merged 2 PRs Svetlin, build will run on https://ci.apache.org/builders/tomee-trunk-ubuntu soon
Romain Manni-Bucau @rmannibucau <https://twitter.com/rmannibucau> | Blog <https://blog-rmannibucau.rhcloud.com> | Old Wordpress Blog <http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> | LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber <http://www.tomitribe.com> | JavaEE Factory <https://javaeefactory-rmannibucau.rhcloud.com> 2016-09-16 9:21 GMT+02:00 Svetlin Zarev <svetlin.angelov.za...@gmail.com>: > I've cleaned up the PR to make it more readable. I'll be grateful for any > comments. > > Svetlin > > 2016-09-14 16:15 GMT+03:00 Svetlin Zarev <svetlin.angelov.za...@gmail.com > >: > > > Hi, > > > > I think I've fixed[1] all stream leaks to files or streams opened by > > classLoader.getResoureAsStream(). I intentionally ignored all streams > > opened bu UrlConnection, because the issue with the connection pooling > has > > to be researched. I also reopened [2] because the patch is only for > > slurp(File) and not for slurp(URL) or slurp(InputStream) which should not > > close the stream. > > > > [1] https://github.com/apache/tomee/pull/44 > > [2] https://github.com/apache/tomee/pull/40 > > > > Svetlin > > > > 2016-09-14 10:58 GMT+03:00 Romain Manni-Bucau <rmannibu...@gmail.com>: > > > >> Tomee is java 7 for 7.x by spec do java 8 is not an option > >> > >> On the fixes: ensure to unit test each non trivial fix but you can put > all > >> the "same" category ones in the same pr. Like "ensure streams are > closed". > >> Side note on this particular one: since we pool connections sometimes > >> closing the stream would break it at runtime so unit testing is > mandatory. > >> > >> Thanks to have a look to that > >> > >> Le 14 sept. 2016 09:48, "Mitia Alexandrov" <mitiaalexand...@gmail.com> > a > >> écrit : > >> > >> > Hello, > >> > I've made several such runs from Idea but mainly for Java 8fy reasons. > >> > There are also several thousand places where the code may be rewritten > >> with > >> > java 8 constructions. > >> > > >> > Regards, > >> > > >> > Mitia > >> > > >> > 2016-09-14 10:35 GMT+03:00 Svetlin Zarev > <svetlin.angelov.zarev@gmail.c > >> om > >> > >: > >> > > >> > > Dear TomEE developers, > >> > > > >> > > I've been running static code analysis (fortify) against TomEE 7 and > >> as a > >> > > result I have a list of more than 8000 potential issues (I hope most > >> of > >> > > them are false positives). Unfortunately I'm not allowed to share > the > >> > list > >> > > itself. > >> > > > >> > > Either way I'll have to go through that list and review every single > >> > > report, but it's impractical to open a bug report for every single > >> issue. > >> > > > >> > > So here are my questions: > >> > > * What would be the best way to handle the situation ? > >> > > * What's the minimum severity level that's worth reporting ? > >> > > * Should I open jira tickets for the minot/trivial/bad-practices > >> issues ? > >> > > * Should I provide PullRequests for the low priority issues or just > >> for > >> > the > >> > > higher priority ones? > >> > > > >> > > > >> > > Kind regards, > >> > > Svetlin > >> > > > >> > > >> > > > > >
