diff --git a/detekt-baselines/app.xml b/detekt-baselines/app.xml index 0f5ba452..be37b720 100644 --- a/detekt-baselines/app.xml +++ b/detekt-baselines/app.xml @@ -35,7 +35,6 @@ LongMethod:RepositorySettings.kt$RepositorySettings$override fun provideSettings(builder: PreferenceScreen.Builder) LoopWithTooManyJumpStatements:AutofillMatcher.kt$AutofillMatcher.Companion$for ((key, value) in prefs.all) { if (!key.startsWith(PREFERENCE_PREFIX_MATCHES)) continue // We know that preferences starting with `PREFERENCE_PREFIX_MATCHES` were // created with `putStringSet`. @Suppress("UNCHECKED_CAST") val oldMatches = value as? Set<String> if (oldMatches == null) { logcat(WARN) { "Failed to read matches for $key" } continue } // Delete all matches for file locations that are going to be overwritten, then // transfer matches over to the files at their new locations. val newMatches = oldMatches .asSequence() .minus(deletePathList) .minus(oldNewPathMap.values) .map { match -> val newPath = oldNewPathMap[match] ?: return@map match logcat { "Updating match for $key: $match --> $newPath" } newPath } .toSet() if (newMatches != oldMatches) prefs.edit { putStringSet(key, newMatches) } } LoopWithTooManyJumpStatements:ErrorMessages.kt$ErrorMessages$while (cause.cause != null) { if (cause is GitException) break val nextCause = cause.cause!! if (nextCause is RemoteException) break cause = nextCause } - MagicNumber:AndroidExtensions.kt$26 MagicNumber:Api30AutofillResponseBuilder.kt$Api30AutofillResponseBuilder$30 MagicNumber:AutofillDecryptActivity.kt$AutofillDecryptActivity$26 MagicNumber:AutofillDecryptActivity.kt$AutofillDecryptActivity.Companion$31 @@ -71,15 +70,12 @@ MagicNumber:GitLogAdapter.kt$8 MagicNumber:GitServerConfigActivity.kt$GitServerConfigActivity$500 MagicNumber:LaunchActivity.kt$LaunchActivity$500L - MagicNumber:MiscSettings.kt$MiscSettings$26 MagicNumber:OreoAutofillService.kt$OreoAutofillService$26 MagicNumber:OreoAutofillService.kt$OreoAutofillService$28 MagicNumber:OreoAutofillService.kt$OreoAutofillService$30 MagicNumber:PasswordCreationActivity.kt$PasswordCreationActivity$28 MagicNumber:PasswordExportService.kt$PasswordExportService$1024 MagicNumber:PasswordExportService.kt$PasswordExportService$26 - MagicNumber:PasswordFragment.kt$PasswordFragment.<no name provided>$100 - MagicNumber:PasswordFragment.kt$PasswordFragment.<no name provided>$90f MagicNumber:PasswordGeneratorDialogFragment.kt$PasswordGeneratorDialogFragment$20 MagicNumber:PasswordItemRecyclerAdapter.kt$PasswordItemRecyclerAdapter.PasswordItemViewHolder$0.7f MagicNumber:ProxySelectorActivity.kt$ProxySelectorActivity$29 @@ -89,7 +85,6 @@ MagicNumber:ShortcutHandler.kt$ShortcutHandler$26 MagicNumber:SshKey.kt$SshKey$100_000 MagicNumber:SshKey.kt$SshKey$15 - MagicNumber:SshKey.kt$SshKey$28 MagicNumber:SshKey.kt$SshKey$30 MagicNumber:SshKey.kt$SshKey.Algorithm.Ecdsa$256 MagicNumber:SshKey.kt$SshKey.Algorithm.Ecdsa$28 @@ -132,6 +127,13 @@ TooManyFunctions:SearchableRepositoryViewModel.kt$SearchableRepositoryViewModel : AndroidViewModel TooManyFunctions:SshjConfig.kt$AbstractLogger : Logger TooManyFunctions:SshjConfig.kt$LogcatLoggerFactory$LogcatLogger : AbstractLogger + TopLevelPropertyNaming:AutofillMatcher.kt$private const val PREFERENCES_AUTOFILL_APP_MATCHES = "oreo_autofill_app_matches" + TopLevelPropertyNaming:AutofillMatcher.kt$private