spring-security/etc/checkstyle/checkstyle-suppressions.xml

<?xml version="1.0"?>
<!DOCTYPE suppressions PUBLIC
		"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"
		"https://checkstyle.org/dtds/suppressions_1_2.dtd">
<suppressions>
	<suppress files=".*" checks="JavadocMethod" />
	<suppress files=".*" checks="JavadocStyle" />
	<suppress files=".*" checks="JavadocTagContinuationIndentation" />
	<suppress files=".*" checks="JavadocType" />
	<suppress files=".*" checks="JavadocVariable" />
	<suppress files=".*" checks="NonEmptyAtclauseDescription" />
	<suppress files=".*" checks="SpringJavadoc" />

	<!-- Ignore third-party code -->
	<suppress files="BCrypt\.java|BCryptTests\.java" checks=".*"/>
	<suppress files="org[\\/]springframework[\\/]security[\\/]core[\\/]ComparableVersion\.java" checks=".*"/>

	<!-- InterfaceIsType rules we can't fix until a major revision due to back compatibility -->
	<suppress files="JwsAlgorithms\.java" checks="InterfaceIsType"/>
	<suppress files="JwtClaimNames\.java" checks="InterfaceIsType"/>
	<suppress files="OAuth2ErrorCodes\.java" checks="InterfaceIsType"/>
	<suppress files="OAuth2ParameterNames\.java" checks="InterfaceIsType"/>
	<suppress files="PkceParameterNames\.java" checks="InterfaceIsType"/>
	<suppress files="IdTokenClaimNames\.java" checks="InterfaceIsType"/>
	<suppress files="OidcScopes\.java" checks="InterfaceIsType"/>
	<suppress files="StandardClaimNames\.java" checks="InterfaceIsType"/>
	<suppress files="OidcParameterNames\.java" checks="InterfaceIsType"/>
	<suppress files="BearerTokenErrorCodes\.java" checks="InterfaceIsType"/>
	<suppress files="OAuth2IntrospectionClaimNames\.java" checks="InterfaceIsType"/>
	<suppress files="Saml2ErrorCodes\.java" checks="InterfaceIsType"/>

