rspec/rules/S2168/java/comments-and-links.adoc

=== on 20 Jul 2015, 07:45:24 Ann Campbell wrote:
Tagged java-top by Ann

=== on 8 Nov 2016, 14:58:08 Tibor Blenessy wrote:
I believe that this rule is actually a subset of https://www.securecoding.cert.org/confluence/display/java/TSM03-J.+Do+not+publish+partially+initialized+objects[TSM03-J]. Do we have a rule targeting that? Do we want to implement both?


This rule can be implemented on semantic level, however it will catch only simple cases of this. To do this properly we need to do full escape analysis and implement equivalent of  https://www.securecoding.cert.org/confluence/display/java/TSM03-J.+Do+not+publish+partially+initialized+objects[TSM03-J]

=== on 8 Nov 2016, 16:56:41 Ann Campbell wrote:
\[~tibor.blenessy] I considered adding that mapping to this rule, but really see it as tangential to the rule as currently described. Let me know if you disagree.

=== on 8 Nov 2016, 18:41:56 Tibor Blenessy wrote:
Code samples are from book  Java Concurrency in Practice and they are available under public domain on this url  \http://jcip.net.s3-website-us-east-1.amazonaws.com/listings.html
Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 20 Jul 2015, 07:45:24 Ann Campbell wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`Tagged java-top by Ann`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 8 Nov 2016, 14:58:08 Tibor Blenessy wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`I believe that this rule is actually a subset of https://www.securecoding.cert.org/confluence/display/java/TSM03-J.+Do+not+publish+partially+initialized+objects[TSM03-J]. Do we have a rule targeting that? Do we want to implement both?`


			`This rule can be implemented on semantic level, however it will catch only simple cases of this. To do this properly we need to do full escape analysis and implement equivalent of https://www.securecoding.cert.org/confluence/display/java/TSM03-J.+Do+not+publish+partially+initialized+objects[TSM03-J]`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 8 Nov 2016, 16:56:41 Ann Campbell wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`\[~tibor.blenessy] I considered adding that mapping to this rule, but really see it as tangential to the rule as currently described. Let me know if you disagree.`

Fix the comment display: rule-id, timestamp, GH visibility, link direction 2021-06-03 09:05:38 +02:00			`=== on 8 Nov 2016, 18:41:56 Tibor Blenessy wrote:`
Export comments and rspec-to-rspec links from jira 2021-06-02 20:44:38 +02:00			`Code samples are from book Java Concurrency in Practice and they are available under public domain on this url \http://jcip.net.s3-website-us-east-1.amazonaws.com/listings.html`