From 5bcbd26cd153ce3f78e8610f6edfeb5e1174501a Mon Sep 17 00:00:00 2001
From: Caspar MacRae <earcam@gmail.com>
Date: Sun, 25 Nov 2018 21:45:02 +0000
Subject: [PATCH] Suppressed some SonarQube OWASP contextual false-positives

Signed-off-by: Caspar MacRae <earcam@gmail.com>
---
 .../main/java/io/earcam/maven/plugin/jigsaw/Export.java  | 1 +
 .../netlify/NetlifyUploadLifecycleParticipant.java       | 9 ++++++++-
 .../java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java | 1 +
 .../maven/plugin/ramdisk/RamdiskBuildExtension.java      | 3 +++
 .../src/site/section/index-head.md.vm                    | 4 +++-
 .../search/offline/JsSearchLifecycleParticipant.java     | 2 +-
 .../earcam/maven/plugin/sitemap/AbstractSitemapMojo.java | 1 +
 7 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/io.earcam.maven.plugin.jigsaw/src/main/java/io/earcam/maven/plugin/jigsaw/Export.java b/io.earcam.maven.plugin.jigsaw/src/main/java/io/earcam/maven/plugin/jigsaw/Export.java
index 8c6d7aa..ec7b06c 100644
--- a/io.earcam.maven.plugin.jigsaw/src/main/java/io/earcam/maven/plugin/jigsaw/Export.java
+++ b/io.earcam.maven.plugin.jigsaw/src/main/java/io/earcam/maven/plugin/jigsaw/Export.java
@@ -37,6 +37,7 @@ public final class Export {
 	private String[] to = EMPTY;
 
 
+	@SuppressWarnings("squid:S4784")  // SonarQube - questionable in context
 	public Predicate<String> packages()
 	{
 		return Pattern.compile(getPackageRegex()).asPredicate();
diff --git a/io.earcam.maven.plugin.netlify/src/main/java/io/earcam/maven/plugin/netlify/NetlifyUploadLifecycleParticipant.java b/io.earcam.maven.plugin.netlify/src/main/java/io/earcam/maven/plugin/netlify/NetlifyUploadLifecycleParticipant.java
index 3c88639..6b822e0 100644
--- a/io.earcam.maven.plugin.netlify/src/main/java/io/earcam/maven/plugin/netlify/NetlifyUploadLifecycleParticipant.java
+++ b/io.earcam.maven.plugin.netlify/src/main/java/io/earcam/maven/plugin/netlify/NetlifyUploadLifecycleParticipant.java
@@ -84,7 +84,7 @@ private void process(NetlifyUploadMojo mojo, List<MavenProject> projects)
 		Map<String, Path> baseDirs = projects.stream()
 				.collect(toMap(
 						this::uriPath,
-						p -> Paths.get(p.getModel().getReporting().getOutputDirectory())));
+						NetlifyUploadLifecycleParticipant::mapToReportingOutput));
 
 		debug("site.name: {}, baseDirs: {}", site.name(), baseDirs);
 
@@ -92,6 +92,13 @@ private void process(NetlifyUploadMojo mojo, List<MavenProject> projects)
 	}
 
 
+	@SuppressWarnings("squid:S4797")
+	private static Path mapToReportingOutput(MavenProject project)
+	{
+		return Paths.get(project.getModel().getReporting().getOutputDirectory());
+	}
+
+
 	private Netlify createNetlify(NetlifyUploadMojo mojo)
 	{
 		String testUrl = System.getProperty(SYSTEM_PROPERTY_TEST_URL);
diff --git a/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java b/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java
index 9408292..ee36396 100644
--- a/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java
+++ b/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/CleanUpMojo.java
@@ -55,6 +55,7 @@ public class CleanUpMojo extends AbstractMojo {
 	public void execute()
 	{
 		project.getProperties().put(PROPERTY_SKIP, "true");
+		@SuppressWarnings("squid:S4797")
 		Path target = Paths.get(project.getBuild().getDirectory());
 		if(Files.isSymbolicLink(target)) {
 			delete(target);
diff --git a/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/RamdiskBuildExtension.java b/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/RamdiskBuildExtension.java
index 66190c0..484d86c 100644
--- a/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/RamdiskBuildExtension.java
+++ b/io.earcam.maven.plugin.ramdisk/src/main/java/io/earcam/maven/plugin/ramdisk/RamdiskBuildExtension.java
@@ -52,6 +52,7 @@
 import io.earcam.utilitarian.io.IoStreams;
 import io.earcam.utilitarian.io.file.RecursiveFiles;
 
