Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency and spotbugs #46

Merged
merged 3 commits into from
Aug 2, 2023
Merged

Update dependency and spotbugs #46

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
504c1e8
AT-1468 update dependency and spotbugs to have possibility build proj…
dkovalenkoI Jul 24, 2023
174f1c7
AT-1468 add limited spotbugs exclude matches and explain reason
dkovalenkoI Jul 26, 2023
5a41a62
Merge branch 'main' into dkovalenkoI/AT-1468-Update-Dependency
dkovalenkoI Jul 27, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions jdbc/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,10 +69,10 @@
<argLine>-Duser.timezone=Europe/Paris</argLine>

<!-- Dependency versions -->
<awssdk.version>1.11.870</awssdk.version>
<awssdk.version>1.12.512</awssdk.version>
<guava.version>32.0.0-jre</guava.version>
<junit.jupiter.version>5.6.2</junit.jupiter.version>
<jsoup.version>1.15.3</jsoup.version>
<jsoup.version>1.16.1</jsoup.version>
<mockito.version>2.28.2</mockito.version>
<slf4j.version>1.7.24</slf4j.version>
<timestream.version>1.11.872</timestream.version>
Expand Down Expand Up @@ -198,7 +198,7 @@
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
<version>4.0.4</version>
<version>4.7.3.5</version>
<configuration>
<excludeFilterFile>src/main/spotbugs/spotbugs-exclude.xml</excludeFilterFile>
<xmlOutput>true</xmlOutput>
Expand Down
79 changes: 79 additions & 0 deletions jdbc/src/main/spotbugs/spotbugs-exclude.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,85 @@
<Class name="software.amazon.timestream.jdbc.TimestreamTablesResultSet"/>
<Method name="populateCurrentRows"/>
</Match>

<!--
The errors:
Returning a reference to a mutable object value stored in one of the object's fields exposes the internal representation of the object.
If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties, you will need to do something different.
Returning a new copy of the object is better approach in many situations.

The code should allow users to be responsible for changing the state of the objects
-->
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamStatement"/>
<Method name="getWarnings"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamStatement"/>
<Method name="getResultSet"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamStatement"/>
<Method name="getConnection"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamStatement"/>
<Method name="executeQuery"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamPooledConnection"/>
<Method name="getConnection"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamDriver"/>
<Method name="getParentLogger"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamDatabaseMetaData"/>
<Method name="getConnection"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamDataSource"/>
<Method name="getParentLogger"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamConnection"/>
<Method name="getWarnings"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamConnection"/>
<Method name="getTypeMap"/>
</Match>
<Match>
<Bug pattern="EI_EXPOSE_REP"/>
<Class name="software.amazon.timestream.jdbc.TimestreamConnection"/>
<Method name="getMetaData"/>
</Match>

<!--
The errors:
This code stores a reference to an externally mutable object into the internal representation of the object.
If instances are accessed by untrusted code, and unchecked changes to the mutable object would compromise security or other important properties,
you will need to do something different. Storing a copy of the object is better approach in many situations.

The code should allow to set external connection to the internal representation
-->
<Match>
<Bug pattern="EI_EXPOSE_REP2"/>
<Class name="software.amazon.timestream.jdbc.TimestreamDatabaseMetaData"/>
<Method name="&lt;init&gt;"/>
</Match>

<Match>
<!--The proper solution to this issue would be using Prepared Statement to construct
a pre-compiled SQL query, and currently the driver does not support Prepared Statement,
Expand Down
Loading