OK got it. Before you accuse anyone (even if you expressed doubt) do you have a way to determine who made the change to the Sonar Cube configuration? Does Infrastructure?
Did anyone on the Flex project make any changes? Regards, Dave > On Jul 7, 2017, at 8:18 PM, Justin Mclean <jus...@classsoftware.com> wrote: > > Hi, > >> My discussion was around procedures related to technical debt. > > And you would agree the Sonar Cube configuration relates to that? > >> Keep in mind that this is all my opinion as part of the PMC. If others don't >> agree then there is not yet consensus. > > Which is why as suggested I’m trying to document [1] and get consensus on > what we can do before changing the configuration. > >> I'm not sure about the profile. Please take a look at the commits and you >> should question and discuss that change separately on TECHNICAL merits. > > There are no commits (it's not under version control) but just options in the > Sonar web interface, there's was no discussion and no email to the list about > these changes. > > Note that the changes effect ALL Apache projects using Sonar Cube (using that > default profile) not just the Flex project so that should be reason enough to > reset it back to the way it was. I did suggest to creating a new profile. > > For a technical point of view there are a number of useful rules that have > been disabled i.e. rules that pick up issues like this: for (var i:int =0; i > < someArray.length; i++) where someArray.length should be defined outside the > loop for performance reasons. > > So consider this a -1 (veto) with valid reason as stated above and unless > someone has a good technical reason why those all those rules were disabled > for all projects I suggest they be reverted. > > Thanks, > Justin > > 1. https://cwiki.apache.org/confluence/display/FLEX/Sonar+Cube+Flex+Rules > <https://cwiki.apache.org/confluence/display/FLEX/Sonar+Cube+Flex+Rules>
signature.asc
Description: Message signed with OpenPGP