage, or the edits are minor enough that they pose no risk.