+@SuppressWarnings("squid:S4797")
 @Component(role = AbstractMavenLifecycleParticipant.class, hint = NAME, instantiationStrategy = "singleton")
 public class RamdiskBuildExtension extends AbstractMavenLifecycleParticipant {
 
@@ -144,6 +145,8 @@ static Path findTmpFs()
 	private static String extractUid()
 	{
 		try {
+			// SonarQube should really consider constant args as explicit and therefore OK
+			@SuppressWarnings("squid:S4721")
 			Process process = new ProcessBuilder("/usr/bin/id", "-u", System.getProperty("user.name")).redirectErrorStream(true).start();
 
 			try(Scanner scanner = new Scanner(process.getInputStream(), defaultCharset().toString())) {
diff --git a/io.earcam.maven.plugin.ramdisk/src/site/section/index-head.md.vm b/io.earcam.maven.plugin.ramdisk/src/site/section/index-head.md.vm
index 42a83a9..7fc47e8 100644
--- a/io.earcam.maven.plugin.ramdisk/src/site/section/index-head.md.vm
+++ b/io.earcam.maven.plugin.ramdisk/src/site/section/index-head.md.vm
@@ -139,7 +139,7 @@ Set the property either cmdline `-D` or in the pom.xml's `<properties>`:
 Really only aimed at Linux/UNIX.
 
 Mac OSX users can create a ramdisk and then set this `ram://` FS via the base path property 
-(then further could be achieve global zero-conf with an always active profile in `~/.m2/settings.xml')
+(then further could be achieve global application with an always active profile in `~/.m2/settings.xml')
 
 Users of Windows could try with ubuntu-shell or consider something like [ImDisk](https://www.google.com/search?q=imdisk) (from a reputable source), 
 and then set the base path (see above).
@@ -151,3 +151,5 @@ and then set the base path (see above).
 	<iframe width="560" height="315" src="https://www.youtube.com/embed/SY0nDM3NSd8?rel=0" frameborder="0" allow="autoplay; encrypted-media"></iframe>
 </div>
 
+<br/>
+
diff --git a/io.earcam.maven.plugin.site.search.offline/src/main/java/io/earcam/maven/plugin/site/search/offline/JsSearchLifecycleParticipant.java b/io.earcam.maven.plugin.site.search.offline/src/main/java/io/earcam/maven/plugin/site/search/offline/JsSearchLifecycleParticipant.java
index 6d34a90..523d809 100644
--- a/io.earcam.maven.plugin.site.search.offline/src/main/java/io/earcam/maven/plugin/site/search/offline/JsSearchLifecycleParticipant.java
+++ b/io.earcam.maven.plugin.site.search.offline/src/main/java/io/earcam/maven/plugin/site/search/offline/JsSearchLifecycleParticipant.java
@@ -39,7 +39,7 @@ public class JsSearchLifecycleParticipant extends AbstractMavenLifecycleParticip
 	private static Indexer indexer;
 
 
-	synchronized static void indexer(Indexing indexing)
+	static synchronized void indexer(Indexing indexing)
 	{
 		if(JsSearchLifecycleParticipant.indexer == null) {
 			JsSearchLifecycleParticipant.indexer = indexing.build();
diff --git a/io.earcam.maven.plugin.sitemap/src/main/java/io/earcam/maven/plugin/sitemap/AbstractSitemapMojo.java b/io.earcam.maven.plugin.sitemap/src/main/java/io/earcam/maven/plugin/sitemap/AbstractSitemapMojo.java
index 8f00154..6f85a2b 100644
--- a/io.earcam.maven.plugin.sitemap/src/main/java/io/earcam/maven/plugin/sitemap/AbstractSitemapMojo.java
+++ b/io.earcam.maven.plugin.sitemap/src/main/java/io/earcam/maven/plugin/sitemap/AbstractSitemapMojo.java
@@ -70,6 +70,7 @@ public abstract class AbstractSitemapMojo extends AbstractMojo {
 	protected boolean skip;
 
 
+	@SuppressWarnings("squid:S4784")  // SonarQube - questionable in context
 	protected SitemapParameters parameters()
 	{
 		SitemapParameters parameters = new SitemapParameters(baseUrl, sourceDir.toPath(), targetDir.toPath());