Alissa Bonas has posted comments on this change.
Change subject: packaging: add find security bugs to pom.xml
......................................................................
Patch Set 1:
(4 comments)
Please see my questions in the patch.
Also, did a findbugs job run on this patch? I didn't see in gerrit comments.
....................................................
File pom.xml
Line 580: </plugin>
Line 581: <!-- FindBugs Static Analysis -->
Line 582: <plugin>
Line 583: <groupId>org.codehaus.mojo</groupId>
Line 584: <artifactId>findbugs-maven-plugin</artifactId>
The findbugs plugin is already defined in this pom, why it needs to be
redefined again? Please explain.
Line 585: <version>2.5.2</version>
Line 586: <configuration>
Line 587: <effort>Max</effort>
Line 588: <threshold>Low</threshold>
Line 581: <!-- FindBugs Static Analysis -->
Line 582: <plugin>
Line 583: <groupId>org.codehaus.mojo</groupId>
Line 584: <artifactId>findbugs-maven-plugin</artifactId>
Line 585: <version>2.5.2</version>
The other declaration of findbugs plugin in this pom uses a variable
"${findbugs.version}", please reuse it here too if indeed additional
declaration of the plugin is needed. (see my other comment above)
Line 586: <configuration>
Line 587: <effort>Max</effort>
Line 588: <threshold>Low</threshold>
Line 589: <failOnError>true</failOnError>
Line 586: <configuration>
Line 587: <effort>Max</effort>
Line 588: <threshold>Low</threshold>
Line 589: <failOnError>true</failOnError>
Line 590:
<includeFilterFile>${session.executionRootDirectory}/findbugs-security-include.xml</includeFilterFile>
Where is the "session.executionRootDirectory" parameter defined? Sorry, didn't
find it, never saw it used in other ovirt pom files...
Line 591:
<excludeFilterFile>${session.executionRootDirectory}/findbugs-security-exclude.xml</excludeFilterFile>
Line 592: <plugins>
Line 593: <plugin>
Line 594: <groupId>com.h3xstream.findsecbugs</groupId>
Line 587: <effort>Max</effort>
Line 588: <threshold>Low</threshold>
Line 589: <failOnError>true</failOnError>
Line 590:
<includeFilterFile>${session.executionRootDirectory}/findbugs-security-include.xml</includeFilterFile>
Line 591:
<excludeFilterFile>${session.executionRootDirectory}/findbugs-security-exclude.xml</excludeFilterFile>
Does defining here an exclude file that points to security exclude
configuration file will override other existing find bugs exclude filters? (non
security ones)
Please explain.
Thanks!
Line 592: <plugins>
Line 593: <plugin>
Line 594: <groupId>com.h3xstream.findsecbugs</groupId>
Line 595: <artifactId>plugin</artifactId>
--
To view, visit http://gerrit.ovirt.org/21828
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I6af60c1a080fcfc40a9b4ac82dbf4e857eca61ac
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Ohad Basan <oba...@redhat.com>
Gerrit-Reviewer: Alissa Bonas <abo...@redhat.com>
Gerrit-Reviewer: Allon Mureinik <amure...@redhat.com>
Gerrit-Reviewer: Alon Bar-Lev <alo...@redhat.com>
Gerrit-Reviewer: David Caro <dcaro...@redhat.com>
Gerrit-Reviewer: Eyal Edri <ee...@redhat.com>
Gerrit-Reviewer: Itamar Heim <ih...@redhat.com>
Gerrit-Reviewer: Juan Hernandez <juan.hernan...@redhat.com>
Gerrit-Reviewer: Ohad Basan <oba...@redhat.com>
Gerrit-Reviewer: Sandro Bonazzola <sbona...@redhat.com>
Gerrit-Reviewer: oVirt Jenkins CI Server
Gerrit-HasComments: Yes
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
