Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix security warning. #643

Merged
merged 2 commits into from
Dec 5, 2019
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -77,5 +77,5 @@ public interface SupportsBatchCreation<ResourceT extends Indexable> {
* @param creatables the list of creatables in the batch
* @return a handle to cancel the request
*/
ServiceFuture<CreatedResources<ResourceT>> createAsync(final ServiceCallback<CreatedResources<ResourceT>> callback, List<Creatable<ResourceT>> creatables);
ServiceFuture<CreatedResources<ResourceT>> createAsync(ServiceCallback<CreatedResources<ResourceT>> callback, List<Creatable<ResourceT>> creatables);
}
Original file line number Diff line number Diff line change
@@ -39,7 +39,7 @@ public interface Creatable<T> extends
* @return a handle to cancel the request
*/
@Method
ServiceFuture<T> createAsync(final ServiceCallback<T> callback);
ServiceFuture<T> createAsync(ServiceCallback<T> callback);

/**
* Puts the request into the queue and allow the HTTP client to execute
14 changes: 7 additions & 7 deletions build-tools/src/main/resources/checkstyle.xml
Original file line number Diff line number Diff line change
@@ -31,11 +31,7 @@
-->

<module name="Checker">
<module name="SuppressWithNearbyCommentFilter">
<property name="commentFormat" value="CHECKSTYLE IGNORE (\w+) FOR NEXT (\d+) LINE"/>
<property name="checkFormat" value="$1"/>
<property name="influenceFormat" value="$2"/>
</module>

<module name="SuppressionFilter">
<property name="file" value="${samedir}/suppressions.xml"/>
<property name="optional" value="true"/>
@@ -84,11 +80,17 @@
</module>

<module name="TreeWalker">
<module name="SuppressWithNearbyCommentFilter">
<property name="commentFormat" value="CHECKSTYLE IGNORE (\w+) FOR NEXT (\d+) LINE"/>
<property name="checkFormat" value="$1"/>
<property name="influenceFormat" value="$2"/>
</module>
<!-- Checks for Javadoc comments. -->
<!-- See http://checkstyle.sf.net/config_javadoc.html -->

<module name="JavadocMethod">
<property name="scope" value="public"/>
<property name="allowMissingParamTags" value="true"/>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this needed?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are too many warnings about violation of this rule. Given this, I suppress this temporarily. If the security work is not urgent, I would like to fix the issue on generator and then on the fluent code base.

</module>
<module name="JavadocType">
<property name="scope" value="public"/>
@@ -173,8 +175,6 @@
<!-- See http://checkstyle.sf.net/config_modifiers.html -->
<module name="ModifierOrder"/>
<module name="RedundantModifier"/>
<module name="FileContentsHolder"/>
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this removed? From the docs it seems this is needed if used in conjunction with SuppressWithNearbyCommentFilter: https://checkstyle.sourceforge.io/version/6.18/config_filters.html#SuppressWithNearbyCommentFilter

Usage: This filter only works in conjunction with a FileContentsHolder, since that check makes the suppression comments in the Java files available. A configuration that includes this filter must configure FileContentsHolder as a child module of TreeWalker.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to this release note: https://checkstyle.sourceforge.io/releasenotes.html#Release_8.2, this is not necessary again after version 8.2. Here we use 8.24 to make it consist with the latest setup on the azure-sdk-for-java-repo.



<!-- Checks for blocks. You know, those {}'s -->
<!-- See http://checkstyle.sf.net/config_blocks.html -->
Original file line number Diff line number Diff line change
@@ -31,15 +31,15 @@ public interface ResponseBuilder<T, E extends RestException> {
* @param type the type to deserialize.
* @return the same builder instance.
*/
ResponseBuilder<T, E> register(int statusCode, final Type type);
ResponseBuilder<T, E> register(int statusCode, Type type);

/**
* Register a destination type for errors with models.
*
* @param type the type to deserialize.
* @return the same builder instance.
*/
ResponseBuilder<T, E> registerError(final Class<? extends RestException> type);
ResponseBuilder<T, E> registerError(Class<? extends RestException> type);

/**
* Build a ServiceResponse instance from a REST call response and a
@@ -129,6 +129,6 @@ interface Factory {
* @param serializerAdapter the serializer adapter to deserialize the response
* @return a response builder instance
*/
<T, E extends RestException> ResponseBuilder<T, E> newInstance(final SerializerAdapter<?> serializerAdapter);
<T, E extends RestException> ResponseBuilder<T, E> newInstance(SerializerAdapter<?> serializerAdapter);
}
}
Original file line number Diff line number Diff line change
@@ -67,5 +67,5 @@ public interface SerializerAdapter<T> {
* @return the deserialized object.
* @throws IOException exception in deserialization
*/
<U> U deserialize(String value, final Type type) throws IOException;
<U> U deserialize(String value, Type type) throws IOException;
}
8 changes: 4 additions & 4 deletions pom.xml
Original file line number Diff line number Diff line change
@@ -89,14 +89,14 @@
<version>2.5.0</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>2.9.10.1</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.datatype</groupId>
<artifactId>jackson-datatype-joda</artifactId>
<version>2.9.10</version>
<version>2.10.0</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
@@ -147,7 +147,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-checkstyle-plugin</artifactId>
<version>2.17</version>
<version>3.1.0</version>
<dependencies>
<dependency>
<groupId>com.microsoft.azure</groupId>
@@ -157,7 +157,7 @@
<dependency>
<groupId>com.puppycrawl.tools</groupId>
<artifactId>checkstyle</artifactId>
<version>6.18</version>
<version>8.24</version>
</dependency>
</dependencies>
<configuration>