const val PREFERENCES_AUTOFILL_WEB_MATCHES = "oreo_autofill_web_matches" + TopLevelPropertyNaming:Extensions.kt$/** The default OpenPGP provider for the app */ const val OPENPGP_PROVIDER = "org.sufficientlysecure.keychain" + TopLevelPropertyNaming:PasswordStore.kt$const val PASSWORD_FRAGMENT_TAG = "PasswordsList" + TopLevelPropertyNaming:SshKey.kt$private const val ANDROIDX_SECURITY_KEYSET_PREF_NAME = "androidx_sshkey_keyset_prefs" + TopLevelPropertyNaming:SshKey.kt$private const val KEYSTORE_ALIAS = "sshkey" + TopLevelPropertyNaming:SshKey.kt$private const val PROVIDER_ANDROID_KEY_STORE = "AndroidKeyStore" UnusedPrivateMember:PasswordStore.kt$PasswordStore$private val directorySelectAction = registerForActivityResult(StartActivityForResult()) { result -> if (result.resultCode == RESULT_OK) { checkLocalRepository() } } UnusedPrivateMember:PasswordStore.kt$PasswordStore$private val storagePermissionRequest = registerForActivityResult(RequestPermission()) { granted -> if (granted) checkLocalRepository() } UseCheckOrError:CredentialFinder.kt$CredentialFinder$throw IllegalStateException("Only SshKey and Password connection mode ask for passwords") diff --git a/detekt-baselines/autofill-parser.xml b/detekt-baselines/autofill-parser.xml index 80d2ae0f..a7726c93 100644 --- a/detekt-baselines/autofill-parser.xml +++ b/detekt-baselines/autofill-parser.xml @@ -24,7 +24,6 @@ MagicNumber:AutofillScenario.kt$AutofillScenario$26 MagicNumber:AutofillScenario.kt$ClassifiedAutofillScenario$26 MagicNumber:AutofillScenario.kt$GenericAutofillScenario$26 - MagicNumber:AutofillStrategy.kt$26 MagicNumber:AutofillStrategyDsl.kt$26 MagicNumber:AutofillStrategyDsl.kt$AutofillRule$26 MagicNumber:AutofillStrategyDsl.kt$AutofillStrategy$26 @@ -34,8 +33,6 @@ MagicNumber:FeatureAndTrustDetection.kt$26 MagicNumber:FeatureAndTrustDetection.kt$28 MagicNumber:FormField.kt$FormField$26 - MagicNumber:FormField.kt$FormField$6 - MagicNumber:FormField.kt$FormField$8 MagicNumber:FormField.kt$FormField.Companion$26 MagicNumber:PublicSuffixListCache.kt$29 MaxLineLength:FeatureAndTrustDetection.kt$/* In order to add a new browser, do the following: 1. Obtain the .apk from a trusted source. For example, download it from the Play Store on your phone and use adb pull to get it onto your computer. We will assume that it is called browser.apk. 2. Run aapt dump badging browser.apk | grep package: | grep -Eo " name='[a-zA-Z0-9_\.]*" | cut -c8- to obtain the package name (actually, the application ID) of the app in the .apk. 3. Run apksigner verify --print-certs browser.apk | grep "#1 certificate SHA-256" | grep -Eo "[a-f0-9]{64}" | tr -d '\n' | xxd -r -p | base64 to calculate the hash of browser.apk's first signing certificate. Note: This will only work if the apk has a single signing certificate. Apps with multiple signers are very rare, so there is probably no need to add them. Refer to computeCertificatesHash to learn how the hash would be computed in this case. 4. Verify the package name and the hash, for example by asking other people to repeat the steps above. 