From: Martin Quinson Date: Fri, 4 Jan 2019 21:03:18 +0000 (+0100) Subject: sonar: ignore another rule as we don't have real security concerns X-Git-Tag: v3_22~696 X-Git-Url: http://info.iut-bm.univ-fcomte.fr/pub/gitweb/simgrid.git/commitdiff_plain/711328bc382288a9524ce222caf86b09a0bf1557 sonar: ignore another rule as we don't have real security concerns --- diff --git a/sonar-project.properties b/sonar-project.properties index 3f7ea9945e..f160de7f21 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -13,7 +13,7 @@ sonar.sources=src,examples,include,teshsuite # Disable some rules on some files -sonar.issue.ignore.multicriteria=j1,j2,jni1,jni2,c1,c2a,c2b,c3,c4a,c4b,c5a,c5b,c6a,c6b,c7,c8,f1 +sonar.issue.ignore.multicriteria=j1,j2,j3,jni1,jni2,c1,c2a,c2b,c3,c4a,c4b,c5a,c5b,c6a,c6b,c7,c8,f1 # The Object.finalize() method should not be overriden # But we need to clean the native memory with JNI @@ -25,6 +25,11 @@ sonar.issue.ignore.multicriteria.j1.resourceKey=**/*.java sonar.issue.ignore.multicriteria.j2.ruleKey=squid:S1148 sonar.issue.ignore.multicriteria.j2.resourceKey=**/*.java +# Using command line arguments is security-sensitive +# But the authors of the applications using our library will be their only users, so there is no security concern +sonar.issue.ignore.multicriteria.j3.ruleKey=squid:S4823 +sonar.issue.ignore.multicriteria.j3.resourceKey=**/*.java + # "reinterpret_cast" should not be used # But this is exactly intended to store a pointer into a long -- what we do here sonar.issue.ignore.multicriteria.jni1.ruleKey=cpp:S3630