Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(fp): Improve suppression for Glassfish Server false positives #7016

Merged
merged 1 commit into from
Oct 8, 2024
Merged

fix(fp): Improve suppression for Glassfish Server false positives #7016

merged 1 commit into from
Oct 8, 2024

Conversation

chadlwilson
Copy link
Contributor

Fixes Issue

Description of Change

Changes existing suppression to more generic, to exclude all org.glassfish maven artifacts other than org.glassfish.main where the main Glassfish Server is published.

Have test cases been added to cover the new functionality?

N/A

@jeremylong jeremylong added this to the 11.0.0 milestone Oct 8, 2024
@jeremylong jeremylong merged commit df35f22 into jeremylong:generatedSuppressions Oct 8, 2024
1 check failed
@chadlwilson chadlwilson deleted the glassfish-fp-fix branch October 8, 2024 12:01
This was referenced Oct 9, 2024
Closed
Closed
Closed
Closed
@Lars5678
Copy link

Lars5678 commented Oct 9, 2024

@chadlwilson Is your RegEx ^pkg:maven/org\.glassfish\.(?!main).*$ correct?

In my case it doesn't recognize pkg:maven/org.glassfish/[email protected].
If I change the RegEx to ^pkg:maven/org\.glassfish(?!\.main).*$ , it works. Please validate again!

@chadlwilson
Copy link
Contributor Author

Sorry? It depends how you define "correct" - I didn't attempt to fix "your case".

I did not attempt to suppress artifacts directly under org.glassfish as that would require reviewing if older components of the Glassfish server were published there which is not easy to do. Remember it's very important to avoid false negatives too.

It's probably OK, and I'll submit another PR to update it. Perhaps you are new to open source, but would suggest in future interactions that you take a bit of time to understand how to interact with other folks appropriately. I am just a contributor trying to improve things; please don't make requests/demands of other people.

@Lars5678
Copy link

Lars5678 commented Oct 9, 2024

I'm sorry. I really like that you provided a solution. And it's also clear to me that you didn't want to solve my case with that. I definitely didn't want to come across as negative. If I have expressed myself incorrectly, I am very sorry. I just wanted to note that I have another case that is not covered by your solution and just ask to check if the RegEx may need to be adjusted before rolling it out. If you think it's not correct then I can handle it.

@chadlwilson chadlwilson mentioned this pull request Oct 9, 2024
Merged
@chadlwilson
Copy link
Contributor Author

Created another PR at #7024. Normally these suppressions are rolled out dynamically without a release, but manual PRs to the generatedSuppressions outside the automated workflow don't get released automatically.

@Lars5678
Copy link

Lars5678 commented Oct 9, 2024

Many thanks!

@labkey-willm labkey-willm mentioned this pull request Oct 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeremylong jeremylong jeremylong approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
11.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@chadlwilson @Lars5678 @jeremylong