Configure XStream security feature && define only needed converters - Githubissues

cnescatlab / sonar-hadolint-plugin

sonar-hadolint-plugin is a SonarQube plugin used to integrate Hadolint results

GNU General Public License v3.0

12 stars 0 forks source link

Configure XStream security feature && define only needed converters #8

Closed Sancretor closed 4 years ago

Sancretor commented 4 years ago

Proposed changes

Configure XStream security feature to avoid a security warning in SonarQube logs. Explicitly define the list of XStream Converters needed, to avoid the ones that generates warnings in Java 9+.

Types of changes

[x] Bugfix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
[ ] Documentation Update (if none of the other choices apply)

Issues closed by changes

[x] Close #4

Checklist

[x] I have read the CONTRIBUTING doc
[x] I agree with the CODE OF CONDUCT
[x] Lint and unit tests pass locally with my changes
[x] SonarCloud and Travis CI tests pass with my changes
[x] I have added tests that prove my fix is effective or that my feature works
[x] I have added necessary documentation (if appropriate)
[x] Any dependent changes have been merged and published in downstream modules

sonarcloud[bot] commented 4 years ago

Kudos, SonarCloud Quality Gate passed!

0 Bugs
0 Vulnerabilities (and 0 Security Hotspots to review)
0 Code Smells

100.0% Coverage
0.0% Duplication