-
Notifications
You must be signed in to change notification settings - Fork 1
/
findbugs_exclude.xml
26 lines (20 loc) · 1.41 KB
/
findbugs_exclude.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
<?xml version="1.0" encoding="UTF-8"?>
<FindBugsFilter>
<Match>
<!-- PMB_INSTANCE_BASED_THREAD_LOCAL cannot be suppresed with annotation for whatever reason -->
<!-- CD_CIRCULAR_DEPENDENCY is nuts in fb-contrib 6.6.2 -->
<!-- CRLF_INJECTION_LOGS this is irelevant, devs need to use good log appenders. -->
<!-- RFI_SET_ACCESSIBLE ... JDK 10 suposedly will drop this functionality.... will re-enable when moving to JDK 9 -->
<!-- FII_USE_FUNCTION_IDENTITY has a lot of false positives that are fixed in next fb-contrib -->
<!-- LO_INCORRECT_NUMBER_OF_ANCHOR_PARAMETERS is a valid use case with my prefered backends -->
<Bug pattern="LO_INCORRECT_NUMBER_OF_ANCHOR_PARAMETERS,FII_USE_FUNCTION_IDENTITY,RFI_SET_ACCESSIBLE,CRLF_INJECTION_LOGS,BL_BURYING_LOGIC,CD_CIRCULAR_DEPENDENCY,EXS_EXCEPTION_SOFTENING_HAS_CHECKED,UVA_USE_VAR_ARGS,URF_UNREAD_PUBLIC_OR_PROTECTED_FIELD,MOM_MISLEADING_OVERLOAD_MODEL,EXS_EXCEPTION_SOFTENING_NO_CONSTRAINTS,PMB_INSTANCE_BASED_THREAD_LOCAL,OPM_OVERLY_PERMISSIVE_METHOD,IMC_IMMATURE_CLASS_NO_EQUALS,JAXRS_ENDPOINT" />
</Match>
<Match>
<Class name="~.*Test([.].*)?"/>
<Bug category="SECURITY" />
</Match>
<Match>
<Class name="~.*Test([.].*)?"/>
<Bug pattern="CE_CLASS_ENVY,SEC_SIDE_EFFECT_CONSTRUCTOR,SIC_INNER_SHOULD_BE_STATIC_ANON,BC_UNCONFIRMED_CAST,PREDICTABLE_RANDOM" />
</Match>
</FindBugsFilter>