Guillaume Toison

icon location France icon location Software engineer with an interest on static analysis, testing and avoiding bugs in general.

Results 231 comments of Guillaume Toison

Prefix matching behavior of SuppressFBWarnings makes it impossible to suppress just one warning

I've submitted a draft PR (#3102) to illustrate how that would work, any comment is welcome!

Prefix matching behavior of SuppressFBWarnings makes it impossible to suppress just one warning

This was fixed by #3102 in the upcoming release

MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT false positive in 4.8.4

Hello @isuckatcs, maybe this changed with #2895, could you please have a look a this issue ?

MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT false positive in 4.8.4

The scenario where a native library is used with a custom ObjectInputStream seems very far-fetched to me too. The assumption is that the attacker might control the data in the...

MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT false positive in 4.8.4

I've submitted PR #3029, any feedback is appreciated

MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT false positive in 4.8.4

Hello @garydgregory, the fix will be in version 4.9.0, it is not released yet

Stylesheet not working in 4.8.4

Hello @Vogel612, I'm not sure how this was working but I was wondering if this could be a side effect of #2894

Stylesheet not working in 4.8.4

I think the xsl is part of SpotBugs: https://github.com/spotbugs/spotbugs/blob/master/spotbugs/src/xsl/fancy-hist.xsl I was wondering about the version change for the filter xsd too, that might be the problem

Stylesheet not working in 4.8.4

@Vogel612 if the issue is indeed with #2894 I think that the improvement in the PR is not worth the regressions reported here? Would you be able to look into...

Try-with-resources and java9 shows bugs

Is there still an interest in getting this fixed? The issue is fixed in JDK 11 and JDK was not LTS so probably not many users remained on that version