search

Adobe-Consulting-Services / acs-aem-commons

http://adobe-consulting-services.github.io/acs-aem-commons/
Apache License 2.0
449 stars 596 forks source link

The AEM Cloud Manager pipeline is failing due to a severity Major error during code scanning. #3189

Open leadstec-fltang opened 9 months ago

leadstec-fltang commented 9 months ago

Required Information

Expected Behavior

The deployment should done correctly

Actual Behavior

The AEM Cloud Manager pipeline is failing due to a severity Major error in code scanning report: image

Steps to Reproduce

Include acs commons bundle dependencies in the following files:

all/pom.xml `

com.adobe.acs 
 <artifactId>acs-aem-commons-all</artifactId>
 <type>zip</type>
 <target>/apps/cic-common-packages/container/install</target>
 <filter>true</filter>
 <isAllVersionsFilter>true</isAllVersionsFilter>

`

`

com.adobe.acs 
        <artifactId>acs-aem-commons-all</artifactId>
        <version>6.2.0</version>
        <type>zip</type>
    </dependency>`

core/pom.xml `

com.adobe.acs 
        <artifactId>acs-aem-commons-bundle</artifactId>
    </dependency>`
kwin commented 9 months ago

Does any of your other packages contain /apps/cq/core as well? I am pretty sure this is a false positive as for overlays it is very common to enforce ancestor nodes with a pattern outlined in https://issues.apache.org/jira/browse/JCRVLT-403?focusedCommentId=17026237&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17026237. This may easily lead to duplicate nodes.