(creadur-rat) branch feature/RAT-369 updated: RAT-369: Ignore false positive

Sun, 21 Apr 2024 13:52:07 -0700 

This is an automated email from the ASF dual-hosted git repository.

pottlinger pushed a commit to branch feature/RAT-369
in repository https://gitbox.apache.org/repos/asf/creadur-rat.git


The following commit(s) were added to refs/heads/feature/RAT-369 by this push:
     new a9169510 RAT-369: Ignore false positive
a9169510 is described below

commit a9169510d667f5c9e2bcf70115fdcc2451b92091
Author: P. Ottlinger <[email protected]>
AuthorDate: Sun Apr 21 22:51:57 2024 +0200

    RAT-369: Ignore false positive
---
 pom.xml             |  3 +--
 spotbugs_ignore.xml | 27 +++++++++++++++++++++++++++
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 923bb837..471ec421 100644
--- a/pom.xml
+++ b/pom.xml
@@ -308,8 +308,7 @@ agnostic home for software distribution comprehension and 
audit tools.
           <configuration>
             <!-- TODO remove after RAT-369 is done -->
             <failOnError>false</failOnError>
-            
<!--includeFilterFile>spotbugs-security-include.xml</includeFilterFile>
-                  
<excludeFilterFile>spotbugs-security-exclude.xml</excludeFilterFile-->
+            <excludeFilterFile>spotbugs-ignore.xml</excludeFilterFile>
             <plugins>
               <plugin>
                 <groupId>com.h3xstream.findsecbugs</groupId>
diff --git a/spotbugs_ignore.xml b/spotbugs_ignore.xml
new file mode 100644
index 00000000..f6a55af9
--- /dev/null
+++ b/spotbugs_ignore.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Licensed to the Apache Software Foundation (ASF) under one or more
+  contributor license agreements.  See the NOTICE file distributed with
+  this work for additional information regarding copyright ownership.
+  The ASF licenses this file to You under the Apache License, Version 2.0
+  (the "License"); you may not use this file except in compliance with
+  the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<FindBugsFilter>
+  <Match>
+    <!-- Uses tryWithResources, thus closes resource properly:
+    [ERROR] Medium: 
org.apache.rat.configuration.builders.ChildContainerBuilder.setResource(String) 
may fail to close stream
+    [org.apache.rat.configuration.builders.ChildContainerBuilder] At 
ChildContainerBuilder.java:[line 62] OS_OPEN_STREAM
+  -->
+    <Class name="org.apache.rat.configuration.builders.ChildContainerBuilder"/>
+    <Bug pattern="OS_OPEN_STREAM"/>
+  </Match>
+</FindBugsFilter>

Reply via email to