Static analysis tool providers from Prospector Project #866
Conversation
sourabhsparkala
force-pushed
the
issue_730
branch
from
97ae90d to
e78e1b7
Compare
| "The score is N/A because the project does not confirm which languages are used."); | ||
| } | ||
|
|
||
| if (!languages.isUnknown() && !SUPPORTED_LANGUAGES.containsAnyOf(languages.get())) { |
There was a problem hiding this comment.
!languages.isUnknown()
This is not needed right? Anyway the code will reach here only when !languages.isUnknown() :)
sourabhsparkala
force-pushed
the
issue_730
branch
from
7461965 to
5e17df0
Compare
sourabhsparkala
force-pushed
the
issue_730
branch
from
07ef4a7 to
2b1f3e8
Compare
sourabhsparkala
force-pushed
the
issue_730
branch
from
512312f to
e305dc3
Compare
src/main/java/com/sap/oss/phosphor/fosstars/data/AbstractStaticScanToolsDataProvider.java
Outdated
Show resolved
Hide resolved
…cScanToolsDataProvider.java Co-authored-by: ManjunathMS35 <[email protected]>
| */ | ||
| private static final Pattern RUN_STEP_BANDIT_REGEX_PATTERN |
There was a problem hiding this comment.
Isn't it nice to keep this and use it in line 38 and 40 rather than creating Pattern twice.
There was a problem hiding this comment.
There is a slight difference in these regular patterns, the key to search for in the step and then matching the value of the key. But again you are right about the redundancy, i did not find a better way to integrate one predicate and check for everything.
There was a problem hiding this comment.
@ManjunathMS35 lets fix this here #873 ?
| Pattern.compile("^.*securego/gosec.*$", Pattern.DOTALL); | ||
|
|
||
| /** A step config of a GitHub action that triggers GoSec scans with include rule. */ | ||
| private static final Pattern RUN_STEP_GOSEC_WITH_INCLUDE_REGEX_PATTERN = |
There was a problem hiding this comment.
Same as above isn't it nice to create these patterns once and use it in the class?
Fixes #730