aboutsummaryrefslogtreecommitdiff
path: root/connector/checks/spotbugs-exclude.xml
diff options
context:
space:
mode:
Diffstat (limited to 'connector/checks/spotbugs-exclude.xml')
-rw-r--r--connector/checks/spotbugs-exclude.xml36
1 files changed, 0 insertions, 36 deletions
diff --git a/connector/checks/spotbugs-exclude.xml b/connector/checks/spotbugs-exclude.xml
deleted file mode 100644
index bb41eb27..00000000
--- a/connector/checks/spotbugs-exclude.xml
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<FindBugsFilter>
- <Match>
- <!-- Write only application status into response. Should be removed if we switch to Spring Actuator -->
- <Class name="at.asitplus.eidas.specific.connector.controller.MonitoringController" />
- <Method name="startSingleTests" />
- <Bug pattern="XSS_SERVLET" />
- </Match>
- <Match>
- <!-- CSFR protection is implemented by pendingRequestId that is an one-time token
- Endpoint for Metadata generation can be unrestrected by design -->
- <OR>
- <Class name="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
- <Class name="at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint" />
- </OR>
- <OR>
- <Method name="performGenericAuthenticationProcess" />
- <Method name="pvpMetadataRequest" />
- </OR>
- <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />
- </Match>
- <Match>
- <!-- Path to application configuration is trusted -->
- <Class name="at.asitplus.eidas.specific.connector.MsSpecificSpringBootApplicationContextInitializer" />
- <Bug pattern="PATH_TRAVERSAL_IN" />
- </Match>
- <Match>
- <!-- Builder pattern does not expose date elements -->
- <OR>
- <Class name="at.asitplus.eidas.specific.connector.health.IgniteClusterHealthIndicator" />
- </OR>
- <OR>
- <Bug pattern="EI_EXPOSE_REP2" />
- </OR>
- </Match>
-</FindBugsFilter>