oscerd commented on PR #22344: URL: https://github.com/apache/camel/pull/22344#issuecomment-4160512150
_Claude Code on behalf of Andrea Cosentino_ Thank you for the thorough review! All feedback has been addressed in the latest commit: **Blocking #1 (Rebase):** Checked — no conflicts exist against current `main` (no changes to the MCP module since the branch point). CAMEL-23270 has not landed on `main` yet, so no rebase is needed at this time. **Major #2 (Code duplication):** Extracted `PomSanitizer.process(pomContent, sanitize)` helper that returns a `ProcessedPom(content, warnings)` record. All three tool methods now use this single entry point instead of the duplicated 13-line block. **Major #3 (Missing integration tests):** Added `MigrationToolsTest` and `MigrationWildflyKarafToolsTest` with sanitization tests covering: sensitive data masking with warnings, `sanitizePom=false` bypass, analysis correctness after sanitization, and clean POM baseline. **Follow-up: Remove section stripping:** Removed both `<servers>` and `<distributionManagement>` stripping as suggested. `<servers>` belongs to `settings.xml`, and `<distributionManagement>` contains URLs/IDs, not credentials. Only sensitive element value masking remains. **Follow-up: Document regex limitations:** Added comprehensive Javadoc to `PomSanitizer` documenting false positives (e.g., `<password-policy>strict</password-policy>`) and false negatives (e.g., credentials in JDBC URLs, singular `<my.credential>`). **Nit #5 (`wasSanitized` unused):** Removed the field from `SanitizationResult`. **Nit #6 (Verbose warnings):** Consolidated per-pattern warnings into a single summary: `"Sensitive data detected and masked: db.password, api.token"`. All 189 tests pass, code is formatted. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
