On Tue, 24 Apr 2018 11:44:58 -0400 "William L. Thomson Jr." <wlt...@obsidian-studios.com> wrote:
> On Tue, 24 Apr 2018 12:31:33 +0200 > Marcel Hollerbach <m...@bu5hm4n.de> wrote: > > > > scanning through the results also shows that there is a massive > > amount of false positives. > > Which can be marked as such. Which their devs will read comments and > or look at false positives and make changes to the scanner as > necessary. Using SonarClouds multi-user access. More than one person can be marking this stuff as false, Assigning it to others, etc. > > Examples: > > - > > https://sonarcloud.io/project/issues?branch=devs%2Fstefan%2Fsonar-test&id=efl&open=AWL3Ai8c-pl6AHs2kvjz&resolved=false&severities=MAJOR > > There is a feature to make "Bulk Changes". Which if used could heavily reduce the noise to things of concern. Its a check box and button just to the left of the "Clear All Filters" button on "Issues" tab. Could do that for the "Review the data-flow, this memory...". Since most of those are likely false. Though it is possible some are legit. Most of the "Change this conditional so that it does not always evaluate to true or false". Is likely false when parsing CLI options. I have seen it point out legit non-changing conditionals in other cases. I would be cautious with that one. It was rare, but did happen. Most all were from CLI option parsing. Those are for sure false, could be marked in bulk. -- William L. Thomson Jr.
pgpJ1OmzYxKBr.pgp
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ enlightenment-devel mailing list enlightenment-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/enlightenment-devel
