Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[jaxb-impl-dev] Submission Question - Sonarqube Scan Fixes

Greetings.

I am running the JaxB-RI project through the SonarQube analyzer, and more than a few issues are being found.  I have been setting up the Honor Systems Updater to take that output and fix.

Questions:
  • Should I just do PRs with fixes as the Updater gets setup to handle various issues?  Or do you want a Bug Report?
  • Also, some of the fixes are likely to be "quickie one-offs" that I do manually.  How do you want that handled?

Comment: As more than a few issues that Sonarqube is highlighting are security vulnerabilities, the reports won't be publicly available.  I will make Sonarqube available to the team members to review the scan reports.  If you would like access, please email me direct at steve@xxxxxxxxxxxx and I will set you up with an account.

Regards,
Steve

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


Back to the top