[Builder] [SONARQUBE] identity-inbound-auth-saml_5.3.x: 37 new issues (new debt: 2d 7h)

SonarQube cbuilder at wso2.org
Wed Feb 21 03:39:52 PST 2018


Project: identity-inbound-auth-saml_5.3.x

37 new issues (new debt: 2d 7h)

    Severity
        Blocker: 13    Critical: 13    Major: 11    Minor: 0    Info: 0

    Assignees
        Darshana Gunawardana: 4

    Rules
        Credentials should not be hard-coded (java): 9
        Correctness - Method may return null, but is declared @Nonnull (java): 5
        Child class fields should not shadow parent class fields (java): 3
        Malicious code - May expose internal representation by incorporating reference to mutable object (java): 3
        Correctness - Class relies on internal API classes (java): 2

    Tags
        cwe: 9
        correctness: 9
        cert: 9
        sans-top25-porous: 9
        owasp-a2: 9

    Most impacted files
        SignKeyDataHolder.java: 5
        SAMLSSOAuthnReqDTO.java: 4
        SamlSPMetadataUploadExecutor.java: 3
        SAMLSSOProviderServlet.java: 3
        SAMLQueryRequestUtil.java: 3

See it in SonarQube: https://wso2.org/sonar/component_issues?id=org.wso2.carbon.identity.inbound.auth.saml2%3Aidentity-inbound-auth-saml#createdAt=2018-02-21T17%3A09%3A02%2B0530


More information about the Builder mailing list