Suppressed some SonarQube OWASP contextual false-positives

Signed-off-by: Caspar MacRae <earcam@gmail.com>
earcam · Nov 25, 2018 · 5bcbd26 · 5bcbd26
1 parent 9d77d7f
commit 5bcbd26
Show file tree

Hide file tree

Showing 7 changed files with 18 additions and 3 deletions.
diff --git a/io.earcam.maven.plugin.jigsaw/src/main/java/io/earcam/maven/plugin/jigsaw/Export.java b/io.earcam.maven.plugin.jigsaw/src/main/java/io/earcam/maven/plugin/jigsaw/Export.java
@@ -37,6 +37,7 @@ public final class Export {
 	private String[] to = EMPTY;
 
 
+	@SuppressWarnings("squid:S4784")  // SonarQube - questionable in context
 	public Predicate<String> packages()
 	{
 		return Pattern.compile(getPackageRegex()).asPredicate();

diff --git a/...tlify/src/main/java/io/earcam/maven/plugin/netlify/NetlifyUploadLifecycleParticipant.java b/...tlify/src/main/java/io/earcam/maven/plugin/netlify/NetlifyUploadLifecycleParticipant.java
@@ -84,14 +84,21 @@ private void process(NetlifyUploadMojo mojo, List<MavenProject> projects)
 		Map<String, Path> baseDirs = projects.stream()
 				.collect(toMap(
 						this::uriPath,
-						p -> Paths.get(p.getModel().getReporting().getOutputDirectory())));
+						NetlifyUploadLifecycleParticipant::mapToReportingOutput));
 
 		debug("site.name: {}, baseDirs: {}", site.name(), baseDirs);
 
 		netlify.deployZip(site.name(), baseDirs);
 	}
 
 
+	@SuppressWarnings("squid:S4797")
+	private static Path mapToReportingOutput(MavenProject project)
+	{
+		return Paths.get(project.getModel().getReporting().getOutputDirectory());
+	}
+
+
 	private Netlify createNetlify(NetlifyUploadMojo mojo)
 	{
 		String testUrl = System.getProperty(SYSTEM_PROPERTY_TEST_URL);

diff --git a/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java b/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java
@@ -55,6 +55,7 @@ public class CleanUpMojo extends AbstractMojo {
 	public void execute()
 	{
 		project.getProperties().put(PROPERTY_SKIP, "true");
+		@SuppressWarnings("squid:S4797")
 		Path target = Paths.get(project.getBuild().getDirectory());
 		if(Files.isSymbolicLink(target)) {
 			delete(target);

diff --git a/...en.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/RamdiskBuildExtension.java b/...en.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/RamdiskBuildExtension.java
@@ -52,6 +52,7 @@
 import io.earcam.utilitarian.io.IoStreams;
 import io.earcam.utilitarian.io.file.RecursiveFiles;
 
+@SuppressWarnings("squid:S4797")
 @Component(role = AbstractMavenLifecycleParticipant.class, hint = NAME, instantiationStrategy = "singleton")
 public class RamdiskBuildExtension extends AbstractMavenLifecycleParticipant {
 
@@ -144,6 +145,8 @@ static Path findTmpFs()
 	private static String extractUid()
 	{
 		try {
+			// SonarQube should really consider constant args as explicit and therefore OK
+			@SuppressWarnings("squid:S4721")
 			Process process = new ProcessBuilder("/usr/bin/id", "-u", System.getProperty("user.name")).redirectErrorStream(true).start();
 
 			try(Scanner scanner = new Scanner(process.getInputStream(), defaultCharset().toString())) {

diff --git a/io.earcam.maven.plugin.ramdisk/src/site/section/index-head.md.vm b/io.earcam.maven.plugin.ramdisk/src/site/section/index-head.md.vm
@@ -139,7 +139,7 @@ Set the property either cmdline `-D` or in the pom.xml's `<properties>`:
 Really only aimed at Linux/UNIX.
 
 Mac OSX users can create a ramdisk and then set this `ram://` FS via the base path property 
-(then further could be achieve global zero-conf with an always active profile in `~/.m2/settings.xml')
+(then further could be achieve global application with an always active profile in `~/.m2/settings.xml')
 
 Users of Windows could try with ubuntu-shell or consider something like [ImDisk](https://www.google.com/search?q=imdisk) (from a reputable source), 
 and then set the base path (see above).
@@ -151,3 +151,5 @@ and then set the base path (see above).
 	<iframe width="560" height="315" src="https://www.youtube.com/embed/SY0nDM3NSd8?rel=0" frameborder="0" allow="autoplay; encrypted-media"></iframe>
 </div>
 
+<br/>
+
diff --git a/...rc/main/java/io/earcam/maven/plugin/site/search/offline/JsSearchLifecycleParticipant.java b/...rc/main/java/io/earcam/maven/plugin/site/search/offline/JsSearchLifecycleParticipant.java
@@ -39,7 +39,7 @@ public class JsSearchLifecycleParticipant extends AbstractMavenLifecycleParticip
 	private static Indexer indexer;
 
 
-	synchronized static void indexer(Indexing indexing)
+	static synchronized void indexer(Indexing indexing)
 	{
 		if(JsSearchLifecycleParticipant.indexer == null) {
 			JsSearchLifecycleParticipant.indexer = indexing.build();

diff --git a/...aven.plugin.sitemap/src/main/java/io/earcam/maven/plugin/sitemap/AbstractSitemapMojo.java b/...aven.plugin.sitemap/src/main/java/io/earcam/maven/plugin/sitemap/AbstractSitemapMojo.java
@@ -70,6 +70,7 @@ public abstract class AbstractSitemapMojo extends AbstractMojo {
 	protected boolean skip;
 
 
+	@SuppressWarnings("squid:S4784")  // SonarQube - questionable in context
 	protected SitemapParameters parameters()
 	{
 		SitemapParameters parameters = new SitemapParameters(baseUrl, sourceDir.toPath(), targetDir.toPath());