From dev-return-128467-archive-asf-public=cust-asf.ponee.io@maven.apache.org  Mon Jun 17 14:03:50 2019
Return-Path: <dev-return-128467-archive-asf-public=cust-asf.ponee.io@maven.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [207.244.88.153])
	by mx-eu-01.ponee.io (Postfix) with SMTP id 43B8B18062B
	for <archive-asf-public@cust-asf.ponee.io>; Mon, 17 Jun 2019 16:03:50 +0200 (CEST)
Received: (qmail 13859 invoked by uid 500); 17 Jun 2019 14:03:49 -0000
Mailing-List: contact dev-help@maven.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:dev-unsubscribe@maven.apache.org>
List-Help: <mailto:dev-help@maven.apache.org>
List-Post: <mailto:dev@maven.apache.org>
List-Id: "Maven Developers List" <dev.maven.apache.org>
Reply-To: "Maven Developers List" <dev@maven.apache.org>
Delivered-To: mailing list dev@maven.apache.org
Received: (qmail 13845 invoked by uid 99); 17 Jun 2019 14:03:49 -0000
Received: from Unknown (HELO mailrelay1-lw-us.apache.org) (10.10.3.159)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 17 Jun 2019 14:03:49 +0000
Received: from mail-yw1-f42.google.com (mail-yw1-f42.google.com [209.85.161.42])
	by mailrelay1-lw-us.apache.org (ASF Mail Server at mailrelay1-lw-us.apache.org) with ESMTPSA id D1C178BC7
	for <dev@maven.apache.org>; Mon, 17 Jun 2019 14:03:45 +0000 (UTC)
Received: by mail-yw1-f42.google.com with SMTP id t126so5111430ywf.3
        for <dev@maven.apache.org>; Mon, 17 Jun 2019 07:03:45 -0700 (PDT)
X-Gm-Message-State: APjAAAUo4F7XCjlc4uPtNopCd/L56pl0Bfm3WfCYzmyD3RfiJzsbYh53
	Vv1zP1d6cbgtJcqK3P/sIRN+rFHd7RBirxdKl/Y=
X-Google-Smtp-Source: APXvYqyVJ7xeTwGBB4wtcw+Et2vEmKni0dO5DCp9doLSVWO6DTefVnr4bkyPQM/pM8WCqcPbjqkTC/Bjd8MmMqCIrz8=
X-Received: by 2002:a0d:eb4a:: with SMTP id u71mr48493421ywe.432.1560780225604;
 Mon, 17 Jun 2019 07:03:45 -0700 (PDT)
MIME-Version: 1.0
References: <CAHZPrEObF+KGs+_NSP8y7efiV+X8tYu5iXBOZoLb4HSa1auS2A@mail.gmail.com>
In-Reply-To: <CAHZPrEObF+KGs+_NSP8y7efiV+X8tYu5iXBOZoLb4HSa1auS2A@mail.gmail.com>
From: Tibor Digana <tibordigana@apache.org>
Date: Mon, 17 Jun 2019 16:03:30 +0200
X-Gmail-Original-Message-ID: <CAKuVzBTSSm+N02APZ2jx3jN2g5jF+M3cshY7pJ8_znzcpfsDfg@mail.gmail.com>
Message-ID: <CAKuVzBTSSm+N02APZ2jx3jN2g5jF+M3cshY7pJ8_znzcpfsDfg@mail.gmail.com>
Subject: Re: maven libraries Fortify Static Code Analyzer
To: James Pussett <jamespussett@gmail.com>, Maven Developers List <dev@maven.apache.org>
Cc: Robert Scholte <rfscholte@apache.org>, =?UTF-8?Q?Arnaud_H=C3=A9ritier?= <aheritier@apache.org>, 
	andham@apache.org, baerrach@apache.org, bimargulies@apache.org, 
	brianf@apache.org, cstamas@apache.org, dennisl@apache.org, dkulp@apache.org, 
	evenisse@apache.org, =?UTF-8?Q?Guillaume_Bou=C3=A9?= <gboue@apache.org>, 
	=?UTF-8?Q?Herv=C3=A9_Boutemy?= <hboutemy@apache.org>, igor@ifedorenko.com, 
	jason@maven.org, khmarbaise@apache.org, 
	Kristian Rosenvold <krosenvold@apache.org>, Olivier Lamy <olamy@apache.org>, 
	Michael Osipov <michaelo@apache.org>, rgoers@apache.org, snicoll@apache.org, 
	Stephen Connolly <stephenc@apache.org>, vsiveton@apache.org, wfay@apache.org, 
	adangel@apache.org, bdemers@apache.org, bentmann@apache.org, 
	chrisgwarp@apache.org, brett@apache.org, dfabulich@apache.org, 
	fgiust@apache.org, godin@apache.org, handyande@apache.org, imod@apache.org, 
	ltheussl@apache.org, markh@apache.org, 
	Mirko Friedenhagen <mfriedenhagen@apache.org>, mmoser@apache.org, pgier@apache.org, 
	ptahchiev@apache.org, rafale@apache.org, 
	Christian Schulte <schulte@apache.org>, simonetripodi@apache.org, sor@apache.org, 
	struberg@apache.org, tchemit@apache.org, vmassol@apache.org, 
	agudian@apache.org, carlos@apache.org, epunzalan@apache.org, 
	jdcasey@apache.org, jmcconnell@apache.org, joakime@apache.org, 
	jruiz@apache.org, jtolentino@apache.org, kenney@apache.org, mperham@gmail.com, 
	pschneider@gmail.com, trygvis@apache.org, wsmoak@apache.org
Content-Type: multipart/alternative; boundary="000000000000eb75ed058b8576bd"

--000000000000eb75ed058b8576bd
Content-Type: text/plain; charset="UTF-8"

Hi James,

Added to dev mailing list.

Perhaps nice but it does not help, due to you wont find any critical issues
since at least the PMD is running in our project builds.
I would appreciate if you participate at GitHub in Maven because this is
the physical help and fix these issues in pullrequests.
I am able to fix the isses at the time I develop the code. So I use
IntelliJ IDEA and its inspection of code helps me to minimize issues before
the first commit. So these statistics would be quite good and not real
issues will be found, maybe some cosmetic issues only. The behavioral
issues wont be easily found and this is the key point to fix those. You are
welcome to contribute!

Cheers
Tibor17


On Mon, Jun 17, 2019 at 9:13 AM James Pussett <jamespussett@gmail.com>
wrote:

> Dear Sr
>
> I am working with the libraries
>
> maven-compiler-plugin-3.8.0
>
> maven-pmd-plugin-3.11.0
>
> maven-surefire-plugin-2.22.1
>
> maven-war-plugin-3.2.2
>
> I decided to scan it with "Fortify Static Code Analyzer" founding some
> issues in the library
>
> The issues report is attached to this email
>
> Regards
>

--000000000000eb75ed058b8576bd--