Guillaume Toison
Guillaume Toison
SonarQube will deprecate the jar-in-jar dependencies, see https://community.sonarsource.com/t/custom-rules-101-update-for-sonarqube-latest-9-5-0/68347/3
Many users don't know the version they are using because they do not have access to the SonarQube server administration page. Log the version so we don't waste time while...
Only fails when Findbugs is ran with the next vars declarated: `-Dsonar.pullrequest.key=$CI_MERGE_REQUEST_IID -Dsonar.pullrequest.branch=$CI_COMMIT_REF_NAME -Dsonar.pullrequest.base=develop` If these vars are not declared, it doesn't fail. These vars are related to Branch Community...
The `okhttp` and `logging-interceptor` dependencies (along with their own transitive dependencies) have a bunch of vulnerabilities: https://github.com/square/okhttp/issues/6738 https://github.com/square/okio/pull/1280 https://blog.jetbrains.com/blog/2022/02/08/jetbrains-security-bulletin-q4-2021/ I'm not sure if these vulnerabilities are an actual issue for...
See #453 and #2870
The methods added by Hibernate's bytecode enhancement trigger DLS_DEAD_LOCAL_STORE false positives Fixes #2864
Hibenate's [bytecode enhancement](https://docs.jboss.org/hibernate/orm/5.4/topical/html_single/bytecode/BytecodeEnhancement.html) adds generated methods that trigger `DLS_DEAD_LOCAL_STORE` false positives. Since the bytecode is generated it is not very useful to report these issues.
Error prone relies on the service loader mechanism to load plugin, the plugin's jar needs to contain a `BugChecker` file named: `META-INF\services\com.google.errorprone.bugpatterns.BugChecker` I _think_ that since https://github.com/uber/AutoDispose/pull/471 the file is...
This should bring compatibility to JDK 21 (see #723)