date:20221216

Re: Minutes: JDO TCK Conference Call Thursday December 15 1100 PST 2000 CET

2022-12-16 Thread Craig Russell

Hi Til,

Marking the issue as false positive seems to be better than modifying the code.

I'm also thinking that SonarCloud might pay more attention to false positives 
than to NOSONAR in the code...

Craig

> On Dec 16, 2022, at 08:05, Tilmann  wrote:
> 
> 
> > 4. JIRA JDO-819 "Code quality analysis"
> https://issues.apache.org/jira/browse/JDO-819
> 
> 
> I forgot to mention, instead of '// NOSONAR' it is also easily possible
> to mark problems as "false positive" in the web UI.
> 
> In my opinion this would be preferred over '// NOSONAR' because using
> the web UI avoids cluttering the code with '// NOSONAR' statements.
> 
> Maybe something to discuss in the next meeting.
> 
> Best,
> 
> Til
> 
> 
> On 16.12.22 16:49, Craig Russell wrote:
>> Attendees: Michael Bouschen, Tilmann Zäschke, Tobias Bouschen, Craig Russell
>> 
>> Next meeting: Thursday December 29 1100 PST 2000 CET
>> 
>> Agenda:
>> 
>> 1. Derby vulnerability
>> See https://issues.apache.org/jira/browse/DERBY-7147 
>> 
>> 
>> No rush to upgrade Derby from 10.14.2 (current JDO dependency for tck) to 
>> 10.14.3 (fixed version). The tck does not use LDAP which is the attack 
>> vector.
>> AI Michael look into upgrading.
>> 
>> 2. JIRA JDO-820: "Clean up copyright NOTICE and references": 
>> https://issues.apache.org/jira/browse/JDO-820
>> Ist there anything left?
>> Nothing left. Resolved.
>> 
>> Which Fix Version do we want to use?
>> Next version whatever that is. 3.2.2 and 3.3
>> 
>> 3. JIRA JDO-821: "Fix sonarcloud issues of type Bugs" 
>> https://issues.apache.org/jira/browse/JDO-821
>> See PR #65: https://github.com/apache/db-jdo/pull/65 
>> 
>> 
>> 4. JIRA JDO-819 "Code quality analysis" 
>> https://issues.apache.org/jira/browse/JDO-819 
>> 
>> 
>> Changes in PR#65 can be merged.
>> Tilmann is looking at the SonarCloud "security" issues. Seem to be innocuous.
>> 
>> Still more SonarCloud issues (code smell) to address. For example:
>> https://sonarcloud.io/project/issues?issues=AYTeBPbL_-S9Jt7nsSUW=AYTeBPbL_-S9Jt7nsSUW=db-jdo
>>  
>> 
>> 
>> Every subclass of JDOUserException smells. Not really an issue for us.
>> 
>> Anyone who looks into a SonarCloud issue should add a comment to the JDO-819 
>> JIRA with the analysis and resolution and possibly a PR. At some point we 
>> may close the issue after the items are low enough importance.
>> 
>> 5. JIRA JDO-709 "Standardize field/property converters" 
>> https://issues.apache.org/jira/browse/JDO-709
>> 
>> 6. JIRA JDO-815 "Change headers on source files to use https:// instead of 
>> http:// " https://issues.apache.org/jira/browse/JDO-815 
>> 
>> 
>> Ready to resolve.
>> AI Craig resolve it.
>> 
>> 7. JIRA JDO-822: "Verify compatibility with JDK 20" 
>> https://issues.apache.org/jira/browse/JDO-822 
>> 
>> 
>> 8. JIRA JDO-812 "Move to JDK 11 as the lowest supported version" 
>> https://issues.apache.org/jira/browse/JDO-812
>> 
>> 9. Other issues
>> 
>> Action Items from weeks past:
>> 
>> [Nov 23 2022] AI Tilmann see what else is needed to have the analysis 
>> integrated into GitHub repo.
>> [Nov 23 2022] AI Tilmann follow up with Andy/DataNucleus for his advice on 
>> JDO-709.
>> [Oct 20 2022] AI Craig update the JIRA JDO-709 to request a test case using 
>> annotations and results of the test.
>> [Dec 09 2021] AI Craig: Try to contact all current/former participants in 
>> JDO development and see if and how they want to be recognized on the JDO and 
>> DB web sites.https://db.apache.org/whoweare.html
>> [Oct 07 2021] AI Craig send a private message to all JSR-243 Expert Group 
>> members asking if they wish to continue.
>> [Mar 25 2021] AI Craig: investigate "merging" papajdo and apache.clr accounts
>> [Oct 17 2014] AI Matthew any updates for "Modify specification to address 
>> NoSQL datastores" https://issues.apache.org/jira/browse/JDO-651
>> 
>> Craig L Russell
>> c...@apache.org
>> 
>> 

Craig L Russell
c...@apache.org

Re: Minutes: JDO TCK Conference Call Thursday December 15 1100 PST 2000 CET

2022-12-16 Thread Tilmann

> 4. JIRA JDO-819 "Code quality analysis"
https://issues.apache.org/jira/browse/JDO-819

I forgot to mention, instead of '// NOSONAR' it is also easily possible
to mark problems as "false positive" in the web UI.

In my opinion this would be preferred over '// NOSONAR' because using
the web UI avoids cluttering the code with '// NOSONAR' statements.

Maybe something to discuss in the next meeting.

