bdemers commented on pull request #250: URL: https://github.com/apache/shiro/pull/250#issuecomment-675525092
Thanks @TomMD! I'd be interested in hearing more. Especially the rate of false positives (and how easy it is to mark them as such). For example, I really like the OWASP Dependency Check plugin, but it has a high rate of false positives (and it's a PITA to work around them, i.e. hacking up an XML file). Same thing with SpotBugs (though, that has a low rate of false positives) ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
