tracker issue : CFB-4130102

select a category, or use search below
(searches all categories and all time range)
Title:

Security report doesn't list the line #s.

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Raymond Camden / Raymond Camden (Raymond Camden)

Created: 03/18/2016

Components: Security Code Analyzer

Versions: 2016

Failure Type: Enhancement Request

Found In Build/Fixed In Build: Alpha_v31 /

Priority/Frequency: Trivial / Some users will encounter

Locale/System: English / Mac All

Vote Count: 0

The security report should show line #s. Yes you get markers in the file, but the table of results should tell you the line number.

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4130102

External Customer Info:
External Company: Broadchoice
External Customer Name: Raymond Camden
External Customer Email: raymondcamden@gmail.com
External Test Config:

Attachments:

Comments:

Added By:bukkittu Note Added: I am sorry. My bad. On saving an edited file, Eclipse can give me the latest positions of the markers. I can use these new positions in the security view and update it. Thus, there would be no overhead introduced that I thought initially. Date Added :2015-07-27 08:18:13.0 Added By: PreRelease User User Name:Raymond Camden Note Added: Heh so I'm confused. Your saying you can double click a line in the report and load the line. But you can't print the line? That seems like an odd issue. ;) Date Added :2015-07-24 13:56:49.0 Added By:prk Note Added: Yes, update the code and save it. Then double click will point you to the new line number. Date Added :2015-07-24 13:51:39.0 Added By: PreRelease User User Name:Raymond Camden Note Added: Are you saying that right now, if I update the code, that double clicks still work? Date Added :2015-07-24 13:37:34.0 Added By:bukkittu Note Added: Actually we can double click on each vulnerability in the view which takes you to the line number where the vulnerability exists in the editor. Also, a single left click would give descriptions about the vulnerability in the suggestion box(extreme right pane). If we provide line number as a column in the security analyzer view and we don't update it then the double click would take me to the new line number whereas the line number column would contain the old line number. This results in an inconsistent state. Thus, we have to update the security analyzer view on file edits. Date Added :2015-07-24 13:31:18.0 Added By: PreRelease User User Name:Raymond Camden Note Added: Why would you update the report? Right now the report is only updated when I run a scan again. If you report an issue on line X and I fix it, and then a second issue no longer has the right line #, I'd simply run the report again. And if you can mark it in the file itself, why can't you simply add a line #? Date Added :2015-07-24 12:58:25.0 Added By:bukkittu Note Added: On second thought, we realized this enhancement will introduce an overhead. If a file contains lot of security errors/warnings and we edit those files, then security markers on the editors will be updated. These new line numbers for the security errors/warnings should also be updated in the view which is an overhead. Anyway we are providing line numbers in the exported report. Date Added :2015-07-24 10:48:24.0 Added By:prk Note Added: This is the valid scenario, and we will be adding this as an enhancement. We are providing the line number and column number details for each vulnerability in the exported report. Date Added :2015-07-21 11:35:23.0 Added By: PreRelease User User Name:Raymond Camden Note Added: Entered Bug. Date Added :2015-07-16 11:49:23.0
Comment by CFwatson U.
26487 | March 18, 2016 05:31:46 AM GMT