5. Add an entry with the browser apps's package name and the hash to TRUSTED_BROWSER_CERTIFICATE_HASH. 6. Optionally, try adding the browser's package name to BROWSERS_WITH_SAVE_SUPPORT and check whether a save request to Password Store is triggered when you submit a registration form. 7. Optionally, try adding the browser's package name to BROWSERS_WITH_MULTI_ORIGIN_SUPPORT and check whether it correctly distinguishes web origins even if iframes are present on the page. You can use https://fabianhenneke.github.io/Android-Password-Store/ as a test form. */ @@ -48,6 +45,7 @@ ReturnCount:PublicSuffixListData.kt$PublicSuffixListData$private fun findExceptionMatch(labels: List<ByteArray>, wildcardMatch: String?): String? ReturnCount:PublicSuffixListData.kt$PublicSuffixListData$private fun findMatchingRule(domainLabels: List<String>): List<String> TooGenericExceptionCaught:AutofillScenario.kt$AutofillScenario.Companion$e: Throwable + TopLevelPropertyNaming:PublicSuffixListLoader.kt$private const val PUBLIC_SUFFIX_LIST_FILE = "publicsuffixes" UnusedPrivateMember:AutofillStrategy.kt$private inline fun <T> Pair<T, T>.none(predicate: T.() -> Boolean) UnusedPrivateMember:FormField.kt$FormField$// Ignored for now, see excludedByHints private val excludedByAutocompleteHint = htmlAutocomplete == "off" diff --git a/detekt-baselines/format-common.xml b/detekt-baselines/format-common.xml index 42e17ed0..9ff123b7 100644 --- a/detekt-baselines/format-common.xml +++ b/detekt-baselines/format-common.xml @@ -10,7 +10,6 @@ MagicNumber:Otp.kt$Otp$6 MagicNumber:Otp.kt$Otp$8 MagicNumber:PasswordEntry.kt$PasswordEntry$1000 - MagicNumber:PasswordEntry.kt$PasswordEntry$1000L MatchingDeclarationName:Clocks.kt$UserClock : Clock MatchingDeclarationName:TestClocks.kt$TestUserClock : UserClock MaxLineLength:PasswordEntryTest.kt$PasswordEntryTest.Companion$"otpauth://totp/ACME%20Co:john@example.com?secret=HXDMVJECJJWSRB3HWIZR4IFUGFTMXBOZ&issuer=ACME%20Co&algorithm=SHA1&digits=6&period=30" diff --git a/detekt-baselines/ui-compose.xml b/detekt-baselines/ui-compose.xml index 684196b9..c373eea4 100644 --- a/detekt-baselines/ui-compose.xml +++ b/detekt-baselines/ui-compose.xml @@ -1,44 +1,5 @@ - - FunctionNaming:Theme.kt$@Composable public fun APSTheme( useDarkTheme: Boolean = isSystemInDarkTheme(), content: @Composable () -> Unit, ) - MagicNumber:Color.kt$0xFF001e30 - MagicNumber:Color.kt$0xFF001e31 - MagicNumber:Color.kt$0xFF00344e - MagicNumber:Color.kt$0xFF003450 - MagicNumber:Color.kt$0xFF003e5b - MagicNumber:Color.kt$0xFF004b70 - MagicNumber:Color.kt$0xFF004c6f - MagicNumber:Color.kt$0xFF006494 - MagicNumber:Color.kt$0xFF006591 - MagicNumber:Color.kt$0xFF0b1d29 - MagicNumber:Color.kt$0xFF1a1c1e - MagicNumber:Color.kt$0xFF21323e - MagicNumber:Color.kt$0xFF2e3133 - MagicNumber:Color.kt$0xFF384956 - MagicNumber:Color.kt$0xFF410001 - MagicNumber:Color.kt$0xFF41474d - MagicNumber:Color.kt$0xFF4f606e - MagicNumber:Color.kt$0xFF680003 - MagicNumber:Color.kt$0xFF72787e - MagicNumber:Color.kt$0xFF85ceff - MagicNumber:Color.kt$0xFF8aceff - MagicNumber:Color.kt$0xFF8b9197 - MagicNumber:Color.kt$0xFF930006 - MagicNumber:Color.kt$0xFFb7c9d9 - MagicNumber:Color.kt$0xFFba1b1b - MagicNumber:Color.kt$0xFFc1c7ce - MagicNumber:Color.kt$0xFFc7e6ff - MagicNumber:Color.kt$0xFFc8e6ff - MagicNumber:Color.kt$0xFFd3e5f5 - MagicNumber:Color.kt$0xFFdde3ea - MagicNumber:Color.kt$0xFFe1e2e5 - MagicNumber:Color.kt$0xFFf0f0f3 - MagicNumber:Color.kt$0xFFfcfcff - MagicNumber:Color.kt$0xFFffb4a9 - MagicNumber:Color.kt$0xFFffdad4 - MagicNumber:Color.kt$0xFFffffff - MagicNumber:Type.kt$0.25 - +