Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: Java Security Ultimate Security Repo Scanner 2023 #5339

Closed
wants to merge 1 commit into from
Closed

refactor: Java Security Ultimate Security Repo Scanner 2023 #5339

wants to merge 1 commit into from

Conversation

caytec
Copy link

@caytec caytec commented Oct 18, 2023

@caytec @TeamModerne
refactor: Java Security Ultimate Security Repo Scanner 2023
8af28ba 
Disclaimer: Automated Commit Alert

Please be aware that this commit, generated through automated processes, may contain false alerts or not be precisely targeted. This automated commit is part of a large-scale effort to enhance software security over time. It is sent to various repositories to improve code quality and security. Exercise caution when reviewing the changes, and ensure that any necessary adjustments are made to maintain the integrity and functionality of the software.

Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/TkgUEiqd7?organizationId=RWNsaXBzZSBGb3VuZGF0aW9u

Co-authored-by: Moderne <team@moderne.io>
@melloware
Copy link
Contributor

@caytec can you run this on Apache MyFaces Core as well: https://github.com/apache/myfaces

@BalusC
Copy link
Contributor

BalusC commented Oct 21, 2023

Point taken but code isn't DRY.

@BalusC
Copy link
Contributor

BalusC commented Oct 21, 2023

Build is failing.

 Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.1:compile (default-compile) on project mojarra: Compilation failure
Error:  /home/runner/work/mojarra/mojarra/impl/src/main/java/com/sun/faces/util/Util.java:[282,31] unreported exception javax.xml.transform.TransformerConfigurationException; must be caught or declared to be thrown

Looks like this all is automated. I think I'll reject the PR and take at my own hands.

BalusC added a commit that referenced this pull request Oct 21, 2023
@BalusC
Improved impl of #5339
14dc7d7
@BalusC BalusC mentioned this pull request Oct 21, 2023
Merged
@BalusC
Copy link
Contributor

BalusC commented Oct 22, 2023

Taking a second look, I'm wondering if it should really throw ISE and thus kill the app when a specific feature isn't supported by the JAXP impl? I see one feature using apache.org namespace which will clearly work on e.g. Xerces, but what if a non-apache-vended JAXP impl is used (frankly none comes to mind and Saxon is dead but it doesn't mean that it is impossible). What's the harm of just continuing?

BalusC added a commit that referenced this pull request Oct 22, 2023
@BalusC
Further improved impl of #5339
886f1bc
@mnriem
Copy link
Contributor

mnriem commented Oct 26, 2023

@BalusC Can this PR be closed out in favor of #5343

@BalusC BalusC closed this Oct 28, 2023
BalusC added a commit that referenced this pull request Oct 28, 2023
@BalusC
Merge pull request #5343 from eclipse-ee4j/mojarra_pr_5339_improved_impl
3456fc8 
Improved impl of #5339
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@caytec @melloware @BalusC @mnriem