Skip to content

fix(security): suppress CodeQL insecure-trustmanager alert#117

Merged
saurabhjain1592 merged 1 commit into
mainfrom
fix/security-scan
Mar 25, 2026
Merged

fix(security): suppress CodeQL insecure-trustmanager alert#117
saurabhjain1592 merged 1 commit into
mainfrom
fix/security-scan

Conversation

@saurabhjain1592

Copy link
Copy Markdown
Member

Summary

  • Added CodeQL/LGTM/SonarQube suppression annotations for alert chore: release v1.1.2 #7
  • Trust-all TrustManager already gated behind insecureSkipVerify config
  • Enhanced warning log message

Test plan

The trust-all TrustManager is already gated behind insecureSkipVerify
config flag (opt-in only, never default). Added CodeQL/LGTM/SonarQube
suppression annotations and enhanced warning log message.

Resolves: CodeQL alert #7 (java/insecure-trustmanager)
@saurabhjain1592 saurabhjain1592 merged commit b10e6f8 into main Mar 25, 2026
9 checks passed
@saurabhjain1592 saurabhjain1592 deleted the fix/security-scan branch April 7, 2026 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant