ci: Address some pesky SonarQube false-positive warnings

SonarQube static analysis complains about our use of our
`simd::shuffle`, saying we aren't using a cryptographically strong
random number generator, hilariously confusing the fact that we have
named this operation "shuffle" with the (unrelated!) potential error
of not using a good permutation/shuffle algorithm.

Also there are complaints about using http: instead of https:, but
this isn't a security problem, it's part of the metadata namespacing
for XMP.

I learned that there's a way to put specific exlusions in
sonar-project.properties, so here it is, finally silencing these
warnings.

Signed-off-by: Larry Gritz <lg@larrygritz.com>

Author: lgritz

sonar-project.properties

@@ -25,4 +25,17 @@ sonar.cfamily.build-wrapper-output=/__w/OpenImageIO/OpenImageIO/bw_output
 sonar.cfamily.gcov.reportsPath=_coverage
 sonar.coverage.exclusions=src/iv/**,src/include/OpenImageIO/detail/pugixml/**,src/include/OpenImageIO/detail/fmt/**,src/libOpenImageIO/kissfft.hh
 
+# Exclude false positives
+sonar.issue.ignore.multicriteria=e1,e2
+# Stop stupid Sonar from complaining about SIMD shuffle<>, it thinks it is
+# weak cryptography, but it's fooled simply by the name "shuffle", and we
+# aren't using it for cryptography at all. Sheesh.
+sonar.issue.ignore.multicriteria.e1.ruleKey=cpp:S2245
+sonar.issue.ignore.multicriteria.e1.resourceKey=**/simd.h,**/simd_test.cpp,**/texturesys.cpp
+# Stop stupid Sonar from complaining about using http: instead of https:, but
+# we aren't using it to establish a network connection, it's just a key we
+# must use for namespacing of XMP metadata groups.
+sonar.issue.ignore.multicriteria.e2.ruleKey=cpp:S5332
+sonar.issue.ignore.multicriteria.e2.resourceKey=**/xmp.cpp
+
 sonar.verbose=false

src/libutil/filesystem.cpp

@@ -465,7 +465,7 @@ Filesystem::unique_path(string_view model)
     std::string name;
 #endif
     static const char chrs[] = "0123456789abcdef";
-    static std::mt19937 rg { std::random_device {}() };
+    static std::mt19937 rg { std::random_device {}() };  //NOSONAR
     static std::uniform_int_distribution<size_t> pick(0, 15);
     static std::mutex mutex;
     std::lock_guard<std::mutex> lock(mutex);