[jira] [Updated] (FINERACT-967) lgtm.com Security Vulnerability Assessment Scanning

Thu, 21 May 2020 05:14:04 -0700 


     [ 
https://issues.apache.org/jira/browse/FINERACT-967?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Michael Vorburger updated FINERACT-967:
---------------------------------------
    Description: 
https://lgtm.com/projects/g/apache/fineract is pretty "interesting"... ;-)

368 alerts: 69 Errors, 251Warnings, 48 Recommendations

Let's do something about this? :P

FINERACT-854 for FINERACT-853 should address some of the issues raised there. 
Let's first do that, and then look at this again. Whatever is left, we ideally 
should not just fix it "one off", but find (or make?!) automated code scan 
quality tools which detect those issues - and make sure that we don not 
re-introduce them again over time.

  was:
https:///projects/g/apache/fineract/ is pretty "interesting"... ;-)

368 alerts: 69 Errors, 251Warnings, 48 Recommendations

Let's do something about this? :P

FINERACT-854 for FINERACT-853 should address some of the issues raised there. 
Let's first do that, and then look at this again. Whatever is left, we ideally 
should not just fix it "one off", but find (or make?!) automated code scan 
quality tools which detect those issues - and make sure that we don not 
re-introduce them again over time.


> lgtm.com Security Vulnerability Assessment Scanning
> ---------------------------------------------------
>
>                 Key: FINERACT-967
>                 URL: https://issues.apache.org/jira/browse/FINERACT-967
>             Project: Apache Fineract
>          Issue Type: Improvement
>          Components: Security
>            Reporter: Michael Vorburger
>            Priority: Major
>              Labels: technical
>
> https://lgtm.com/projects/g/apache/fineract is pretty "interesting"... ;-)
> 368 alerts: 69 Errors, 251Warnings, 48 Recommendations
> Let's do something about this? :P
> FINERACT-854 for FINERACT-853 should address some of the issues raised there. 
> Let's first do that, and then look at this again. Whatever is left, we 
> ideally should not just fix it "one off", but find (or make?!) automated code 
> scan quality tools which detect those issues - and make sure that we don not 
> re-introduce them again over time.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to