artem-smotrakov opened a new pull request #262: URL: https://github.com/apache/httpcomponents-client/pull/262
LGTM.com offers static analysis for open-source projects. It's based on CodeQL engine. The current report for Apache HttpClient is pretty good. There are only 19 findings. I had a look at them, and didn't find anything severe. Nevertheless, I'd like to propose fixing some minor findings and suppressing the rest. Suppressing the warnings would make it simpler to triage new issues in the future. Here is a list of updates: - Fixed a few possible null dereferences - Fixed a few possible out-of-bound array ops - Suppressed warnings for weak cryptographic algorithms for NTLM and Digest authentication schemes - Suppressed a few false-positives for null dereference - Suppressed a few warnings for overriding a synchronized method without synchronization - Added a couple of test cases ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