	<!-- Method Visibility that we can't reduce -->
	<suppress files="AbstractAclVoterTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="AbstractSecurityWebSocketMessageBrokerConfigurerTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="AnnotationParameterNameDiscovererTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="AnnotationSecurityAspectTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="AuthenticationPrincipalArgumentResolverTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="ELRequestMatcherContext\.java" checks="SpringMethodVisibility"/>
	<suppress files="EnableWebFluxSecurityTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="ExpressionBasedPreInvocationAdviceTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="ExpressionUrlAuthorizationConfigurerTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="Jsr250MethodSecurityMetadataSourceTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="MapBasedMethodSecurityMetadataSourceTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="OAuth2ResourceServerBeanDefinitionParserTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="ObjectIdentityImplTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="ObjectIdentityRetrievalStrategyImplTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="ProtectPointcutPostProcessor\.java" checks="SpringMethodVisibility"/>
	<suppress files="ReactiveMethodSecurityConfigurationTests" checks="SpringMethodVisibility"/>
	<suppress files="WebSocketMessageBrokerConfigTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="WebSecurityConfigurationTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="WithSecurityContextTestExecutionListenerTests\.java" checks="SpringMethodVisibility"/>
	<suppress files="AbstractOAuth2AuthorizationGrantRequestEntityConverter\.java" checks="SpringMethodVisibility"/>
</suppressions>
Add Spring Checkstyle with all checks disabled Introduce checkstyle rules from spring-javaformat, but keep them disabled so that fixes can be introduced one commit at a time. Issue gh-8945 2020-07-24 14:37:53 -04:00			`<?xml version="1.0"?>`
			`<!DOCTYPE suppressions PUBLIC`
			`"-//Checkstyle//DTD SuppressionFilter Configuration 1.2//EN"`
			`"https://checkstyle.org/dtds/suppressions_1_2.dtd">`
			`<suppressions>`
Make all exception classes immutable Update all exception classes so that they are fully immutable and cannot be changed once they have been thrown. Issue gh-8945 2020-07-27 13:01:32 -04:00			`<suppress files=".*" checks="JavadocMethod" />`
			`<suppress files=".*" checks="JavadocStyle" />`
			`<suppress files=".*" checks="JavadocTagContinuationIndentation" />`
			`<suppress files=".*" checks="JavadocType" />`
			`<suppress files=".*" checks="JavadocVariable" />`
Ensure no whitespace before lines Fix a few issues cause by the automatic formatting that meant additional leading whitespace was present. Issue gh-8945 2020-07-27 14:10:07 -04:00			`<suppress files=".*" checks="NonEmptyAtclauseDescription" />`
Remove unnecessary lambda blocks Remove lambda blocks that aren't needed and replace instead with a simple expression. Issue gh-8945 2020-07-29 21:18:00 -04:00			`<suppress files=".*" checks="SpringJavadoc" />`
Suppress third-party code from checkstyle Suppress `BCrypt` and `ComparableVersion` from checkstyle since these source files were developed by a third-party. Issue gh-8945 2020-07-24 16:35:18 -04:00
			`<!-- Ignore third-party code -->`
			`<suppress files="BCrypt\.java\|BCryptTests\.java" checks=".*"/>`
			`<suppress files="org[\\/]springframework[\\/]security[\\/]core[\\/]ComparableVersion\.java" checks=".*"/>`
Ignore existing InterfaceIsType violations Add suppressions for existing `InterfaceIsType` violations. Ideally theses should be classes, but we can't easily change them without breaking binary back compatibility. Issue gh-8945 2020-07-27 01:23:37 -04:00
			`<!-- InterfaceIsType rules we can't fix until a major revision due to back compatibility -->`
			`<suppress files="JwsAlgorithms\.java" checks="InterfaceIsType"/>`
			`<suppress files="JwtClaimNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="OAuth2ErrorCodes\.java" checks="InterfaceIsType"/>`
			`<suppress files="OAuth2ParameterNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="PkceParameterNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="IdTokenClaimNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="OidcScopes\.java" checks="InterfaceIsType"/>`
			`<suppress files="StandardClaimNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="OidcParameterNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="BearerTokenErrorCodes\.java" checks="InterfaceIsType"/>`
			`<suppress files="OAuth2IntrospectionClaimNames\.java" checks="InterfaceIsType"/>`
			`<suppress files="Saml2ErrorCodes\.java" checks="InterfaceIsType"/>`
Reduce method visibility when possible Reduce method visibility for package private classes when possible. In the case of abstract classes that will eventually be made public, the class has been made public and a package-private constructor has been added. Issue gh-8945 2020-07-30 01:05:08 -04:00
			`<!-- Method Visibility that we can't reduce -->`
			`<suppress files="AbstractAclVoterTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="AbstractSecurityWebSocketMessageBrokerConfigurerTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="AnnotationParameterNameDiscovererTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="AnnotationSecurityAspectTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="AuthenticationPrincipalArgumentResolverTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ELRequestMatcherContext\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="EnableWebFluxSecurityTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ExpressionBasedPreInvocationAdviceTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ExpressionUrlAuthorizationConfigurerTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="Jsr250MethodSecurityMetadataSourceTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="MapBasedMethodSecurityMetadataSourceTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="OAuth2ResourceServerBeanDefinitionParserTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ObjectIdentityImplTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ObjectIdentityRetrievalStrategyImplTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ProtectPointcutPostProcessor\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="ReactiveMethodSecurityConfigurationTests" checks="SpringMethodVisibility"/>`
			`<suppress files="WebSocketMessageBrokerConfigTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="WebSecurityConfigurationTests\.java" checks="SpringMethodVisibility"/>`
			`<suppress files="WithSecurityContextTestExecutionListenerTests\.java" checks="SpringMethodVisibility"/>`
Add Jwt Client Authentication support Closes gh-8175 2020-11-16 19:56:45 -05:00			`<suppress files="AbstractOAuth2AuthorizationGrantRequestEntityConverter\.java" checks="SpringMethodVisibility"/>`
Add Spring Checkstyle with all checks disabled Introduce checkstyle rules from spring-javaformat, but keep them disabled so that fixes can be introduced one commit at a time. Issue gh-8945 2020-07-24 14:37:53 -04:00			`</suppressions>`