jeremydmiller
commented
3 years ago @carlosrfernandez Got it. This will be removed in 5.1 that'll be released in the next day or two.
Closed carlosrfernandez closed 3 years ago
jeremydmiller
commented
3 years ago @carlosrfernandez Got it. This will be removed in 5.1 that'll be released in the next day or two.
Hi,
The LamarCompiler has been flagged in our Pipeline by static code analysis.
We know that this is a false positive because this extension method is just used to generate an integer (and not to actually protect any data).
After cloning the repository, we've seen that the ToHash extension isn't actually used anywhere on Lamar's codebase.
The extension method in question is: https://github.com/JasperFx/lamar/blob/3a4a744db889b582ae57f6e01c5fa5bdec765e30/src/LamarCodeGeneration/Util/StringExtensions.cs#L222
To avoid future flagging (we've temporarily disabled the report) it would be interesting to see if it's possible to perform any of these changes:
I'd be happy to create a PR with the preferred changes if any.
I know it's very low priority but in our pipeline we're forced to use static code analysis, and anything that gets flagged has to be reviewed in depth.