DaanHoogland commented on PR #7131: URL: https://github.com/apache/cloudstack/pull/7131#issuecomment-1404675274
> > > SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=7131) > > > [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=BUG) [28 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=VULNERABILITY) [9 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=7131&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=7131&resolved=false&types=SECURITY_HOTSPOT) [6 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=7131&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=CODE_SMELL) [11993 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=CODE_SMELL) > > > [](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_coverage&view=list) [4.5% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_duplicated_lines_density&view=list) [5.1% D uplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_duplicated_lines_density&view=list) > > > > > > auch, I checked the security issues and marked them safe. @JoaoJandre can you go through the vulnerabilities and bugs, please. I think we must ignore the code smells for this PR. We can sample them but this is going to be a manyear of work to clear them all, even the more serious ones. > > @DaanHoogland, as this PR touched a lot of lines, any "bugs" or "vulnerabilities" that already existed are now being reported by Sonarcloud. I fixed one of them that I deemed relevant to this PR; however, in order to avoid raising the complexity of this PR, I think it would be better to create another PR to fix the other bugs and vulnerabilities. What do you think? > > > SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=7131) > > > [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=BUG) [28 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=VULNERABILITY) [9 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=7131&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=7131&resolved=false&types=SECURITY_HOTSPOT) [6 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=7131&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=CODE_SMELL) [11993 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=7131&resolved=false&types=CODE_SMELL) > > > [](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_coverage&view=list) [4.5% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_coverage&view=list) [](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_duplicated_lines_density&view=list) [5.1% D uplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=7131&metric=new_duplicated_lines_density&view=list) > > > > > > auch, I checked the security issues and marked them safe. @JoaoJandre can you go through the vulnerabilities and bugs, please. I think we must ignore the code smells for this PR. We can sample them but this is going to be a manyear of work to clear them all, even the more serious ones. > > @DaanHoogland, as this PR touched a lot of lines, any "bugs" or "vulnerabilities" that already existed are now being reported by Sonarcloud. I fixed one of them that I deemed relevant to this PR; however, in order to avoid raising the complexity of this PR, I think it would be better to create another PR to fix the other bugs and vulnerabilities. What do you think? Where it comes to code smells i would agree, but I would rather assess all bugs and vulnerabilities maybe even before merging this. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
