A
lgorithmique
N
umérique
D
istribuée
Public GIT Repository
projects
/
simgrid.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
sonar: ignore another rule as we don't have real security concerns
[simgrid.git]
/
sonar-project.properties
diff --git
a/sonar-project.properties
b/sonar-project.properties
index
296650a
..
f160de7
100644
(file)
--- a/
sonar-project.properties
+++ b/
sonar-project.properties
@@
-13,7
+13,7
@@
sonar.sources=src,examples,include,teshsuite
# Disable some rules on some files
# Disable some rules on some files
-sonar.issue.ignore.multicriteria=j1,j2,j
ni1,jni2,c1,c2a,c2b,c3,c4a,c4b,c5a,c5b,c6a,c6b,c7
,f1
+sonar.issue.ignore.multicriteria=j1,j2,j
3,jni1,jni2,c1,c2a,c2b,c3,c4a,c4b,c5a,c5b,c6a,c6b,c7,c8
,f1
# The Object.finalize() method should not be overriden
# But we need to clean the native memory with JNI
# The Object.finalize() method should not be overriden
# But we need to clean the native memory with JNI
@@
-25,6
+25,11
@@
sonar.issue.ignore.multicriteria.j1.resourceKey=**/*.java
sonar.issue.ignore.multicriteria.j2.ruleKey=squid:S1148
sonar.issue.ignore.multicriteria.j2.resourceKey=**/*.java
sonar.issue.ignore.multicriteria.j2.ruleKey=squid:S1148
sonar.issue.ignore.multicriteria.j2.resourceKey=**/*.java
+# Using command line arguments is security-sensitive
+# But the authors of the applications using our library will be their only users, so there is no security concern
+sonar.issue.ignore.multicriteria.j3.ruleKey=squid:S4823
+sonar.issue.ignore.multicriteria.j3.resourceKey=**/*.java
+
# "reinterpret_cast" should not be used
# But this is exactly intended to store a pointer into a long -- what we do here
sonar.issue.ignore.multicriteria.jni1.ruleKey=cpp:S3630
# "reinterpret_cast" should not be used
# But this is exactly intended to store a pointer into a long -- what we do here
sonar.issue.ignore.multicriteria.jni1.ruleKey=cpp:S3630
@@
-80,12
+85,16
@@
sonar.issue.ignore.multicriteria.c6b.resourceKey=teshsuite/**/*.cpp
sonar.issue.ignore.multicriteria.c7.ruleKey=c:PPStringifyAndPastingUsage
sonar.issue.ignore.multicriteria.c7.resourceKey=**/*
sonar.issue.ignore.multicriteria.c7.ruleKey=c:PPStringifyAndPastingUsage
sonar.issue.ignore.multicriteria.c7.resourceKey=**/*
+# Deprecated code should be removed
+# We do have a process to remove deprecated code
+sonar.issue.ignore.multicriteria.c8.ruleKey=cpp:S1133
+sonar.issue.ignore.multicriteria.c8.resourceKey=**/*
+
# "reinterpret_cast" should not be used
# But we need this to interface C and Fortran
sonar.issue.ignore.multicriteria.f1.ruleKey=cpp:S3630
sonar.issue.ignore.multicriteria.f1.resourceKey=src/smpi/bindings/smpi_f77*.cpp
# "reinterpret_cast" should not be used
# But we need this to interface C and Fortran
sonar.issue.ignore.multicriteria.f1.ruleKey=cpp:S3630
sonar.issue.ignore.multicriteria.f1.resourceKey=src/smpi/bindings/smpi_f77*.cpp
-
# Exclude some files from the analysis:
# - our unit tests
# - the tests that we borrowed elsewhere (MPICH and ISP)
# Exclude some files from the analysis:
# - our unit tests
# - the tests that we borrowed elsewhere (MPICH and ISP)