Re: Establishment of Static Source Code Analysis

Such bugs and vulnerabilities can be detected by Sonar (NUTCH-1109) as you know. This is not accessible: https://svn.apache.org/repos/asf/nutch/site/publish/sonar.html#Sonar+Analysis it could be nice to check them periodically via a dashboard. On Fri, Jun 16, 2017 at 12:35 PM, Julien Nioche <

Re: Establishment of Static Source Code Analysis

More seriously, no idea who's done it but it is useful feedback. A similar company (DevFactory) contributed to StormCrawler some time ago. Also reminds me of the discussion we had around Sonar in crawler-commons

Re: Establishment of Static Source Code Analysis

> > Russian compatriots Are we all Russian then? On 16 June 2017 at 04:29, lewis john mcgibbney wrote: > Hi Folks, > I don't know if anyone else noticed... some of our Russian compatriots > have set up a static auto bot to notify us of source code issues... > An example

Establishment of Static Source Code Analysis

Hi Folks, I don't know if anyone else noticed... some of our Russian compatriots have set up a static auto bot to notify us of source code issues... An example is as follows https://issues.apache.org/jira/browse/NUTCH-2394 I think this is great to be honest... with some peer review I think we