[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2024-04-11 Thread Oliver Lietz (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17836157#comment-17836157
 ] 

Oliver Lietz commented on SLING-10506:
--

[~kwin], Makes totally sense to add (I've suppressed the warnings myself in the 
past, example: 
[ClamEventsServlet|https://github.com/apache/sling-org-apache-sling-clam/blob/master/src/main/java/org/apache/sling/clam/http/internal/ClamEventsServlet.java])
 and *communicate* as developers are already "fixing" the issue.
No chance to follow up on this topic currently as all spare time goes into Pax 
Exam.

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2024-04-09 Thread Konrad Windszus (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835176#comment-17835176
 ] 

Konrad Windszus commented on SLING-10506:
-

I would like to add https://rules.sonarsource.com/java/RSPEC-1948/ to the list 
because AFAIK none of the OSGi runtimes ever serialize something to disk 
(except if explicitly forced via API call). This particularly affects 
HttpServletRequest derived classes...

[~olli] Any chance of following up on this?

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2023-10-05 Thread Oliver Lietz (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17772352#comment-17772352
 ] 

Oliver Lietz commented on SLING-10506:
--

[~bellingard], [~rombert], I will try to complete and document the list next 
week.

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2023-10-05 Thread Robert Munteanu (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17772155#comment-17772155
 ] 

Robert Munteanu commented on SLING-10506:
-

[~olli] - you created the initial rule exclusion list, can you answer 
[~bellingard]'s question?

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2023-10-02 Thread Fabrice Bellingard (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17771017#comment-17771017
 ] 

Fabrice Bellingard commented on SLING-10506:


Hello [~rombert],
I can help on this. I can create a specific QP that suits your needs and bulk 
activate it on all of the sling projects (that will be easy because the 
projects are very well named). Tell me when you want me to do it.
In return, may I ask you a favor? I am sure that our Java Ecosystem Product 
Manager (at SonarSource) would be very interested to understand why those rules 
are inappropriate for your context. Would that be possible to update the 
description of this JIRA ticket with a quick description of why each rule does 
not make sense for you? 

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2023-09-29 Thread Robert Munteanu (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17770400#comment-17770400
 ] 

Robert Munteanu commented on SLING-10506:
-

[~bellingard] - we had one question regarding SonarCloud and custom quality 
profiles. We have started documenting the rules which do not apply for our 
projects, for various reasons.

We would like to create a custom quality profile that extends the default 
'Sonar Way' for Java. The challege is that we have > 300 projects that this 
should apply to. Is there a way to associate bulk associate existing 'sling' 
project to a new profile, once created? I guess when we create a new one it 
would not be a big issue to associate it to a custom profile.

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2021-06-24 Thread Robert Munteanu (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17368811#comment-17368811
 ] 

Robert Munteanu commented on SLING-10506:
-

Yes, as far as I am aware we have no proper API access. I think we should 
formulate a list of things we need and then ask Fabrice Bellingard is they're 
possible.

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2021-06-23 Thread Konrad Windszus (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17368290#comment-17368290
 ] 

Konrad Windszus commented on SLING-10506:
-

IMHO new quality profiles need to be created by Administrators (i.e. through 
INFRA). However I see this has been done for other projects e.g. 
https://sonarcloud.io/organizations/apache/quality_profiles/show?language=java=incubator-daffodil.
 Once we have a custom profile we need to somehow connect this for all Sling 
projects, which is not that easy, as IMHO there is no API access provided for 
that, am I right [~rombert]?

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}} (https://rules.sonarsource.com/java/RSPEC-100)
> * {{java:S112}} (https://rules.sonarsource.com/java/RSPEC-112)
> * {{java:S1117}} (https://rules.sonarsource.com/java/RSPEC-1117)
> * {{java:S1149}} (https://rules.sonarsource.com/java/RSPEC-1149)
> * {{java:S1989}} (https://rules.sonarsource.com/java/RSPEC-1989)
> * {{java:S2226}} (https://rules.sonarsource.com/java/RSPEC-2226)
> * {{java:S3077}} (https://rules.sonarsource.com/java/RSPEC-3077)
> * {{java:S6212}} (https://rules.sonarsource.com/java/RSPEC-6212)



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2021-06-22 Thread Oliver Lietz (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17367128#comment-17367128
 ] 

Oliver Lietz commented on SLING-10506:
--

[~kwin], I'm not yet aware how to quickly look up rules without a running 
SonarQube instance. The rules (e.g. 
[java-checks|https://github.com/SonarSource/sonar-java/tree/master/java-checks/src/main/resources/org/sonar/l10n/java/rules/java])
 are generated from Jira [RSPEC|https://jira.sonarsource.com/browse/RSPEC].

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}}
> * {{java:S112}}
> * {{java:S1117}}
> * {{java:S1149}}
> * {{java:S1989}}
> * {{java:S2226}}
> * {{java:S3077}}
> * {{java:S6212}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (SLING-10506) Document inappropriate Sonar rules

2021-06-22 Thread Konrad Windszus (Jira) 


[ 
https://issues.apache.org/jira/browse/SLING-10506?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17367063#comment-17367063
 ] 

Konrad Windszus commented on SLING-10506:
-

[~olli] Do you know a way how to look up the rule by rule ID in 
https://rules.sonarsource.com/? They seem to be sorted by JIRA ID from 
https://jira.sonarsource.com/projects/RSPEC

> Document inappropriate Sonar rules
> --
>
> Key: SLING-10506
> URL: https://issues.apache.org/jira/browse/SLING-10506
> Project: Sling
>  Issue Type: Task
>  Components: Build and Source Control, CI
>Reporter: Oliver Lietz
>Assignee: Oliver Lietz
>Priority: Major
>
> * {{java:S100}}
> * {{java:S112}}
> * {{java:S1117}}
> * {{java:S1149}}
> * {{java:S1989}}
> * {{java:S2226}}
> * {{java:S3077}}
> * {{java:S6212}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)