[Code Analysis] Report by sonarcloud.io

[wing328]

Description

The code analysis report by https://sonarcloud.io/project/issues?id=org.openapitools%3Aopenapi-generator-project&resolved=false&types=BUG uncovers some bugs and vulnerabilities.

openapi-generator version

Latest master

Suggest a fix/enhancement

@ymohdriz is very kind to offer help to fix the bugs in the report. If anyone wants to help out (e.g. fixing the vulnerabilities), please reply to let us know.

[jmini]

Does this mean that someone registered us at sonarcloud? We have issue #33 pending since month...

I think that we can also integrate "sonarcloud.io" with GitHub PRs to get a report of the changes introduced by a PR. We should also investigate this.

[wing328]

Does this mean that someone registered us at sonarcloud? We have issue #33 pending since month...

I submitted openapi-generator to sonarcloud to get the report (free for open source repo) and yes, it's related to the discussion in #33

I think that we can also integrate "sonarcloud.io" with GitHub PRs to get a report of the changes introduced by a PR. We should also investigate this.

Definitely (to avoid running the report/check manually)

[artwo]

Hi all,
I would like to collaborate in this open issue. There are a few improvements to make related to the Sonarcloud reported issues. I'm going to open a PR for this.

[artwo]

Added new PR #10641. I also checked out all of the issues in the sonarcloud report, so this issue can be close after merging the changes.