I've cleaned up the PR to make it more readable. I'll be grateful for any
comments.

Svetlin

2016-09-14 16:15 GMT+03:00 Svetlin Zarev <svetlin.angelov.za...@gmail.com>:

> Hi,
>
> I think I've fixed[1]  all stream leaks to files or streams opened by
> classLoader.getResoureAsStream(). I intentionally ignored all streams
> opened bu UrlConnection, because the issue with the connection pooling has
> to be researched. I also reopened [2] because the patch is only for
> slurp(File) and not for slurp(URL) or slurp(InputStream) which should not
> close the stream.
>
> [1] https://github.com/apache/tomee/pull/44
> [2] https://github.com/apache/tomee/pull/40
>
> Svetlin
>
> 2016-09-14 10:58 GMT+03:00 Romain Manni-Bucau <rmannibu...@gmail.com>:
>
>> Tomee is java 7 for 7.x by spec do java 8 is not an option
>>
>> On the fixes: ensure to unit test each non trivial fix but you can put all
>> the "same" category ones in the same pr. Like "ensure streams are closed".
>> Side note on this particular one: since we pool connections sometimes
>> closing the stream would break it at runtime so unit testing is mandatory.
>>
>> Thanks to have a look to that
>>
>> Le 14 sept. 2016 09:48, "Mitia Alexandrov" <mitiaalexand...@gmail.com> a
>> écrit :
>>
>> > Hello,
>> > I've made several such runs from Idea but mainly for Java 8fy reasons.
>> > There are also several thousand places where the code may be rewritten
>> with
>> > java 8 constructions.
>> >
>> > Regards,
>> >
>> > Mitia
>> >
>> > 2016-09-14 10:35 GMT+03:00 Svetlin Zarev <svetlin.angelov.zarev@gmail.c
>> om
>> > >:
>> >
>> > > Dear TomEE developers,
>> > >
>> > > I've been running static code analysis (fortify) against TomEE 7 and
>> as a
>> > > result I have a list of more than 8000 potential issues (I hope most
>> of
>> > > them are false positives). Unfortunately I'm not allowed to share the
>> > list
>> > > itself.
>> > >
>> > > Either way I'll have to go through that list and review every single
>> > > report, but it's impractical to open a bug report for every single
>> issue.
>> > >
>> > > So here are my questions:
>> > > * What would be the best way to handle the situation ?
>> > > * What's the minimum severity level that's worth reporting ?
>> > > * Should I open jira tickets for the minot/trivial/bad-practices
>> issues ?
>> > > * Should I provide PullRequests for the low priority issues or just
>> for
>> > the
>> > > higher priority ones?
>> > >
>> > >
>> > > Kind regards,
>> > > Svetlin
>> > >
>> >
>>
>
>

Reply via email to