Hi - In the differential all 30 of the bugs are of the form:
Make this class “<whatever>Event" override "Event.clone()” function All of the 133 vulnerabilities are of these forms: Make this "public static" field const Remove this use of the "trace" function. The singular code smell (Sonar says that flex smells very good indeed.) Last statement in this switch-clause should be an unconditional break This looks like recent work. I’d say it looks pretty good and would be easy to address. I agree with Justin that it is something that all devs should look at from time to time. Regards, Dave > On Jul 5, 2017, at 4:24 PM, Justin Mclean <jus...@classsoftware.com> wrote: > > Hi, > > If you take a look at this [1] you see that technical debt increased a bit > between the 0.8 and 0.9 releases. It would be good if we could reduce this. > > While Sonar cube isn’t perfect, probably needs some tuning, and there are a > number of false positives in there it is trying to tell us something. > > Thanks, > Justin > > 1. https://builds.apache.org/analysis/overview?id=20942
signature.asc
Description: Message signed with OpenPGP