Best,

Til

On 16.12.22 16:49, Craig Russell wrote:

Attendees: Michael Bouschen, Tilmann Zäschke, Tobias Bouschen, Craig Russell

Next meeting: Thursday December 29 1100 PST 2000 CET

Agenda:

1. Derby vulnerability
See https://issues.apache.org/jira/browse/DERBY-7147

No rush to upgrade Derby from 10.14.2 (current JDO dependency for tck) to
10.14.3 (fixed version). The tck does not use LDAP which is the attack vector.
AI Michael look into upgrading.

2. JIRA JDO-820: "Clean up copyright NOTICE and references":
https://issues.apache.org/jira/browse/JDO-820
Ist there anything left?
Nothing left. Resolved.

Which Fix Version do we want to use?
Next version whatever that is. 3.2.2 and 3.3

3. JIRA JDO-821: "Fix sonarcloud issues of type Bugs"
https://issues.apache.org/jira/browse/JDO-821
See PR #65: https://github.com/apache/db-jdo/pull/65

4. JIRA JDO-819 "Code quality analysis" https://issues.apache.org/jira/browse/JDO-819

Changes in PR#65 can be merged.
Tilmann is looking at the SonarCloud "security" issues. Seem to be innocuous.

Still more SonarCloud issues (code smell) to address. For example:
https://sonarcloud.io/project/issues?issues=AYTeBPbL_-S9Jt7nsSUW=AYTeBPbL_-S9Jt7nsSUW=db-jdo

Every subclass of JDOUserException smells. Not really an issue for us.

Anyone who looks into a SonarCloud issue should add a comment to the JDO-819
JIRA with the analysis and resolution and possibly a PR. At some point we may
close the issue after the items are low enough importance.

5. JIRA JDO-709 "Standardize field/property converters"
https://issues.apache.org/jira/browse/JDO-709

6. JIRA JDO-815 "Change headers on source files to use https:// instead of http:// "
https://issues.apache.org/jira/browse/JDO-815

Ready to resolve.
AI Craig resolve it.

7. JIRA JDO-822: "Verify compatibility with JDK 20"
https://issues.apache.org/jira/browse/JDO-822

8. JIRA JDO-812 "Move to JDK 11 as the lowest supported version"
https://issues.apache.org/jira/browse/JDO-812

9. Other issues

Action Items from weeks past:

[Nov 23 2022] AI Tilmann see what else is needed to have the analysis
integrated into GitHub repo.
[Nov 23 2022] AI Tilmann follow up with Andy/DataNucleus for his advice on
JDO-709.
[Oct 20 2022] AI Craig update the JIRA JDO-709 to request a test case using
annotations and results of the test.
[Dec 09 2021] AI Craig: Try to contact all current/former participants in JDO
development and see if and how they want to be recognized on the JDO and DB web
sites.https://db.apache.org/whoweare.html
[Oct 07 2021] AI Craig send a private message to all JSR-243 Expert Group
members asking if they wish to continue.
[Mar 25 2021] AI Craig: investigate "merging" papajdo and apache.clr accounts
[Oct 17 2014] AI Matthew any updates for "Modify specification to address NoSQL
datastores" https://issues.apache.org/jira/browse/JDO-651

Craig L Russell
c...@apache.org

Minutes: JDO TCK Conference Call Thursday December 15 1100 PST 2000 CET

2022-12-16 Thread Craig Russell

Attendees: Michael Bouschen, Tilmann Zäschke, Tobias Bouschen, Craig Russell

Next meeting: Thursday December 29 1100 PST 2000 CET

Agenda:

1. Derby vulnerability
See https://issues.apache.org/jira/browse/DERBY-7147

No rush to upgrade Derby from 10.14.2 (current JDO dependency for tck) to
10.14.3 (fixed version). The tck does not use LDAP which is the attack vector.
AI Michael look into upgrading.

2. JIRA JDO-820: "Clean up copyright NOTICE and references":
https://issues.apache.org/jira/browse/JDO-820
Ist there anything left?
Nothing left. Resolved.

Which Fix Version do we want to use?
Next version whatever that is. 3.2.2 and 3.3

3. JIRA JDO-821: "Fix sonarcloud issues of type Bugs"
https://issues.apache.org/jira/browse/JDO-821
See PR #65: https://github.com/apache/db-jdo/pull/65

4. JIRA JDO-819 "Code quality analysis"
https://issues.apache.org/jira/browse/JDO-819

Changes in PR#65 can be merged.
Tilmann is looking at the SonarCloud "security" issues. Seem to be innocuous.

Still more SonarCloud issues (code smell) to address. For example:
https://sonarcloud.io/project/issues?issues=AYTeBPbL_-S9Jt7nsSUW=AYTeBPbL_-S9Jt7nsSUW=db-jdo

Every subclass of JDOUserException smells. Not really an issue for us.

5. JIRA JDO-709 "Standardize field/property converters"
https://issues.apache.org/jira/browse/JDO-709

6. JIRA JDO-815 "Change headers on source files to use https:// instead of
http:// " https://issues.apache.org/jira/browse/JDO-815

Ready to resolve.
AI Craig resolve it.

7. JIRA JDO-822: "Verify compatibility with JDK 20"
https://issues.apache.org/jira/browse/JDO-822

8. JIRA JDO-812 "Move to JDK 11 as the lowest supported version"
https://issues.apache.org/jira/browse/JDO-812

9. Other issues

Action Items from weeks past:

Craig L Russell
c...@apache.org

Re: Minutes: JDO TCK Conference Call Thursday December 15 1100 PST 2000 CET

Re: Minutes: JDO TCK Conference Call Thursday December 15 1100 PST 2000 CET

Minutes: JDO TCK Conference Call Thursday December 15 1100 PST 2000 CET

3 matches

Site Navigation

Mail list logo

Footer information