[
https://issues.apache.org/jira/browse/SLING-12602?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17911468#comment-17911468
]
Robert Munteanu commented on SLING-12602:
-----------------------------------------
I am not sure that this is something that should be solved in Sling. But I am
not sure why you are using it in a productive deployment, this is mostly about
mock implementations, right?
> Code Scanning Bugs: CQRules:CQBP-84
> -----------------------------------
>
> Key: SLING-12602
> URL: https://issues.apache.org/jira/browse/SLING-12602
> Project: Sling
> Issue Type: Bug
> Affects Versions: Servlet Helpers 1.4.6
> Reporter: Timo Münkenwarf
> Priority: Major
> Attachments: CQRules-CQBP-75-bugs.xlsx
>
>
> We are using a dependency to Sling Servlet Helpers
> {code:java}
> <dependency>
> <groupId>org.apache.sling</groupId>
> <artifactId>org.apache.sling.servlet-helpers</artifactId>
> <version>1.4.6</version>
> <scope>provided</scope>
> </dependency>{code}
> and embedding this into our /apps/website/install folder.
> Having build this with CloudManager results in Bugs during Adobe's Code
> Scanning within the pipelines.
> It reports "Critical" Bugs with Rule CQRules:CQBP-84.
> Maybe adding @SuppressWarnings("CQRules:CQBP-84") could solve this?
> Overall it reports 7 occurances:
> |The product interface org.apache.sling.api.request.RequestParameter
> annotated with @ProviderType should not be implemented by custom code.
> Detected in org.apache.sling.servlethelpers.MockRequestParameter contained in
> /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
> |The product interface org.apache.sling.api.request.RequestParameterMap
> annotated with @ProviderType should not be implemented by custom code.
> Detected in org.apache.sling.servlethelpers.MockRequestParameterMap contained
> in /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
> |The product interface org.apache.sling.api.request.RequestPathInfo annotated
> with @ProviderType should not be implemented by custom code. Detected in
> org.apache.sling.servlethelpers.MockRequestPathInfo contained in
> /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
> |The product interface org.apache.sling.api.request.RequestProgressTracker
> annotated with @ProviderType should not be implemented by custom code.
> Detected in org.apache.sling.servlethelpers.MockRequestProgressTracker
> contained in
> /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
> |The product interface org.apache.sling.api.SlingHttpServletRequest annotated
> with @ProviderType should not be implemented by custom code. Detected in
> org.apache.sling.servlethelpers.MockSlingHttpServletRequest contained in
> /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
> |The product interface org.apache.sling.api.SlingHttpServletResponse
> annotated with @ProviderType should not be implemented by custom code.
> Detected in org.apache.sling.servlethelpers.MockSlingHttpServletResponse
> contained in
> /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
> |The product interface org.apache.sling.api.resource.Resource annotated with
> @ProviderType should not be implemented by custom code. Detected in
> org.apache.sling.servlethelpers.internalrequests.ServletResolutionResource
> contained in
> /apps/website/install/org.apache.sling.servlet-helpers-1.4.6.jar.|
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
