[jira] [Commented] (CB-8554) File plugin Android source does not pass Fortify scan

Thu, 26 Feb 2015 11:43:15 -0800 

    [ 
https://issues.apache.org/jira/browse/CB-8554?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14339005#comment-14339005
 ] 

ASF GitHub Bot commented on CB-8554:
------------------------------------

GitHub user rob-close opened a pull request:

    https://github.com/apache/cordova-plugin-file/pull/102

    CB-8554 Updated source to pass Fortify scan.

    From Fortify:
    Access Control: SecurityManager Bypass (Security Features, Structural)
    Poor Error Handling: Empty Catch Block (Errors, Structural)
    Poor Style: Non-final Public Static Field (Encapsulation, Structural)
    Poor Error Handling: Throw Inside Finally (Errors, Structural)
    
    And from SonarQube:
    Preserve Stack Trace
    Reliance on default encoding

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/rob-close/cordova-plugin-file CB-8554

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/cordova-plugin-file/pull/102.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #102
    
----
commit 05d767a31f2ae9ae380b55cbdcf8d6b675f90f33
Author: Rob Close <rob-close>
Date:   2015-02-26T19:30:48Z

    CB-8554 Updated source to pass Fortify scan.
    
    From Fortify:
    Access Control: SecurityManager Bypass (Security Features, Structural)
    Poor Error Handling: Empty Catch Block (Errors, Structural)
    Poor Style: Non-final Public Static Field (Encapsulation, Structural)
    Poor Error Handling: Throw Inside Finally (Errors, Structural)
    
    And from SonarQube:
    Preserve Stack Trace
    Reliance on default encoding

----


> File plugin Android source does not pass Fortify scan
> -----------------------------------------------------
>
>                 Key: CB-8554
>                 URL: https://issues.apache.org/jira/browse/CB-8554
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>    Affects Versions: Master
>         Environment: Android
> Modify the code to remove the following warnings
> From Fortify:
> Access Control: SecurityManager Bypass (Security Features, Structural)
> Poor Error Handling: Empty Catch Block (Errors, Structural)
> Poor Style: Non-final Public Static Field (Encapsulation, Structural)
> Poor Error Handling: Throw Inside Finally (Errors, Structural)
> And from SonarQube:
> Preserve Stack Trace
> Reliance on default encoding
>            Reporter: Rob Close
>            Priority: Minor
>             Fix For: Master
>
>




--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to